On 18/05/11 17:10, Gary Gatten wrote:
I would LOVE if W7 just worked! People here are blaming FR and I'm trying to convince them it has nothing to do with it, but since the MSCHAP challenges / responses are hashed I can't PROVE it to them.
I have FR debugs of a working auth and a rejected auth. I'd like to "unhash" the MSCHAP stuff to see in clear text what's getting sent back and forth so I can get a better idea of why the request is being rejected.
That isn't really how it works. MS-CHAP is a (reasonably) cryptographically secure protocol. You can't go backwards from: MS-CHAP-Challenge = xxx MS-CHAP2-Response = yyy ...to anything meaningful. You *can* check that a given response is valid for a given challenge, if you know the password or nt hash.