Skip to content
This repository

chapcrack does nothing w/o error #7

34e2a7f43bd89d56 opened this Issue August 07, 2012 · 7 comments

3 participants

34e2a7f43bd89d56 Moxie Marlinspike ju916


I have an issue with chapcrack, it does.. well nothing :) without any error.

~/chapcrack# python parse -i pptp-mschapv2-1.pcap
~/chapcrack# tcpdump -n -r pptp-mschapv2-1.pcap
reading from file pptp-mschapv2-1.pcap, link-type EN10MB (Ethernet)
20:28:42.783439 IP > GREv1, call 49668, seq 4, length 42: CHAP, Challenge (0x01), id 6, Value 64b1796c1795a4c7a0cd1fd8cdaba982, Name pptpd
20:28:42.852348 IP > GREv1, call 58240, seq 6, ack 4, length 78: CHAP, Response (0x02), id 6, Value aa6c065f7ed5821a49b8df9bc2a8082d000000000000000018c9c241c4bf9171bf80a19159c1f9c89ee613cfc2422b3400, Name test
20:28:42.853490 IP > GREv1, call 49668, seq 6, ack 6, length 83: CHAP, Success (0x03), id 6, Msg S=E763DB9B7BC38D1BA7271615C643B6170C00B828 M=Access granted

I get the same behaviour with the full capture pcap (ie. not just the MSCHAPV2 exchange).

~/chapcrack# python --version
Python 2.7.3

~/chapcrack# uname -a
Linux random 3.2.0-24-generic #37-Ubuntu SMP Wed Apr 25 08:43:22 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

It works fine agains the test pptp.cap

~/chapcrack# python parse -i tests/pptp.cap
Got completed handshake [ -->]
Cracking K3.............
User = moxie
C1 = 1c93abce81540068
C2 = 6baeca315f348469
C3 = 256420598a73ad49
P = 6d0e1c056cd94d5f
K3 = c3d40000000000
CloudCracker Submission = $99$bQ4cBWzZTV8ck6vOgVQAaGuuyjFfNIRpw9Q=

Any idea ?



This looks identical to what I reported in issue #4


Ho yes!

Moxie Marlinspike

Can you post that sample capture somewhere?


sent via email - please do not publish.

Moxie Marlinspike moxie0 closed this August 16, 2012
Moxie Marlinspike

Thanks for the capture, looks like there's a bug in dpkt. 9413451 is a workaround, so everything should work for you now.


confirmed - it works now.
Even with the "long" pcap (i.e without extracting the CHAP requests)

thx, ju


It works for me as well. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.