An implementation of an offline dictionary attack against the EAP-MD5 protocol. This utility can be used to audit passwords used for EAP-MD5 networks from wireless packet captures, or by manually specifying the challenge, response and associated authentication information.
Feb 18 2008
Demonstrated eapmd5pass at Shmoocon 4 in the session “PEAP: Pwned Extensible Authentication Protocol”. Available in the download section below, hit me up with any questions.