Re: PPP authentication brute-force attack?

Hello Matheus,

Sandstrom Enterprise's PhoneSweep is a tool for performing Brute force
attack against a PPP authentication server.

More Information: http://www.sandstorm.net/products/phonesweep/
PhoneSweep FAQ: http://www.sandstorm.net/products/phonesweep/generalfaq.php

---
NIKHIL WAGHOLIKAR
Information Security Analyst
NII Consulting
Web: http://www.niiconsulting.com/
Security Products: http://www.niiconsulting.com/products.html


On 2/11/08, Matheus Michels <matheusf_michels@xxxxxxxxxxx> wrote:

Does anybody know a tool to perform brute force or dictionary attacks against a PPP (PAP and/or CHAP) authentication server? Yes, I'm very familiar with Hydra, but neither it nor Medusa have support for PPP.

I know that such a tool would actually call pppd to perform the attack. So, I even tried to write a shell script to read passwords from a file and call pppd for each one, but as I'm a very bad programmer I could not make nothing useful :(

In my case, I'm trying to audit an PPPoE PAP server.

_________________________________________________________________
Connect and share in new ways with Windows Live.
http://www.windowslive.com/share.html?ocid=TXT_TAGHM_Wave2_sharelife_012008
------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Relevant Pages

  • Re: Strong Passwords & Password Cracking (Final Version?)
    ... >> I would have to disagree with a number of your assumptions. ... >> or uses a common name. ... Strong passwords basically forces a brute force ... >> attack. ...
    (comp.security.misc)
  • Re: More on RC4/n
    ... >unreasonably long streams of RC4/5 in a couple hours and long streams ... >extending a current guess (gather.c was used to gather statistics on ... >2^^121 value guesses that standard brute force would require. ... >I don't know if this attack could be extended to RC4/6. ...
    (sci.crypt)
  • Re: Hacked Passwords
    ... But Windows authentication is quite venerable by now, and it's hard for me to imagine a new kind of attack against them. ... The main attack against Windows authentication isn't an exploit of any flaw in the cryptographic algorithm, but simple brute force guessing, comparison and retrying. ... take a significant amount of time to brute force crack [as long as they are not split into smaller 7-character LM Hash segments], and I believe it's prohibitively difficult for pre-compiled hash tables to scale up that high. ...
    (microsoft.public.security)
  • Re: Creating a Password
    ... >> 1) A dictionary attack tries every word, number, or combination of such ... > Brute force is guessing, ie a webbased email account. ... Commonly used passphrases. ...
    (alt.computer.security)
  • Re: Creating a Password
    ... >> 1) A dictionary attack tries every word, number, or combination of such ... > Brute force is guessing, ie a webbased email account. ... Commonly used passphrases. ...
    (microsoft.public.security)