| Name | asleap |
| Version | 2.2 |
| Category | network |
| Description | Actively recover LEAP/PPTP passwords. |
| Maintainer | slaxemulator@gmail.com |
| License | GPL2 |
| Website | https://www.willhackforsushi.com/?page_id=41 |
| Sizes | |
| Depends on |  openssl  libpcap |
| Download package |
|
| Show receipt | |
| Show files list | |
| Show cooking log | |
| Install package Remove package |
Description
This tool is released as a proof-of-concept to demonstrate weaknesses in the LEAP and PPTP protocols. LEAP is the Lightweight Extensible Authentication Protocol, intellectual property of Cisco Systems, Inc. LEAP is a security mechanism available only on Cisco access points to perform authentication of end-users and access points. LEAP is written as a standard EAP-type, but is not compliant with the 802.1X specification since the access point modifies packets in transit, instead of simply passing them to a authentication server (e.g. RADIUS). PPTP is a Microsoft invention for deploying virual private networks (VPN). PPTP uses a tunneling method to transfer PPP frames over an insecure network such as a wireless LAN. RFC 2637 documents the operation and functionality of the PPTP protocol. BACKGROUND LEAP utilizes a modified MS-CHAPv2 challenge/response in order to authenticate users on a wireless network. The MS-CHAPv2 authentication method has been clearly identified as a weak method of authentication for several reasons. Asleap README: http://www.willhackforsushi.com/code/asleap/2.2/README |