hashcat Forum
How about MSCHAP/MSCHAPv2? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: Old oclHashcat Support (https://hashcat.net/forum/forum-38.html)
+--- Thread: How about MSCHAP/MSCHAPv2? (/thread-5052.html)



How about MSCHAP/MSCHAPv2? - halexan - 01-18-2016

I'm new user of hashcat. This software is very excellent! I love it so much!
Does hashcat support MSCHAP? As is known to all, MSCHAP/MSCHAPv2 is widely used on the internet, such as PPTP VPN, etc.. I searched wiki for many times, but I cannot find MSCHAP support. 
Is there any way to crack MSCHAP/MSCHAPv2 using hashcat?

If my question is not suitable in this part of the forum, I will delete it with my apology.

(01-18-2016, 06:04 AM)epixoip Wrote: Mmm, Windows is not my strong suit, but MSCHAP is the same as NetNTLM, is it not?

Thanks to epixoip! MSCHAP can be cracked by hashcat. But how can I crack MSCHAPv2?

I found a way to crack MSCHAPv2!
We can get AuthenticatorChallenge, PeerChallenge and Username, so the "8-octet Challenge" can be calculated. After that, MSCHAPv2 can be cracked in the same way of MSCHAP!


RE: How about MSCHAP? - epixoip - 01-18-2016

Mmm, Windows is not my strong suit, but MSCHAP is the same as NetNTLM, is it not?


RE: How about MSCHAP? - halexan - 01-18-2016

(01-18-2016, 06:04 AM)epixoip Wrote: Mmm, Windows is not my strong suit, but MSCHAP is the same as NetNTLM, is it not?

Thanks a lot! I've tried MSCHAP using hash type 5500 (NetNTLMv1). It did work!


RE: How about MSCHAP? - halexan - 01-18-2016

(01-18-2016, 06:04 AM)epixoip Wrote: Mmm, Windows is not my strong suit, but MSCHAP is the same as NetNTLM, is it not?

Well, MSCHAP can be cracked by hash type 5500 (NetNTLMv1). It's very good.
However, I think MSCHAPv2 is different from NetNTLMv2. I carefully read the example_hashes, the NetNTLMv2's format mismatches the MSCHAPv2. So, how can I use hashcat to crack MSCHAPv2?

Thank you very much!


RE: How about MSCHAP/MSCHAPv2? - epixoip - 01-18-2016

Can you not re-arrange the output of whatever program you're using to match oclHashcat's expected input format? There's already a thread about this at https://hashcat.net/forum/thread-2563.html


RE: How about MSCHAP/MSCHAPv2? - halexan - 01-19-2016

(01-18-2016, 07:03 PM)epixoip Wrote: Can you not re-arrange the output of whatever program you're using to match oclHashcat's expected input format? There's already a thread about this at https://hashcat.net/forum/thread-2563.html

I found a way to crack MSCHAPv2!

We can get AuthenticatorChallenge, PeerChallenge and Username, so the "8-octet Challenge" can be calculated. After that, MSCHAPv2 can be cracked in the same way of MSCHAP!