No description, website, or topics provided.
Branch: master
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
chapcrack Another workaround for a dpkt parsing bug. Sep 22, 2012
debian Add debian/ helper files to build .deb package Jul 30, 2012
tests Added support for in-line K3 cracking. Jul 7, 2012
.gitignore Initial Commit Jun 5, 2012 typo Aug 17, 2012 Added 'radius' command. Aug 15, 2012 Added decrypt capability. Jun 10, 2012 Fix Jul 30, 2012


A tool for parsing and decrypting MS-CHAPv2 network handshakes.

  1. The first thing you'll need to do is obtain the network traffic for the MS-CHAPv2 handshake you'd like to crack.

    For PPTP VPN connections, simply use a tool such as tcpdump or wireshark in order to obtain a network capture. For WPA2 Enterprise wireless handshakes, simply use a tool like FreeRADIUS-WPE in order to obtain 'challenge' and 'response' parameters.

  2. Next you'll use chapcrack in order to parse and extract the MS-CHAPv2 handshake from your packet capture or FreeRADIUS interception.

    1. For a PPTP handshake, run: parse -i /path/to/capture.cap
    2. For a WPA2 handshake, run radius -C <challenge> -R <response>, where challenge and response are what you intercepted with FreeRADIUS-WPE
  3. Submit the CloudCracker token chapcrack gives you to

  4. When you get your results, you can decrypt a PPTP packet capture: decrypt -i </path/to/capture.cap> -o output.cap -n <result>

Bug tracker

Have a bug? Please create an issue here on GitHub!


Copyright 2012 Moxie Marlinspike

Licensed under the GPLv3: