![]() ![]() There's nothing you can do."ĬhapCrack can take captured network traffic that contains a MS-CHAPv2 network handshake (PPTP VPN or WPA2 Enterprise handshake) and reduce the handshake's security to a single DES (Data Encryption Standard) key. ![]() "What we demonstrated is that it doesn't matter. However, the common belief on the Internet is that if you have a strong password then it's OK, said Moxie Marlinspike, the security researcher who developed ChapCrack, one of the tools released at Defcon. MS-CHAPv2 has been known to be vulnerable to dictionary-based brute force attacks since 1999, when a cryptanalysis of the protocol was published by cryptographer Bruce Schneier and other researchers. Despite its age, it is still used as the primary authentication mechanism by most PPTP virtual private network (VPN) clients. MS-CHAPv2 is an authentication protocol created by Microsoft and introduced in Windows NT 4.0 SP4. Security researchers released two tools at the Defcon security conference that can be used to crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) and WPA2-Enterprise (Wireless Protected Access) sessions that use MS-CHAPv2 for authentication. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |