pen-test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: PPPOE password sniffing

from [alexpheno] [Permanent Link][Original]
To: pen-test@securityfocus.com
Subject: Re: PPPOE password sniffing
From: alexpheno@gmail.com
Date: 27 Jan 2007 21:42:52 -0000
Delivered-to: sp-com-lists@consult.net
Delivered-to: pentest-list2@consult.net
Delivered-to: mailing list pen-test@securityfocus.com
Delivered-to: moderator for pen-test@securityfocus.com
List-help: <mailto:pen-test-help@securityfocus.com>
List-id: <pen-test.list-id.securityfocus.com>
List-post: <mailto:pen-test@securityfocus.com>
List-subscribe: <mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe: <mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list: contact pen-test-help@securityfocus.com; run by ezmlm
Resent-date: Sat, 27 Jan 2007 15:07:04 -0700 (MST)
Resent-from: pen-test-return-1078483474@securityfocus.com
Resent-message-id: <20070127220704.CA4A1237A07@outgoing3.securityfocus.com>
Resent-sender: listbounce@securityfocus.com
Sender: listbounce@securityfocus.com 
If you're using PAP as an authentication scheme you must look into the
packets that follow the PPPOE session, after you've found a PPPOE
access concentrator a PPP session is established. You must look for a
packet that is sent by the authenticating terminal (in this case your
computer)  to the concentrator. Try to do a wireshark capture and
apply this filter rule "pap and eth.src==XX:XX:XX:XX:XX:XX", and
replace the x part with the terminal's mac address. If a frame matches
the filter it should contain the user and password in the payload.

Check out RFC1334 for more info.
--
Alex Nedelcu
CCNA, SNRS, CSVPN

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Automated Nmap Scans / Front End, Soi, Dhruv
Next by Date:  Password cracker required, milind_nanal
Previous by Thread:  PPPOE password sniffing, Nikolaj
Next by Thread:  RES: PPPOE password sniffing, Cleverson de Freitas Ferla
Indexes:  [Date] [Thread] [Top] [All Lists]