Penetration Testing mailing list archives
Re: Decrypting PPTP network traffic
From: Alexander Perchov <alexperchov1969 () googlemail com>
Date: Thu, 18 Mar 2010 23:51:29 +0100
Paul, I am aware of tools like asleap and cain and abel that do password cracking for MS-CHAP, as I tried to explain in my previous post. What I'm looking for is tools or ways to decrypt the network traffic when you have the NT hash / password. Hope that clears it up. Alex On Thu, Mar 18, 2010 at 5:39 PM, Paul Melson <pmelson () gmail com> wrote:
Most tools (and there isn't an awful lot of them anyway!) focus onbreaking MS-CHAP(v1|v2). This seems to be an area where some significant papers werepublishedback in the days, but very few tools were actually implemented andpublished openly! If you have packet captures of a tunnel initiation, the username is in clear text and you can use asleap (http://www.willhackforsushi.com/?page_id=41) to crack the CHAP challenge/response. PaulM
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Decrypting PPTP network traffic Alexander Perchov (Mar 17)
- RE: Decrypting PPTP network traffic Paul Melson (Mar 18)
- Re: Decrypting PPTP network traffic Alexander Perchov (Mar 23)
- Re: Decrypting PPTP network traffic Paul Melson (Mar 23)
- Message not available
- Re: Decrypting PPTP network traffic Alexander Perchov (Mar 23)
- Re: Decrypting PPTP network traffic Alexander Perchov (Mar 23)
- RE: Decrypting PPTP network traffic Paul Melson (Mar 18)
- <Possible follow-ups>
- Re: Decrypting PPTP network traffic Vivek P Nair (Mar 23)