Wireless Vulnerabilities & Exploits
Wireless Vulnerabilities & Exploits
WVE ID: WVE-2005-0027
Type: Exploit
Status: Candidate
Classification:
Authentication Management
Cryptographic
Design Flaw
Description:
Asleap is a tool used to perform dictionary attacks against a network using Cisco's LEAP as an authentication mechanism.
Discussion:
Asleap exploits problems in Cisco's proprietary LEAP protocol to greatly increase the efficiency of a dictionary attack against networks utilizing it as an authentication mechanism. The LEAP protocol uses a variation of the MS-CHAPv2 protocol, which has several well-known problems.
Asleap includes a tool, called 'genkeys,' for generating an NT password hash database and index from a dictionary file. To perform the actual dictionary attack, the asleap program is used. This program can either read LEAP exchanges from a packet capture file or live traffic from a network interface.
When run on a live interface, asleap will look for LEAP exchanges to perform the dictionary attack. When using AirJack drivers asleap also supports deauthenticating clients in order to observe the LEAP exchange when the client re-connects.
Credits
Author:
Joshua
Wright
(jwright@hasborg.com)
: None
References
URL:
http://asleap.sourceforge.net/
CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1096
Released: 2004-04-08
Submitter
Andrew
Lockhart
(alockhart@networkchemistry.com)
: Network Chemistry
Submitted: Tue Nov 01 15:48:35 -0800 2005
Candidate Date: Tue Nov 01 15:49:17 -0800 2005
