{"id":41,"date":"2009-04-15T20:00:34","date_gmt":"2009-04-16T00:00:34","guid":{"rendered":"http:\/\/www.willhackforsushi.com\/blog\/?page_id=41"},"modified":"2009-04-15T20:10:47","modified_gmt":"2009-04-16T00:10:47","slug":"asleap","status":"publish","type":"page","link":"https:\/\/www.willhackforsushi.com\/?page_id=41","title":{"rendered":"Asleap"},"content":{"rendered":"

Demonstrates a serious deficiency in proprietary Cisco LEAP networks. Since LEAP uses a variant of MS-CHAPv2 for the authentication exchange, it is susceptible to accelerated offline dictionary attacks. Asleap can also attack the Point-to-Point Tunneling Protocol (PPTP), and any MS-CHAPv2 exchange where you can specify the challenge and response values on the command line.<\/p>\n\n

News<\/h2>\n

May 28 2008<\/p>\n

The good folks at the Backtrack project<\/a> pointed out that the Asleap source would not build on some Linux platforms due to an oversight on my part in an include file. Sorry for the trouble, I’ve posted a new 2.2 version below that fixes this problem.<\/p>\n

July 13 2007<\/p>\n

Jay Beale (yes, that Jay Beale<\/a>) got in touch with me and asked if Asleap could be used as a generic MS-CHAPv2 cracking tool. The result is Asleap 2.1, which includes the \u201c-C\u201d and \u201c-R\u201d options to specify the hex-delimited bytes for the challenge and the response (respectively). Using this option, Asleap becomes a generic MS-CHAPv2 cracking tool, and can be applied anytime you have a MS-CHAPv2 packet capture available.<\/p>\n

Available in the download section, below. -Josh<\/p>\n\n

Screenshots<\/h2>\n

\"asleap1\"<\/p>\n

\"asleap21\"<\/p>\n\n

Download<\/h2>\n

Asleap 2.2<\/strong>
\nLinux source<\/a> (110K, MD5: a1d06729fb2addcc5b09bfc14f9b3173)
\nREADME<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Demonstrates a serious deficiency in proprietary Cisco LEAP networks. Since LEAP uses a variant of MS-CHAPv2 for the authentication exchange, it is susceptible to accelerated offline dictionary attacks. Asleap can also attack the Point-to-Point Tunneling Protocol (PPTP), and any MS-CHAPv2 … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":17,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-41","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.willhackforsushi.com\/index.php?rest_route=\/wp\/v2\/pages\/41","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.willhackforsushi.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.willhackforsushi.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.willhackforsushi.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.willhackforsushi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=41"}],"version-history":[{"count":5,"href":"https:\/\/www.willhackforsushi.com\/index.php?rest_route=\/wp\/v2\/pages\/41\/revisions"}],"predecessor-version":[{"id":49,"href":"https:\/\/www.willhackforsushi.com\/index.php?rest_route=\/wp\/v2\/pages\/41\/revisions\/49"}],"up":[{"embeddable":true,"href":"https:\/\/www.willhackforsushi.com\/index.php?rest_route=\/wp\/v2\/pages\/17"}],"wp:attachment":[{"href":"https:\/\/www.willhackforsushi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=41"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}