asleap is a command-line tool designed to actively recover LEAP (Lightweight Extensible Authentication Protocol) and PPTP (Point-to-Point Tunneling Protocol) passwords. It exploits vulnerabilities in Cisco's proprietary LEAP network authentication. Key features include:
- Packet Capture Analysis: Reads captured network traffic from libpcap files to extract authentication data.
- Dictionary Attacks: Utilizes dictionary files containing NT hashes to crack passwords.
- Challenge-Response Cracking: Cracks passwords using challenge and response values from freeradius.
- Hash File Support: Supports hash files and index files for efficient password recovery.
Use cases include penetration testing of wireless networks, auditing security of LEAP-enabled systems, and demonstrating vulnerabilities in legacy authentication protocols. The tool is valuable for security professionals and network administrators.
