Hi,
I'm working on PPTP vulnerability, after watching Durren's video (so great video), can find a weak password from CHAP challenge and response.
but, when I faced with strong password, don't know use what dictionary for find password.
my question is: (share your experience)
1- can I find password length from sniffing?
2- what tools can help me to create dictionary with policy condition?
(like password must have one digit, one special, and etc...)
I Apology for my bad English.
thanks.