| To: | pen-test@securityfocus.com |
|---|---|
| Subject: | PPPOE password sniffing |
| From: | Nikolaj <lorddoskias@gmail.com> |
| Date: | Tue, 23 Jan 2007 15:24:38 +0200 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=AXasdplf0kz6SH5CmiX+/jHVZyaZUdcxd67TaCt4m5wI0u36VT7EFXkOLPxCOS2xTECJiur7YNTwMbRwqLkRJUMPA0xBptnzjnlT0HOAknp7J7JDKxwencp90nmQBXTBsJtHlLGzxiHLqiAmwvz5jxma6HSNh3wwfz3pEA+URm0= |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| Resent-date: | Tue, 23 Jan 2007 14:28:55 -0700 (MST) |
| Resent-from: | pen-test-return-1078483459@securityfocus.com |
| Resent-message-id: | <20070123212855.0A90B15AA93@outgoing2.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
| User-agent: | Thunderbird 1.5.0.9 (Windows/20061207) |
I'm playing with pppoe for the time being and I noticed something rather
peculiar. I'm authenticating against radius server, and the
Authentication says it is PAP - eg. clear text passwords. I've read
through rfc 2516 and there is nothing said about the authentication with
password. I'm wondering whether there is a way to sniff such
passwords? I tried sniffing my own connection when I was connecting to
the pppoe NAS but no luck. Where are the password and username contained
- in the payload of some of the PAD* packets?
Regards. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | RE: Wikto and googling, Michael Starr |
|---|---|
| Next by Date: | RE: Wikto and googling, Ezequiel Sallis |
| Previous by Thread: | New Infocus article on SecurityFocus: Testing Fault Injection in Local Applications, Erin Carroll |
| Next by Thread: | Re: PPPOE password sniffing, alexpheno |
| Indexes: | [Date] [Thread] [Top] [All Lists] |