Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt

Use this file to discover all available pages before exploring further.

Overview

asleap cracks MSCHAPv2 and LEAP authentication hashes offline. Used after capturing credential hashes from a WPA Enterprise rogue AP attack (via hostapd-mana or eaphammer).

Install

sudo apt install asleap

Usage

asleap [options]

Common Flags

FlagDescription
-C <challenge>MSCHAPv2 challenge (hex, colon-separated)
-R <response>MSCHAPv2 response (hex, colon-separated)
-W <wordlist>Wordlist file
-f <db>Pre-computed hash database
-s <db>Hash index file (used with -f)
-r <capfile>Read from pcap capture file
-i <iface>Live capture interface

Crack from Challenge/Response

Extract the challenge and response from hostapd-mana output, then: 
asleap -C <CHALLENGE> -R <RESPONSE> -W ~/rockyou.txt
Example: 
asleap \
  -C do:3b:8d:7b:22:00:00:91 \
  -R 68:09:13:ac:e8:df:36:5f:42:94:fb:97:91:05:02:21:72:ff:b3:ce:c0:ca:26:f7 \
  -W /usr/share/john/password.lst

Crack from Capture File

asleap -r capture.cap -W ~/rockyou.txt

Alternative: hashcat Mode 5500

For the same MSCHAPv2 hashes in hashcat format: 
hashcat -a 0 -m 5500 hashcat.5500 ~/rockyou.txt --force