Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PPPOE password sniffing

From: alexpheno () gmail com
Date: 27 Jan 2007 21:42:52 -0000
If you're using PAP as an authentication scheme you must look into the
packets that follow the PPPOE session, after you've found a PPPOE
access concentrator a PPP session is established. You must look for a
packet that is sent by the authenticating terminal (in this case your
computer)  to the concentrator. Try to do a wireshark capture and
apply this filter rule "pap and eth.src==XX:XX:XX:XX:XX:XX", and
replace the x part with the terminal's mac address. If a frame matches
the filter it should contain the user and password in the payload.

Check out RFC1334 for more info.
--
Alex Nedelcu
CCNA, SNRS, CSVPN

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: