Sniffer - PPP

This is a discussion on Sniffer - PPP ; Hi everyone out there! Is there a way to sniffer the PPPoE authentication packet, and then decrypt the Username and Password using ceratin cracking software?? Your answers would be highly appreciated! Thanks! Regards, Stanley...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Sniffer

  1. Sniffer

    Hi everyone out there! Is there a way to sniffer the PPPoE
    authentication packet, and then decrypt the Username and Password using
    ceratin cracking software?? Your answers would be highly appreciated!
    Thanks!

    Regards,
    Stanley


  2. Re: Sniffer

    "Stanley" writes:
    > Hi everyone out there! Is there a way to sniffer the PPPoE
    > authentication packet, and then decrypt the Username and Password using
    > ceratin cracking software?? Your answers would be highly appreciated!


    PPPoE doesn't do authentication.

    PPP, which can run on PPPoE, can do authentication. Any standard
    Ethernet monitoring program should be able to decode PPPoE and PPP
    packets for you.

    You didn't bother to mention what sort of system you're using or why
    you think you need to break authentication, so it's a bit hard to give
    you specific advice.

    --
    James Carlson, KISS Network
    Sun Microsystems / 1 Network Drive 71.234W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.497N Fax +1 781 442 1677

  3. Re: Sniffer

    Thanks for reply! But the Username and Password are encrypted, if they
    use secure mode in stead of clear text authentication. That's why I
    need a tool to decrypt the username and password! Help me please!


  4. Re: Sniffer

    "Stanley" writes:
    > Thanks for reply! But the Username and Password are encrypted, if they
    > use secure mode in stead of clear text authentication. That's why I
    > need a tool to decrypt the username and password! Help me please!


    There's no such thing as "secure mode." Nor are passwords ever sent
    in any form that could be "decrypted." I don't know what you're
    talking about.

    PAP (RFC 1334) sends the peer name and password as plain text. That
    password, though, _may_ be a nonce and thus completely useless even if
    captured, as is the case with token cards.

    CHAP (RFC 1994) sends the peer name as plain text, but uses a
    challenge-response mechanism to validate the shared secret
    ("password"). The password itself never appears on the wire in *ANY*
    form -- not clear text, not encrypted, not in any way. However, CHAP
    is vulnerable to off-line dictionary attacks, if you know how to do
    that.

    EAP (RFC 3748) offers a variety of plug-in mechanisms for
    authentication, each with its own features. It's not possible to
    provide a blanket statement about EAP.

    Finally, if you have access to the network on which PPPoE runs, then
    trying to break PPP authentication is just plain silly. PPPoE doesn't
    have any security at all. You can inject or modify packets at will.

    I really can't shake the feeling that you're some sort of low-life out
    to break into someone else's network, and not just doing legitimate
    work. I hope I'm wrong, but if that is the case, you ought to go
    elsewhere, as requests for help in performing unethical and likely
    illegal activity are just grossly off-topic in this group.

    --
    James Carlson, KISS Network
    Sun Microsystems / 1 Network Drive 71.234W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.497N Fax +1 781 442 1677

  5. Re: Sniffer

    Sorry if I ask something wrong, I just wanna get some knowledge of
    PPPoE, and do some hacking to my own Cisco AP! Anyway thanks for reply!

    Regards,
    Stanley


  6. Re: Sniffer

    "Stanley" writes:
    > Sorry if I ask something wrong, I just wanna get some knowledge of
    > PPPoE, and do some hacking to my own Cisco AP! Anyway thanks for reply!


    See RFC 2516 for a description of PPPoE. There's no security there at
    all.

    As for monitoring the wire, there are many different software and
    hardware solutions for that. Most modern operating systems (at least
    the useful ones) come with at least one and often several different
    applications that will monitor raw Ethernet and decode it for display,
    including PPPoE.

    You still haven't mentioned what sort of system you might be using or
    why, so specific advice is just impossible.

    --
    James Carlson, KISS Network
    Sun Microsystems / 1 Network Drive 71.234W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.497N Fax +1 781 442 1677

+ Reply to Thread