RE: Cisco LEAP

• Previous message: Jimi Thompson: "RE: Wireless Audit Cost"
• Maybe in reply to: Rob Shein: "RE: Cisco LEAP"
• Next in thread: johnadams: "Re: Cisco LEAP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: 'No Man' <noman4222@yahoo.com>, pen-test@securityfocus.com
Date: Mon, 3 Nov 2003 14:29:30 +0100 

Hi,
This vulnerability was reported to Cisco by "Joshua Wrigth":
- http://www.netstumbler.com/article.php?sid=731

- Article: http://home.jwu.edu/jwright/presentations/asleap-defcon.pdf

Probably he can provide you some numbers, the ones used in his demos.

Joshua vs Cisco:
- Joshua: http://cert.uni-stuttgart.de/archive/bugtraq/2003/10/msg00076.html
- Cisco response:
http://cert.uni-stuttgart.de/archive/bugtraq/2003/10/msg00108.html

I hope this helps.
Raśl Siles

-----Original Message-----
From: No Man [mailto:noman4222@yahoo.com]
Sent: viernes, 31 de octubre de 2003 17:12
To: pen-test@securityfocus.com
Subject: Cisco LEAP

I'm sure everyone is aware of the recent discussion
regarding LEAP and it's suceptiblity to dictionary
attacks. As I understand it, it is basically the
MS-CHAP problem: the 16 byte RC4 hash is padded with 5
nulls, split into three 7 byte chunks, then each chunk
is encrypted with DES. The last chunk, since you know
it has 5 nulls, is pretty easy to get That gives you
the last two bytes of the hash, which you then compare
for matches with the last two bytes in a precompiled
dictionary of hashes.

What about using a very large dictionary of all
possible combinations for a given password length to,
in effect, "brute force" it?

Take for example a 6 character password made of
lowercase letters and numbers. 36^6 works out to about
2.2 billion possibilities. Your dictionary or 2.2B rc4
hashes would take up roughly 40GB. I guess the plain
text that the hash was calculated from would be in
there too, so it would be a little larger, but suffice
it to say that it would fit on a fairly typical hard
drive.

So, I'm wondering several things. Consider typical
newer Intel hardware.

1) what would it take time-wise to create the
dictionary?

2) how long would it take to cycle through 40 gigs of
hashes to find the matches?

3) how many matches on the last two bytes of the hash
are there likely to be?

Thanks in advance for any help in deciding how big of
an issue this really is!

Michael

__________________________________
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/

---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security at
the largest, most highly-anticipated industry event of the year. Don't miss
RSA Conference 2004! Choose from over 200 class sessions and see demos from
more than 250 industry vendors. If your job touches security, you need to be
here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_pen-test_031023
and use priority code SF4.
----------------------------------------------------------------------------

• Previous message: Jimi Thompson: "RE: Wireless Audit Cost"
• Maybe in reply to: Rob Shein: "RE: Cisco LEAP"
• Next in thread: johnadams: "Re: Cisco LEAP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]