Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 30 Oct 2012 18:43:43 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Cracking PPTP MSCHAPv2 with JtR

On 24 Oct, 2012, at 6:22 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:

> On Wed, Oct 24, 2012 at 12:55 AM, magnum <john.magnum@...hmail.com> wrote:
>> On 23 Oct, 2012, at 17:29 , Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>>> pptp_fmt_plug.c (attached) is quite similar to MSCHAPv2_fmt_plug.c. It
>>> is a separate plug-in since I didn't want to complicate existing code
>>> (it is already complex enough!).
>>> 
>>> It supports both hash formats which are produced by Ettercap (after it
>>> is patched).
>> 
>> I thought the existing format was used for pptp. What is different? And when is the existing format used?
> 
> You are right. I just realized that existing MSCHAPv2_fmt_plug.c can
> be used for what I was trying to do. There is no need for new
> pptp_fmt_plug.c format.
> 
> I will patch Ettercap to output hashes in MSCHAPv2_fmt_plug.c compatible format.

Here's BTW an interesting article about MSCHAPv2. I do not think we can use it in JtR though - it's about cracking the intermediate DES keys. The security of MSCHAPv2 is effectively just a single DES operation:

https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ