An implementation of an offline dictionary attack against the EAP-MD5 protocol. This utility can be used to audit passwords used for EAP-MD5 networks from wireless packet captures, or by manually specifying the challenge, response and associated authentication information.
News
Feb 18 2008
Demonstrated eapmd5pass at Shmoocon 4 in the session “PEAP: Pwned Extensible Authentication Protocol”. Available in the download section below, hit me up with any questions.
Screenshots
Download
eapmd5pass 1.4
Linux source (27K, MD5:b7e1d44395c068140d9243f0f4408e04)
README