AsLeap

Description

AsLeap is a demonstrates a serious deficiency in proprietary Cisco LEAP networks. Since LEAP uses a variant of MS-CHAPv2 for the authentication exchange, it is susceptible to accelerated offline dictionary attacks. Asleap can also attack the Point-to-Point Tunneling Protocol (PPTP), and any MS-CHAPv2 exchange where you can specify the challenge and response values on the command line.

Usage

Syntax

asleap [options]

Options

    -r  Read from a libpcap file
    -i  Interface to capture on
    -f  Dictionary file with NT hashes
    -n  Index file for NT hashes
    -s  Skip the check to make sure authentication was successful
    -h  Output this help information and exit
    -v  Print verbose information (more -v for more verbosity)
    -V  Print program version and exit
    -C  Challenge value in colon-delimited bytes
    -R  Response value in colon-delimited bytes
    -W  ASCII dictionary file (special purpose)

Example

cyborg@cyborg:~$ asleap -r packets.dump
asleap 2.2 - actively recover LEAP/PPTP passwords. <[email protected]>
Using the passive attack method.

Captured LEAP exchange information:
     username:     cybleap
     challenge:     d9b6a14378985feb
     response:      5540fd69295648c3db33e2217dbd3d0157f3a8f2c2ee1603
     hash bytes:   6fd3
0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?