+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: Old oclHashcat Support (https://hashcat.net/forum/forum-38.html)
+--- Thread: How about MSCHAP/MSCHAPv2? (/thread-5052.html)
How about MSCHAP/MSCHAPv2? - halexan - 01-18-2016
I'm new user of hashcat. This software is very excellent! I love it so much!
Does hashcat support MSCHAP? As is known to all, MSCHAP/MSCHAPv2 is widely used on the internet, such as PPTP VPN, etc.. I searched wiki for many times, but I cannot find MSCHAP support.
Is there any way to crack MSCHAP/MSCHAPv2 using hashcat?
If my question is not suitable in this part of the forum, I will delete it with my apology.
(01-18-2016, 06:04 AM)epixoip Wrote: Mmm, Windows is not my strong suit, but MSCHAP is the same as NetNTLM, is it not?
Thanks to epixoip! MSCHAP can be cracked by hashcat. But how can I crack MSCHAPv2?
I found a way to crack MSCHAPv2!
We can get AuthenticatorChallenge, PeerChallenge and Username, so the "8-octet Challenge" can be calculated. After that, MSCHAPv2 can be cracked in the same way of MSCHAP!
RE: How about MSCHAP? - epixoip - 01-18-2016
Mmm, Windows is not my strong suit, but MSCHAP is the same as NetNTLM, is it not?
RE: How about MSCHAP? - halexan - 01-18-2016
(01-18-2016, 06:04 AM)epixoip Wrote: Mmm, Windows is not my strong suit, but MSCHAP is the same as NetNTLM, is it not?
Thanks a lot! I've tried MSCHAP using hash type 5500 (NetNTLMv1). It did work!
RE: How about MSCHAP? - halexan - 01-18-2016
(01-18-2016, 06:04 AM)epixoip Wrote: Mmm, Windows is not my strong suit, but MSCHAP is the same as NetNTLM, is it not?
Well, MSCHAP can be cracked by hash type 5500 (NetNTLMv1). It's very good.
However, I think MSCHAPv2 is different from NetNTLMv2. I carefully read the example_hashes, the NetNTLMv2's format mismatches the MSCHAPv2. So, how can I use hashcat to crack MSCHAPv2?
Thank you very much!
RE: How about MSCHAP/MSCHAPv2? - epixoip - 01-18-2016
Can you not re-arrange the output of whatever program you're using to match oclHashcat's expected input format? There's already a thread about this at https://hashcat.net/forum/thread-2563.html
RE: How about MSCHAP/MSCHAPv2? - halexan - 01-19-2016
(01-18-2016, 07:03 PM)epixoip Wrote: Can you not re-arrange the output of whatever program you're using to match oclHashcat's expected input format? There's already a thread about this at https://hashcat.net/forum/thread-2563.html
I found a way to crack MSCHAPv2!
We can get AuthenticatorChallenge, PeerChallenge and Username, so the "8-octet Challenge" can be calculated. After that, MSCHAPv2 can be cracked in the same way of MSCHAP!