TACACS+ version 1 - Seeking some information
#1
Dear people,

I have red this very informative post about cracking the TACACS+ protocol.
I therefore used hxctools and hashcat in order to crack the shared key of TACACS+ capture.

BUT, I also failed to crack many other TACACS+ captures.
Actually, I failed to convert my .cap files to hashcat compatible hashes.

I later understood that hcxtools can convert only the version 0 of the TACACS+ protocol.
Any version above (1 or later) is not supported.
My successful crack has been made on a TACACS+ version 0 capture.
My other captures were made on some TACACS+ version 1.

I was wondering if anyone
-know what changed in the version 1 of TACACS+, the MD5 trick explained in the link above is not working anymore in this version ?
-knows if there is a way to crack some TACACS+ version > 1 ?

To be honest, any information would be most welcome.

Have nice day all,
Kujacq
Reply
#2
Information abut v2 and v3 is very welcome.

After this issue report:
https://github.com/ZerBea/hcxtools/issues/230
hcxpcapngtool is able to detect this versions.
Code:
TACACS+ v2...............................: 2 (unsupported)
TACACS+ v3...............................: 4 (unsupported)
But that's all.
Reply