chapcrack.py does not work - not even with demo file #4

Closed
ju916 opened this Issue Aug 2, 2012 · 9 comments

4 participants

@ju916

./chapcrack.py parse -i tests/pptp.cap

Got completed handshake [192.168.43.114 --> 198.252.153.26]
Cracking K3....Process PoolWorker-1:
Traceback (most recent call last):
File "/usr/lib/python2.6/multiprocessing/process.py", line 232, in _bootstrap
Process PoolWorker-2:
Traceback (most recent call last):
Process PoolWorker-3:
File "/usr/lib/python2.6/multiprocessing/process.py", line 232, in _bootstrap
Traceback (most recent call last):
File "/usr/lib/python2.6/multiprocessing/process.py", line 232, in _bootstrap
Process PoolWorker-4:
Traceback (most recent call last):
File "/usr/lib/python2.6/multiprocessing/process.py", line 232, in _bootstrap
self.run()
File "/usr/lib/python2.6/multiprocessing/process.py", line 88, in run
self.run()
self._target(self._args, *self._kwargs)
File "/usr/lib/python2.6/multiprocessing/process.py", line 88, in run
self.run()
File "/usr/lib/python2.6/multiprocessing/pool.py", line 57, in worker
File "/usr/lib/python2.6/multiprocessing/process.py", line 88, in run
self._target(self._args, *self._kwargs)
File "/usr/lib/python2.6/multiprocessing/pool.py", line 57, in worker
self._target(self._args, *self._kwargs)
File "/usr/lib/python2.6/multiprocessing/pool.py", line 57, in worker
self.run()
File "/usr/lib/python2.6/multiprocessing/process.py", line 88, in run
self._target(self._args, *self._kwargs)
File "/usr/lib/python2.6/multiprocessing/pool.py", line 57, in worker
task = get()
task = get()
File "/usr/lib/python2.6/multiprocessing/queues.py", line 352, in get
File "/usr/lib/python2.6/multiprocessing/queues.py", line 352, in get
task = get()
File "/usr/lib/python2.6/multiprocessing/queues.py", line 352, in get
task = get()
File "/usr/lib/python2.6/multiprocessing/queues.py", line 352, in get
return recv()
return recv()
TypeError: type 'partial' takes at least one argument
return recv()
TypeError: type 'partial' takes at least one argument
TypeError: type 'partial' takes at least one argument
return recv()
TypeError: type 'partial' takes at least one argument

There it hangs forever (with 4 defunct processes). Have to kill it hard (-9).
System Ubuntu 10.4 LTS, same result on BackTrack 5.

With my own packet capture, chapcrak silently dies:

$ tcpdump -n -r my-pptp-chap.cap
reading from file my-pptp-chap.cap, link-type EN10MB (Ethernet)
07:57:02.897472 IP 193.99.XX.XX > 192.168.69.169: GREv1, call 45515, seq 5, ack 4, length 60: CHAP, Challenge (0x01), id 111, Value e5df9ef0bc3874d55af439fa00e220a2, Name pptphost01.heise.de
07:57:02.974976 IP 192.168.69.169 > 193.99.XX.XX: GREv1, call 39936, seq 6, ack 6, length 80: CHAP, Response (0x02), id 111, Value d4528...01fe00, Name jutest
07:57:02.998301 IP 193.99.XX.XX > 192.168.69.169: GREv1, call 45515, seq 7, ack 6, length 83: CHAP, Success (0x03), id 111, Msg S=6E9...406 M=Access granted
$ ./chapcrack.py parse -i ./my-pptp-chap.cap
$

I created this capture with arpspoofing my iPhone in my WIFI network. If you want it, I can supply the pcap file.

bye, ju

@moxie0
Owner

Looks like a python version problem. What version of python are you running there?

@ju916

$ python --version
Python 2.6.5

(on Ubuntu 10.4 LTS as well as BackTrack 5)
Which version is supposed to work?

@forced-request

ju916, have you made any progress with the issue? I'm also running into the same issue with the same version of python.

root@bt:~# chapcrack parse -i Desktop/moxie0-chapcrack-b2f5cf8/tests/pptp.cap 
Got completed handshake [192.168.43.114 --> 198.252.153.26]
Cracking K3....Process PoolWorker-1:
Traceback (most recent call last):
  File "/usr/lib/python2.6/multiprocessing/process.py", line 232, in _bootstrap
    self.run()
  File "/usr/lib/python2.6/multiprocessing/process.py", line 88, in run
    self._target(*self._args, **self._kwargs)
  File "/usr/lib/python2.6/multiprocessing/pool.py", line 57, in worker
    task = get()
  File "/usr/lib/python2.6/multiprocessing/queues.py", line 352, in get
    return recv()
TypeError: type 'partial' takes at least one argument
@brad-anton

Yup - definitely a python version issue - workaround is detailed here: http://techguyinmidtown.com/2009/01/23/hack-for-functoolspartial-and-multiprocessing/ - issue detailed here - http://bugs.python.org/issue5228 - fix is included in 2.7

@moxie0
Owner

Thanks @brad-anton. Seems like we should either a) check the python version on execute and notify the user or b) we could also potentially remove the multiprocessing code, since it's just a ~4x-8x speedup on cracking k3.

@brad-anton

should have it fixed here - https://github.com/OpenSecurityResearch/chapcrack - its ugly but it does the job. Didn't put in the python version check though.. (https://github.com/OpenSecurityResearch/chapcrack/blob/master/chapcrack/crypto/K3Cracker.py)

@moxie0
Owner

@brad-anton Great, that looks fine. Let's just use that in all cases without a python version check. Can you call it something other than 'workaround', remove the superfluous functools import, and send me a pull request?

@ju916

thx - with the fixes from @brad-anton the demo cap file works fine now.

But my own capture still produces no output at all.
Could you specify the requirements for a capture file? I posted the tcpdump output above. It looks like a valid capture of pptp auth to me. I can supply the pcap file if necessary.

@moxie0
Owner

Fixed in cc6ac31

@moxie0 moxie0 closed this Aug 15, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment