(RADIATOR) Catching User's Passwords

Hugh Irvine hugh at open.com.au
Wed Sep 12 18:20:35 CDT 2001 

Hello Paul -

As you can see from the trace, the User-Password is not in clear text anyway 
(it is MD5 encrypted with the shared secret).

You can use the special character %P to get the decrypted string, or as 
Levent has mentioned, you can just use the password log.

regards

Hugh


On Wednesday 12 September 2001 16:58, Paul Thorton wrote:
> Hi,
>
> I have configured a pre_auth hook and am trying to capture all customers
> passwords. (I.E.)
> --------
> sub {
>         my $type = ${$_[0]}->get_attr('Acct-Status-Type');
>
>         if ($type eq 'Start') {
>                 my $debug_username = ${$_[0]}->get_attr('User-Name');
>                 my $debug_pwd = ${$_[0]}->get_attr('User-Password');
>                 my $debug_called =
> ${$_[0]}->get_attr('Called-Station-Id');
>                 my $debug_calling =
> ${$_[0]}->get_attr('Calling-Station-Id');
>                 my $debug_NASIP = ${$_[0]}->get_attr('NAS-IP-Address');
>                 my $debug_NASPort = ${$_[0]}->get_attr('NAS-Port');
>                 my $debug_sessionid =
> ${$_[0]}->get_attr('Acct-Session-Id');
>                 my $debug_framedip =
> ${$_[0]}->get_attr('Framed-IP-Address');
>
>                 &main::log($main::LOG_INFO, "LOG: ACCT: ${type}:
> $debug_username || $debug_pwd || $debug_c
> alled || $debug_NASIP || $debug_NASPort || $debug_sessionid ||
> $debug_calling || $debug_framedip");
>         }
> -------
>
> This is what is captured:
> Wed Sep 12 16:53:21 2001: INFO: LOG: ACCT: Start: Username at domain.com ||
>
> || 85520100 || 210.215.0.74 || 116 || 00006A94 ||  || 210.215.30.64
>
> For some reason the Password os not being retrieved. Can any one shed
> some light on why or another
> way to get the password in "Clear Text"
>
> Access Request:
> ------
> Code:       Access-Request
> Identifier: 123
> Authentic:
> <151><168><246><243><172><218><207><108><224>Kuw<216><133><243>[
> Attributes:
>         User-Name = "Username at domain.com"
>         User-Password =
> "<232>p<174><231><128>!<160>s<206>!<207>%9!<161><17>"
>         NAS-IP-Address = 172.16.0.1
> ------
>
> Thanks,
>
> Paul
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list