Re: Decrypting PPTP network traffic



On Thu, Mar 18, 2010 at 6:51 PM, Alexander Perchov
<alexperchov1969@xxxxxxxxxxxxxx> wrote:
What I'm looking for is tools or ways to decrypt the network traffic
when you have the NT hash / password. Hope that clears it up.

I'm not aware of any public domain tools that can convert pcap ->
plaintext for PPTP tunnels. As I understand it, key derivation is the
challenge (pardon the pun) to getting the plaintext. Also, because
RC4 is used, completeness of your packet capture and reassembly is a
factor in decrypting the PPP packets within the stream.

But this is just my layman's understanding of it. I've not done this,
nor have I needed to. Typically, recovering credentials for a remote
VPN connection is more than sufficient for a properly scoped
penetration test.

PaulM

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------