SecurityFocus BUGTRAQ Mailing List: BugTraqLink Number One Link Number One Link Number Two Link Number Two Link Number One Link Number One Link Number Two Link Number Two Entire Site Advisories Calendar Columnists Elsewhere Guest Feature Infocus Library Links Mailing Lists (all) -- BUGTRAQ -- FOCUS-IDS -- FOCUS-IH -- FOCUS-LINUX -- FOCUS-MS -- FOCUS-SUN -- FOCUS-VIRUS -- FORENSICS -- INCIDENTS -- PEN-TEST -- SEC JOBS -- SF NEWS -- VULN-DEV News Products Services Tools Vulns BUGTRAQ ARCHIVE [ Message Index ] [ Thread Index ][ Reply ] [ prev Msg by Date ][ next Msg by Date ] To: BugTraq Subject: Cisco LEAP Insecurities + POC Date: Oct 3 2003 7:06PM Author: Message-ID: 1 month of audits by l33t security companies: No vulnerabilities 1 month of architecture research by CCIE's: No vulnerabilities 2 days of hacking by DaBubble, Bishop, and Evol: Root. There's some things that fackers should audit (WEBAPPS) for everything else, get a real hacker. If you can't get the POC to work, if you don't like that there's no gui, or if you don't understand this message send your 2weeks and get a job making my starbucks coffee. Those people seem so heavily worked that there must be a need for more of them. There is not a need however, for more of you. All, Cisco leap is an authentication mechanism employed on high grade wireless access points. The mechanism is used to replace WEP and was supposed to offer greater security against malicious threat agents. I have been watching the list today, and I saw a whole lot of FUD regarding the matter of insecurities present in the protocol. I thought you all would have known by now. Apparently my assumption is incorrect. Attached is a POC attack for LEAP implementations utilizing Microsoft's Active Directory as the authentication store. Cisco LEAP authenticates users to the wireless access point via a password. This password is authenticated against a back-end radius server via a Challenge-Response protocol. The protocol is such: 1.) The Wireless client sends an authentication request; 2.) The AP Acknowledges request with an 8 byte challenge; 3.) The Wireless client computes the response by: a.) MD4 Hashing the password producing a 16 byte hash; b.) Padding the hash with 5 nulls producing 21 bytes; c.) Splitting the resulting 21 bytes into 7 byte chunks; d.) Iterating through the 7 byte chunks, des encrypting the challenge as plain-text with the 7-byte chunk as the key. e.) Concatenating the resulting cipher text producing 24 bytes 4.) The client then sends the resulting 24 bytes as the challenge response; 5.) The back-end systems iterate through the same processes and check for a match; then 6.) If the two match, authentication has been accomplished. Does anyone smell MS-CHAP? Attacks on this protocol are such: 1.) The complexity of finding the DES key of the last chunk is 255^2. Upon finding this, the malicious threat agent can cycle through a precomputed database of commonly used passwords, matching on the last two bytes of the hash. This is a reduction of the complexity for a dictionary attack. 2.) From 1: this also reduces the complexity of a brute force search for the key 3.) A chosen plain-text attack utilizing rainbow tables may be used by impersonating an access point. The initial pre-computation complexity is large, but manageable for any good hacker. These attacks are based on the fact that if you didn't know about Cisco leaps insecurities you're not going to know about the S-Box decoding optimization on 56bit DES, nor how to reverse MD4 using genetic algorithms. If no fackers post to bugtraq within the next 7 working days, I'll release these as well. The link to http:/www.unstrung.com/document.asp?doc_id=41185 leads me to the conclusion that Wright, is a Facker (Fake Hacker). People like him are dangerous to the information security community. As said in a rap song, "If you don't give a sh** then don't throw it up". If you're not a hacker then don't pretend to be, and don't run security audits. You're only filling up my bugtraq e-mail box with rants about the next CSS vulnerability, or SQL-injection vulnerability. These are not things worth posting. Things that are worth posting include: 1.) New techniques 2.) Esoteric propreitary technologies's shortcomings (NOT WEBAPPS) 3.) etc. It is people that are like this that prevent other people from sharing their research. It takes me 2 minutes to find a CSS vulnerability, and 1 minute to find an SQL injection vulnerability so why are you going to post that? Facker's need to remain like low-key and disappear. -Evol May I have your attention please I repeat, may I have your attention please Will the real Evol please stand up... We're going to have a problem here [ attachment: (application/octet-stream) ] Want to link to this message? Use this URL: Disclaimer, Terms & Conditions About this List Featured Lists: ARIS Users bugtraq bugtraq-es bugtraq-french NEW bugtraq-jp firewalls focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics forensics-es honeypots incidents libnet pen-test secevents secpapers secprog sectools secureshell security-basics security-management NEW securityjobs vpn vuln-dev webappsec Newsletters: sf-news ms-secnews linux-secnews [ more . . . ] Privacy Statement Copyright © 1999-2003 SecurityFocus