asleap - exploiting cisco leap

news

As in "asleap behind the wheel". Joshua Wright <jwright@hasborg.com>

“Within months, some "helpful" person invested their time into generating a cracker tool. Publicizing the threat was a service to everyone, but I leave it as an exercise for readers to determine what satisfaction is obtained by the authors of tools that turn threat into reality and lay waste to millions of dollars of investments.”

"Real 802.11 Security", William Arbaugh and Jon Edney

Laying waste to millions of networks since epoch();

screenshotS

May 28 2008

The good folks at the Backtrack project pointed out that the Asleap source would not build on some Linux platforms due to an oversight on my part in an include file.  Sorry for the trouble, I've posted a new 2.2 version below that fixes this problem.

July 13 2007

Jay Beale (yes, that Jay Beale) got in touch with me and asked if Asleap could be used as a generic MS-CHAPv2 cracking tool.  The result is Asleap 2.1, which includes the “-C” and “-R” options to specify the hex-delimited bytes for the challenge and the response (respectively).  Using this option, Asleap becomes a generic MS-CHAPv2 cracking tool, and can be applied anytime you have a MS-CHAPv2 packet capture available.

Available in the download section, below.  -Josh

download