chapcrack is a tool for parsing and decrypting MS-CHAPv2 network handshakes, it was announced recently at Defcon as we read over here – Marlinspike demos MS-CHAPv2 crack.
The process is as follows:
- Obtain a packet capture with an MS-CHAPv2 network handshake in it (PPTP VPN or WPA2 Enterprise handshake, for instance).
- Use chapcrack to parse relevant credentials from the handshake (chapcrack parse -i path/to/capture.cap).
- Submit the CloudCracker token to www.cloudcracker.com
- Get your results, and decrypt the packet capture (chapcrack decrypt -i path/to/capture.cap -o output.cap -n )
If you are interested in a much more in-depth, technical explanation – you can read more here:
Using this attack they have a 100% success rate of cracking DES hashes within 23~ hours.
You can download chapcrack here:
Or read more here.