RES: PPPOE password sniffing
- From: "Cleverson de Freitas Ferla" <ferla@xxxxxxxxxxxxxxx>
- Date: Mon, 29 Jan 2007 16:16:19 -0300
-----Mensagem original-----
De: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] Em
nome de alexpheno@xxxxxxxxx
Enviada em: sábado, 27 de janeiro de 2007 18:43
Para: pen-test@xxxxxxxxxxxxxxxxx
Assunto: Re: PPPOE password sniffing
If you're using PAP as an authentication scheme you must look into the
packets that follow the PPPOE session, after you've found a PPPOE
access concentrator a PPP session is established. You must look for a
packet that is sent by the authenticating terminal (in this case your
computer) to the concentrator. Try to do a wireshark capture and
apply this filter rule "pap and eth.src==XX:XX:XX:XX:XX:XX", and
replace the x part with the terminal's mac address. If a frame matches
the filter it should contain the user and password in the payload.
Check out RFC1334 for more info.
--
Alex Nedelcu
CCNA, SNRS, CSVPN
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
------------------------------------------------------------------------
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- References:
- Re: PPPOE password sniffing
- From: alexpheno
- Re: PPPOE password sniffing
- Prev by Date: [New Tool] ADN: win32 Active Directory Navigator
- Next by Date: Re: Password cracker required
- Previous by thread: Re: PPPOE password sniffing
- Next by thread: Novell Password Cracking Issue
- Index(es):
Relevant Pages
|
|
