Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 30 Oct 2012 18:43:43 +0100
From: magnum <>
Subject: Re: Cracking PPTP MSCHAPv2 with JtR

On 24 Oct, 2012, at 6:22 , Dhiru Kholia <> wrote:

> On Wed, Oct 24, 2012 at 12:55 AM, magnum <> wrote:
>> On 23 Oct, 2012, at 17:29 , Dhiru Kholia <> wrote:
>>> pptp_fmt_plug.c (attached) is quite similar to MSCHAPv2_fmt_plug.c. It
>>> is a separate plug-in since I didn't want to complicate existing code
>>> (it is already complex enough!).
>>> It supports both hash formats which are produced by Ettercap (after it
>>> is patched).
>> I thought the existing format was used for pptp. What is different? And when is the existing format used?
> You are right. I just realized that existing MSCHAPv2_fmt_plug.c can
> be used for what I was trying to do. There is no need for new
> pptp_fmt_plug.c format.
> I will patch Ettercap to output hashes in MSCHAPv2_fmt_plug.c compatible format.

Here's BTW an interesting article about MSCHAPv2. I do not think we can use it in JtR though - it's about cracking the intermediate DES keys. The security of MSCHAPv2 is effectively just a single DES operation:


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.