,所以我的半径服务器运行于10.0.0.15。我必须将其共同的秘密打造出来。我正在使用Tinyraidus Java库。
这是我的代码:
String s = "big line...";
String[] words = s.split("\W+");
String host, userName, password;
userName = "admin";
password = "pass";
host = "10.0.0.15";
int count = words.length;
for (String word : words) {
System.err.println("Left: " + count);
RadiusClient rc = new RadiusClient(host, word);
try {
if (rc.authenticate(userName, password)) {
System.out.print("Cracked. Secret is: " + word);
break;
}
} catch (IOException ex) {
Logger.getLogger(RadiusBrute.class.getName()).log(Level.SEVERE, null, ex);
} catch (RadiusException ex) {
Logger.getLogger(RadiusBrute.class.getName()).log(Level.SEVERE, null, ex);
}
}
但是,每次我运行此错误时,我都会收到此错误:
Jun 21, 2016 12:48:28 AM org.tinyradius.util.RadiusClient communicate
SEVERE: communication failure (timeout), no more retries
Jun 21, 2016 12:48:28 AM radiusbrute.RadiusBrute main
SEVERE: null
java.net.SocketTimeoutException: Receive timed out
at java.net.PlainDatagramSocketImpl.receive0(Native Method)
at java.net.AbstractPlainDatagramSocketImpl.receive(AbstractPlainDatagramSocketImpl.java:144)
at java.net.DatagramSocket.receive(DatagramSocket.java:812)
at org.tinyradius.util.RadiusClient.communicate(RadiusClient.java:249)
at org.tinyradius.util.RadiusClient.authenticate(RadiusClient.java:83)
at org.tinyradius.util.RadiusClient.authenticate(RadiusClient.java:65)
at radiusbrute.RadiusBrute.main(RadiusBrute.java:284)
我做错了吗?谢谢。
看起来您的半径服务器默默地丢弃了您的半径访问。根据RADIUS服务器的实现,原因可能是以下一个:
- RADIUS服务器没有主机从AS配置客户端发送请求的主机:从RADIUS RFC 2865:
radius服务器没有一个客户的请求共享的秘密必须被静静地丢弃。2.您从客户端发送了太多失败的请求,Radius Server通过其IP地址禁止您的客户端,并删除所有后续请求3.(不太可能)Radius Server配置为使用错误的用户名/密码删除请求,而不是发送RADIUS Access-Remaxt