Best way to capture RADIUS passwords

Chris Taylor Chris.Taylor at corp.eastlink.ca
Fri Nov 9 20:37:08 CET 2012


I am migrating from one RADIUS setup that checks against a flat file with usernames and passwords inside it . Over to a RADIUS server with and LDAP backend. I have used JTR to crack most of the passwords but I still have some left over that JTR cant crack.

I was thinking of trying to run a packet capture to get the remaining usernames and passwords. What would be the best way to do this? Run RADIUS in debug mode Radius -X? Or try to use tcpdump and pick it up that way or is it even possible to do? I have been trolling the internet for a few days and have not come up with a good way to do it.

I setup tcpdump to dump to a file (tcpdump -i eth0 -n -s0 port radius -w rad-capture.lpc) , but when I check it out with wireshark I am unable to see the password (just the username). Am I going about this the wrong way?

Thanks,

Chris


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121109/1a1bcecc/attachment.html>


More information about the Freeradius-Users mailing list