Penetration Testing: PPP authentication brute-force attack?

Penetration Testing mailing list archives

PPP authentication brute-force attack?

From: Matheus Michels <matheusf_michels () hotmail com>
Date: Mon, 11 Feb 2008 19:14:49 +0000


Does anybody know a tool to perform brute force or dictionary attacks against a PPP (PAP and/or CHAP) authentication 
server? Yes, I'm very familiar with Hydra, but neither it nor Medusa have support for PPP.

I know that such a tool would actually call pppd to perform the attack. So, I even tried to write a shell script to 
read passwords from a file and call pppd for each one, but as I'm a very bad programmer I could not make nothing useful 
:(

In my case, I'm trying to audit an PPPoE PAP server.

_________________________________________________________________
Connect and share in new ways with Windows Live.
http://www.windowslive.com/share.html?ocid=TXT_TAGHM_Wave2_sharelife_012008
------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

By Date By Thread

Current thread:

PPP authentication brute-force attack? Matheus Michels (Feb 12)
- Message not available
  - RE: PPP authentication brute-force attack? Matheus Michels (Feb 15)
    - Re: PPP authentication brute-force attack? LordDoskias (Feb 15)
    - RE: PPP authentication brute-force attack? Matheus Michels (Feb 15)
    - testing an installer Qazi, Reema (Feb 25)
    - Re: testing an installer Kelly Keeton (Feb 26)
    - RE: testing an installer Bob Woods (Feb 26)
    - Re: testing an installer Kurt Buff (Feb 26)
    - RE: testing an installer Thor (Hammer of God) (Feb 26)
    - Re: testing an installer Amar Kulo (Feb 26)
    - RE: testing an installer Jarmon, Don R (Feb 26)

(Thread continues...)