Best way to capture RADIUS passwords

Steven Staples sstaples at mnsi.net
Fri Nov 9 21:09:51 CET 2012


> Subject: Best way to capture RADIUS passwords
> 
> I am migrating from one RADIUS setup that checks against a flat file with
> usernames and passwords inside it . Over to a RADIUS server with and LDAP
> backend. I have used JTR to crack most of the passwords but I still have
> some left over that JTR cant crack.
> 
> 
> 
> I was thinking of trying to run a packet capture to get the remaining
> usernames and passwords. What would be the best way to do this? Run RADIUS
> in debug mode Radius -X? Or try to use tcpdump and pick it up that way or
> is it even possible to do? I have been trolling the internet for a few
days
> and have not come up with a good way to do it.
> 
> 
> 
> I setup tcpdump to dump to a file (tcpdump -i eth0 -n -s0 port radius -w
> rad-capture.lpc) , but when I check it out with wireshark I am unable to
> see the password (just the username). Am I going about this the wrong way?
> 

You can use the radpostauth and mysql... that will give you
username/passwords of connected, and failed connect attempts.





More information about the Freeradius-Users mailing list