Skip to content
This repository

chapcrack does nothing w/o error #7

Closed
34e2a7f43bd89d56 opened this Issue August 07, 2012 · 7 comments

3 participants

34e2a7f43bd89d56 Moxie Marlinspike ju916
34e2a7f43bd89d56

Hello,

I have an issue with chapcrack, it does.. well nothing :) without any error.

~/chapcrack# python chapcrack.py parse -i pptp-mschapv2-1.pcap
~/chapcrack#
~/chapcrack# tcpdump -n -r pptp-mschapv2-1.pcap
reading from file pptp-mschapv2-1.pcap, link-type EN10MB (Ethernet)
20:28:42.783439 IP 37.230.xxx.yyy > 88.188.xxx.yyy: GREv1, call 49668, seq 4, length 42: CHAP, Challenge (0x01), id 6, Value 64b1796c1795a4c7a0cd1fd8cdaba982, Name pptpd
20:28:42.852348 IP 88.188.xxx.yyy > 37.230.xxx.yyy: GREv1, call 58240, seq 6, ack 4, length 78: CHAP, Response (0x02), id 6, Value aa6c065f7ed5821a49b8df9bc2a8082d000000000000000018c9c241c4bf9171bf80a19159c1f9c89ee613cfc2422b3400, Name test
20:28:42.853490 IP 37.230.xxx.yyy > 88.188.xxx.yyy: GREv1, call 49668, seq 6, ack 6, length 83: CHAP, Success (0x03), id 6, Msg S=E763DB9B7BC38D1BA7271615C643B6170C00B828 M=Access granted

I get the same behaviour with the full capture pcap (ie. not just the MSCHAPV2 exchange).

~/chapcrack# python --version
Python 2.7.3

~/chapcrack# uname -a
Linux random 3.2.0-24-generic #37-Ubuntu SMP Wed Apr 25 08:43:22 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

It works fine agains the test pptp.cap

~/chapcrack# python chapcrack.py parse -i tests/pptp.cap
Got completed handshake [192.168.43.114 --> 198.252.153.26]
Cracking K3.............
User = moxie
C1 = 1c93abce81540068
C2 = 6baeca315f348469
C3 = 256420598a73ad49
P = 6d0e1c056cd94d5f
K3 = c3d40000000000
CloudCracker Submission = $99$bQ4cBWzZTV8ck6vOgVQAaGuuyjFfNIRpw9Q=

Any idea ?

TIA,

ju916

This looks identical to what I reported in issue #4

34e2a7f43bd89d56

Ho yes!

Moxie Marlinspike
Owner

Can you post that sample capture somewhere?

ju916

sent via email - please do not publish.

Moxie Marlinspike moxie0 closed this August 16, 2012
Moxie Marlinspike
Owner

Thanks for the capture, looks like there's a bug in dpkt. 9413451 is a workaround, so everything should work for you now.

ju916

confirmed - it works now.
Even with the "long" pcap (i.e without extracting the CHAP requests)

thx, ju

34e2a7f43bd89d56

It works for me as well. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.