eapmd5pass

EAP-MD5是不提供用户身份验证凭据充分的保护遗产认证机制。验证使用EAP-MD5受到自己的离线字典攻击的漏洞谁的用户。此工具将读取从监视器模式下的实时网络接口,或从存储的libpcap捕捉文件,并提取了EAP-MD5认证交换的部分。一旦挑战和响应部分已收集这种交流,eapmd5pass将安装针对用户的密码脱机字典攻击。

资料来源:http://www.willhackforsushi.com/code/eapmd5pass/1.4/README
eapmd5pass 首页
eapmd5pass 源代码版本库

包含在eapmd5pass包工具

eapmd5pass - 对EAP-MD5字典攻击
:~# eapmd5pass -h
eapmd5pass - Dictionary attack against EAP-MD5

Usage: eapmd5pass [ -i <int>
-r <pcapfile> ] [ -w wordfile ] [options]

  -i <iface>    interface name
  -r <pcapfile> read from a named libpcap file
  -w <wordfile> use wordfile for possible passwords.
  -b <bssid>    BSSID of target network (default: all)
  -U <username> Username of EAP-MD5 user.
  -C <chal> EAP-MD5 challenge value.
  -R <response> EAP-MD5 response value.
  -E <eapid>    EAP-MD5 response EAP ID value.
  -v        increase verbosity level (max 3)
  -V        version information
  -h        usage information

The "-r" and "[-U|-C|-R|-E]" options are not meant to be used together.  Use -r
when a packet capture is available.  Specify the username, challenge and
response when available through other means.

eapmd5pass用法示例

:~# coming soon