EAP-MD5 password extraction
#1
I want to replace the ISP router with one of my choice. After a few network traces, I noticed that the WAN link between the router and ONU performs an 802.1X / EAP-MD5 identity challenge once an hour. I have a Cisco switch that can perform the supplicant authentication if I can recovery the password. The identity is in clear text, but the EAP-MD5 challenge and response is hashed. I found this link indicating that -m 4800 is appropriate to crack this. It seems that format is <response>:<challenge>:<id>. Unfortunately, I do not know the password length or keyspace. I am currently trying the following:

Code:
hashcat -m 4800 97e979ac7f1a3a8765646c4d2049de7e:c588689ad8b2a876416b528332cac2ac:02 -a 3 -i ?a?a?a?a?a?a?a?a?a?a?a?a?a?a

A few questions:

  1. The above link indicates that "eapid should be a 1-byte session identifier, however in many cases it's fixed to the default value 0x02". How can I verify if I need the session identifier or 02?
  2. I have multiple captures of this authentication. Assuming the password is the same, can these be combined in a way to speed up the crack, or will processing any single one be just as efficient?
    1. Code:
      # response:challenge:id97e979ac7f1a3a8765646c4d2049de7e:c588689ad8b2a876416b528332cac2ac:??418f853ba5cab7940d1b87768bcec4df:6440a9588d9f9e8f9cbe9fbfdc7eb4b0:??0fc219a188efdf6b78a3c9ec3bf3719a:fa5577ea377c7ecea162a5204959790d:??b2649c240becf48f05a4a08f96bb5705:88884925aca9a567843188d5aa7c6279:??7acbd6fc8b0ab254017d27355afdf3fa:a9354497cd8e915d6b5b7960aedb301a:??5ccaaa1156ff1c99b1ca56b478fae050:4fb9ce8e6a879a3d398d217e3775c68d:??66cb49a994309f3ce407fdb91c8b27f1:3793625f0c8dbc8d8172617278bc687d:??
  3. The packet captures have an "EAP-MD5 Extra Data" field. Looking at the given lengths it seems like padding, though I am not sure. Can this safely be ignored?

I am not sure if my approach is correct and would appreciate some comments. Thank you.
I can post the packet capture if desired.


Attached Files
.png   md5.png (Size: 6.34 KB / Downloads: 7)
Reply
#2
Hi Dono, did you ever get anywhere with this ? I am looking at similar thing and it looks to me that your bruteforce command is correct, but quite ambitious (14 digits). Since the post was 3,5 years ago, maybe with very very, very good hardware its about done now ? Wink
Reply
#3
Hi SuppoT,

I tried to brute force it for about two months but unfortunately had to give up in the end. I couldn't continue to allocate the resources due to other priorities and commitments. (Prior to attempted to brute force it I also tried quite a few dictionaries, but without any success.) I might try again sometime if I get access to better hardware.

Best regards.
Reply
#4
Thanks for a quick reply after all these years. Perhaps even with the latest hardware brute forcing is a no go in the end. Do you recall what made you choose a 14 digits for the password ?
Reply
#5
It's been a while, but I remember exhaustively trying smaller password lengths to no success. I think 14 digits was next. Of course the actual password could be longer; I have no way to know.

If it made sense financially, perhaps a better option would be to rent a cloud server with specialized GPUs. However, without knowing the number of digits or how long it would take to crack I am not sure it is really worth it for my situation. It would be nice to remove the ISP router, but just upgrading to a business connection would probably be much cheaper in the end.
Reply