Time for action cracking EAP-TTLS

Follow the given instructions to get started:

  1. EAP-TTLS is also enabled by default in eap.conf. Let us start the Radius server and monitor the log file:
    Time for action cracking EAP-TTLS
  2. We connect the client and enter the credentials SecurityTube as the Username and demo12345 as the Password:
    Time for action cracking EAP-TTLS
  3. Immediately, the MSCHAP-v2 challenge / response appears in the log file:
    Time for action cracking EAP-TTLS
  4. We again use Asleap to crack the password used. It is important to note that any password list you use, must contain the password used by the user. In order to illustrate that if this is not true, we will not be able to crack the password, we have deliberately ensured that the password is not there in the default list on BackTrack:
Time for action cracking EAP-TTLS

What just happened?

Cracking EAP-TTLS is almost identical to PEAP. Once the client accepts our fake certificate, we get the MSCHAP-v2 challenge / response pair. As MSCHAP-v2 is prone to dictionary attacks, we use Asleap to crack the challenge / response pair as it seems to be based out of a dictionary word.

Have a go hero EAP-TTLS

We would encourage you to try attacks, similar to what we have suggested for PEAP against EAP-TTLS.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.134.90.44