Re: Decrypting PPTP network traffic
- From: Paul Melson <pmelson@xxxxxxxxx>
- Date: Fri, 19 Mar 2010 07:42:19 -0400
On Thu, Mar 18, 2010 at 6:51 PM, Alexander Perchov
<alexperchov1969@xxxxxxxxxxxxxx> wrote:
What I'm looking for is tools or ways to decrypt the network traffic
when you have the NT hash / password. Hope that clears it up.
I'm not aware of any public domain tools that can convert pcap ->
plaintext for PPTP tunnels. As I understand it, key derivation is the
challenge (pardon the pun) to getting the plaintext. Also, because
RC4 is used, completeness of your packet capture and reassembly is a
factor in decrypting the PPP packets within the stream.
But this is just my layman's understanding of it. I've not done this,
nor have I needed to. Typically, recovering credentials for a remote
VPN connection is more than sufficient for a properly scoped
penetration test.
PaulM
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- References:
- Decrypting PPTP network traffic
- From: Alexander Perchov
- RE: Decrypting PPTP network traffic
- From: Paul Melson
- Re: Decrypting PPTP network traffic
- From: Alexander Perchov
- Decrypting PPTP network traffic
- Prev by Date: Re: Professional Scrpt Kiddies vs Real Talent
- Next by Date: Hijacking Safebrowsing Blackberries
- Previous by thread: Re: Decrypting PPTP network traffic
- Next by thread: Re: Decrypting PPTP network traffic
- Index(es):
Relevant Pages
|
