EAP-MD5 password extraction - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: EAP-MD5 password extraction (/thread-10554.html) |
EAP-MD5 password extraction - dono - 12-26-2021 I want to replace the ISP router with one of my choice. After a few network traces, I noticed that the WAN link between the router and ONU performs an 802.1X / EAP-MD5 identity challenge once an hour. I have a Cisco switch that can perform the supplicant authentication if I can recovery the password. The identity is in clear text, but the EAP-MD5 challenge and response is hashed. I found this link indicating that -m 4800 is appropriate to crack this. It seems that format is <response>:<challenge>:<id>. Unfortunately, I do not know the password length or keyspace. I am currently trying the following: Code: hashcat -m 4800 97e979ac7f1a3a8765646c4d2049de7e:c588689ad8b2a876416b528332cac2ac:02 -a 3 -i ?a?a?a?a?a?a?a?a?a?a?a?a?a?a A few questions:
I am not sure if my approach is correct and would appreciate some comments. Thank you. I can post the packet capture if desired. |