[ZanGetsu]

Asleap - Cisco LEAP and Generic MS-CHAPv2 Dictionary Attack

This tool is released as a proof-of-concept to demonstrate weaknesses in the LEAP and PPTP protocols.

LEAP is the Lightweight Extensible Authentication Protocol, intellectual property of Cisco Systems, Inc.  LEAP is a security mechanism available
only on Cisco access points to perform authentication of end-users and access points.  LEAP is written as a standard EAP-type, but is not
compliant with the 802.1X specification since the access point modifies packets in transit, instead of simply passing them to a authentication
server (e.g. RADIUS).

PPTP is a Microsoft invention for deploying virual private networks (VPN). PPTP uses a tunneling method to transfer PPP frames over an insecure
network such as a wireless LAN.  RFC 2637 documents the operation and functionality of the PPTP protocol.

Usage:

Code:

asleap

   -r  Read from a libpcap file
   -i  Interface to capture on
   -f  Dictionary file with NT hashes
   -n  Index file for NT hashes
   -s  Skip the check to make sure authentication was successful
   -h  Output this help information and exit
   -v  Print verbose information (more -v for more verbosity)
   -V  Print program version and exit
   -C  Challenge value in colon-delimited bytes
   -R  Response value in colon-delimited bytes
   -W  ASCII dictionary file (special purpose)

Download