Giter Club home page Giter Club logo

mschapv2acc's Introduction

Build Status

mschapv2acc

MS-CHAP-V2 SHOULD NOT be used...

What?

mschapv2acc is a proof of concept of MS-CHAP-V2 auditing/cracking tool.

It uses old know vulnerability and fast implementation of cryptographic algorithm. The main goal is to show the need to change for other stronger protocol.

So?

Just see...

Standard mode

std mode img

Improved mode

improved mode img

Install

  • You need a processor with SSE2 support.
  • This tool can be compiled with gcc for Linux / Mac OS X.

Just extract the archive:

~$ tar xfvz mschapv2acc-x.y.z.tar.gz
~$ cd mschapv2acc-x.y.z

Or clone with git:

~$ git clone https://github.com/polkaned/mschapv2acc
~$ cd mschapv2acc

Or checkout with subversion:

~$ svn checkout --depth empty https://github.com/polkaned/mschapv2acc
~$ cd mschapv2acc

And execute 'make':

~$ make

Features (or not)

  • 2 main modes : Brute Force mode and Dictionary mode.
  • To change the charset for the Brute Force mode, modify nbc and caract values in 'mschapv2acc.c' file in source code.

Exemples of uses

  • Brute force mode
~$ ./mschapv2acc file_auth
  • Brute force mode with challenge's cryptanalysis enabled
~$ ./mschapv2acc -x file_auth
  • Brute force mode with SSE2 enabled
~$ ./mschapv2acc -s file_auth
  • Brute force mode with challenge's cryptanalysis and SSE2 enabled
~$ ./mschapv2acc -x -s file_auth
  • Dictionary mode
~$ ./mschapv2acc -w dico.txt file_auth
  • Dictionary mode with challenge's cryptanalysis enabled
~$ ./mschapv2acc -x -w dico.txt file_auth

All the options are listed on the help message printed when you run mschapv2acc with no parameter.

About file_auth

file_auth is a binary dump file containing required MS-CHAP-V2 data.

This file is build as follow:

1 *int = user name length
user_name_lenght *char = user name
16 *unsigned char = auth challenge
16 *unsigned char = peer challenge
8 *unsigned char = challenge
24 *unsigned char = response

To get the file_auth:

  • use my patch mschapCap4FR1.1.2.patch with this old freeradius version. It puts the mschapv2acc file_auth in /tmp directory.
  • use wpe2acc (included with mschapv2acc) for converting the FreeRADIUS Wireless Pwnage Edition hex representation of MS-CHAP-V2 information to mschapv2acc file_auth.
  • use accgen.rb for converting John the Ripper input password file to mschapv2acc file_auth. Seems to be write for this tool: Peap-Karma (relative post)

Related stuff

Paper

MS-CHAP-v2 et 802.11i, le mariage risqué ? MISC 39

mschapv2acc's People

Contributors

polkaned avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.