Wubi Posted August 1, 2012 Report Posted August 1, 2012 chapcrack tool for parsing and decrypting MS-CHAPv2 network handshakes. In order to use it, a packet with an MS-CHAPv2 network handshake must be obtained. The tool is used to parse relevant credentials from the handshake.The hash is inserted into chapcrack, and the entire network capture us decrypted. Alternatively, it can be used to login to the user’s VPN service or WPA2 Enterprise radius server.Moxie Marlinspike, the mind behind the Convergence SSL authenticity system, has presented at Defcon a tool that allows attackers to crack the MS-CHAPv2 authentication protocol, which is still used in many PPTP (Point-to-Point Tunneling Protocol) VPNs and WPA2 Enterprise environments.Four simple step to follow for using chapcrackObtain a packet capture with an MS-CHAPv2 network handshake in it (PPTP VPN or WPA2 Enterprise handshake, for instance).Use chapcrack to parse relevant credentials from the handshake (chapcrack parse -i path/to/capture.cap).Submit the CloudCracker token to www.cloudcracker.comGet your results, and decrypt the packet capture (chapcrack decrypt -i path/to/capture.cap -o output.cap -n )Download chapcrack:chapcrack – chapcrack.pySursa: chapcrack a Tool for cracking MS-CHAPv2 — PenTestIT Quote
