Re: PPP authentication brute-force attack?

From: LordDoskias <lorddoskias@xxxxxxxxx>
Date: Tue, 12 Feb 2008 16:29:27 +0200

Matheus Michels wrote:

PAP basically is plain text. Why don't you just sniff the passwords off the wire?

Is just this what I originally wanted to do, using Wireshark. But, for some reason, it doesn't capture PAP packets other than those sent by my machine. All other protocols are captured OK. I've posted a question about this in the Wireshark mailing list, but no replies. I'm in a wireless LAN, so this puzzles me.
_________________________________________________________________
Shed those extra pounds with MSN and The Biggest Loser!
http://biggestloser.msn.com/

You have to put your wireless card in "monitoring" mode and then you can sniff packets coming from other peers of the WLAN. I think there was something on the topic at aircrack-ng's wiki. Check this link:
http://www.aircrack-ng.org/doku.php?id=faq
paste from above link:
"Under Linux, simply setup the card in monitor mode with the airmon-ng <http://www.aircrack-ng.org/doku.php?id=airmon-ng> script. Under Windows, Wireshark can capture 802.11 packets using AirPcap <http://www.cacetech.com/products/airpcap.htm>. Except in very rare cases, Ethereal cannot capture 802.11 packets under Windows."

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Follow-Ups:
- RE: PPP authentication brute-force attack?
  - From: Matheus Michels

References:
- PPP authentication brute-force attack?
  - From: Matheus Michels
- RE: PPP authentication brute-force attack?
  - From: Matheus Michels

Prev by Date: Re: Security/Pen-testing Courses?
Next by Date: RE: Security/Pen-testing Courses?
Previous by thread: RE: PPP authentication brute-force attack?
Next by thread: RE: PPP authentication brute-force attack?
Index(es):
- Date
- Thread

Relevant Pages

Re: Intruder in my wireless network? / intrusion detection programs
... disable promiscuous and monitor modes on most wireless cards. ... monitoring with various SNMP based tools. ... WEP and WPA crackers generate thousands of DEAUTH packets ...
(alt.internet.wireless)
Re: Intruder in my wireless network? / intrusion detection programs
... disable promiscuous and monitor modes on most wireless cards. ... monitoring with various SNMP based tools. ... WEP and WPA crackers generate thousands of DEAUTH packets ...
(alt.internet.wireless)
Re: Wireshark - post-processing capture files.
... Monitoring is less needed due to peer monitoring by fellow employees. ... then there shouldn't be an Internet connection. ... of the format of the packets. ... bytes) (Status: STANDARD) ...
(comp.os.linux.security)
Re: Penalising downloaders
... to do your monitoring based on what is *in* the packets whizzing round ... Instead copyright holders or their agents will do the monitoring. ... They join P2P groups, try to download copyright material, identify the IP addresses of people offering to share this material, and report the offenders to the ISP for action. ... In any case, government organisations are often their own ISPs, so there will be nobody to disconnect them. ...
(uk.legal)
Re: Wireshark - post-processing capture files.
... Monitoring is covered in there. ... is for business use only - there is a separate Internet network that is ... User agreement is required for that LAN, ... Wireshark (I actually use LBL 'tcpdump' to capture the entire packets) ...
(comp.os.linux.security)