MSCHAPV2 domain\ prefix

[rkornmeyer]

Hello,

I was wondering if the issue of 'domain\' prefixes have been addresses with the custom hostapd. see this pull request from hostapd-wpe https://github.com/OpenSecurityResearch/hostapd-wpe/pull/4 . I havent been able to confirm one way or another. Typically, if the domain\ prefix is used there is still a C/R captured but it is uncrackable due to the truncation of the domain prefix. Any clarification is appreciated.

[singe]

Hi, I've gone through Brad's WPE patches in detail, and asked permission to merge his changes in here. His EAP handling is better than ours in some regards, but doesn't do the auto crack 'n add. I'll spend some time hand merging them in a few days when I have some time, which should resolve this.

One thing to watch out for, is if it's a computer account, those passwords are autogenerated by the domain and very hard to crack without something like moxie's cloudcracker.

[rkornmeyer]

cool, also this pull request has not been merged yet. However, i have tested it and it works great.

[singe]

Which pull request?

[Rogdham]

Which pull request?

I belive @rkornmeyer is speaking about the PR on hostapd-wpe repo.

@singe: Could you look at https://github.com/sensepost/hostapd-mana/pull/2? It seems that there was a small bug in your correcting the issue.

[singe]

Merged in hostapd-mana

[Rogdham]

Merged in hostapd-mana

Perfect, thanks!