A tool for recovering credentials from sniffed PPPoE, RADIUS and L2TPv2 CHAP authentications
Latest commit 5839d5f Oct 1, 2013 Foeh Mannay Uploaded v0.4a with BGP support.
Permalink
Failed to load latest commit information.
.gitattributes
.gitignore
LICENSE
README
dechap-0.1a.tar.gz
dechap-0.2a.tar.gz
dechap-0.3a.tar.gz
dechap-0.4a.tar.gz

README

dechap v0.4 Alpha
Written by Foeh Mannay, October 2013

PURPOSE
=======

dechap is a tool which attempts to recover login credentials from captured
PPPoE, RADIUS and L2TP CHAP authentications plus MD5 authenticated OSPF or BGP
traffic. It strips away any 802.1Q tags and / or MPLS labels which are present
to get to the good stuff and then runs a dictionary attack against any 
authentications it finds.

Please see http://networkingbodges.blogspot.com/ for more information on the
theory behind this if you are interested.

INSTALLATION
============

Provided the OpenSSL dev libraries are installed it should be possible to simply
extract the source code, cd into the directory then run "make".

USAGE
=====

There are only two parameters and both are mandatory. You must specify your
capture file (original pcap format) with the -c flag and your word list with
the -w flag. Here's an example:

lab@lab:~/dechap$ ./dechap -w mywords.txt -c someauths.cap
Found password "tangerine" for user user1@testisp.com.
Unable to find a password for user user2@testisp.com.
Found password "password1" for user user3@testisp.com.
Found password "Africa" for user user4@testisp.com.
Found password "Frankenstein" for user user5@testisp.com.
Found password "s3cr3tk3y" for OSPF host 10.1.1.1 key 1.
Found password "t1nt3rn3t" for TCP from 10.0.0.2 to 10.0.0.1.
lab@lab:~/dechap$

CHANGE LOG
==========

v0.1a	First working release, only works with PPPoE traffic.

v0.2a	Added support for RADIUS and L2TP captures.
	Fixed a bug in MPLS decap.

v0.3a	Added support for MD5 authenticated OSPF.

v0.4a	Added support for MD5 authenticated BGP.