Collaborate Disseminate
Is security compromised if every client uses the same client certificate to authenticate with WPA2-EAP-TLS?
In essence, we want to provide an open wifi network, but want to ensure users cannot see each other’s traffic. With WPA2-PSK, this … Continue reading WPA2-EAP-TLS with global client certificate
I have spent the last few days setting up a freeradius server with eap-tls as the only authentication method.
I have used this old tutorial for setting up my own CA and generating the certificates and adjusted the older parameters to match… Continue reading Why is my RADIUS Certificate not automatically signed with the root CA Certificate on my iPhone
Question about PEAP-MSCHAPV2 on RADIUS.
After MSCHAPV2 success keys are extracted from TLS context. Then it sent to AP.
Client failed to connect WiFi (or eapol, etc) with my handmade RADIUS Access-Accept.
Can you explain full keys negot… Continue reading How are keys negotiated in wpa-eap?
In my free time I go in for pen testing and wireless security using my 2018 MacBook Pro. I have been trying to capture 4-way WPA handshake using 3 various tools: airport command, tcpdump and Apple’s native Sniffer under Wireless Diagnostic… Continue reading Cannot capture WPA handshake on macOS by any means
I am having trouble understanding the point of EAP.
EAP is an authentication framework, which defines several TLS based methods and encapsulations like EAP-TLS, EAP-TTLS and PEAP. These all require the server/authenticator … Continue reading EAP vs TLS authentication
I captured a handshake of my mobile hostspot and have it in both .cap and .hccapx file formats.
If I know that the person who’s wifi I’m hacking is supposedly ‘Dave’, how do I put it into search parameters of a brute force f… Continue reading Brute Forcing/Mask attacking a WPA-2 handshake using hashcat [on hold]
I am running an evil twin attack with eaphammer, by default it seems to capture mschapv2 authentication which contains the username and NETNTLM hashes. I have manually created a WiFi connection (on Windows) and manually selec… Continue reading Capturing cleartext authentication (EAP-TTLS/PAP) with WPA-2 Enterprise?
We are using, as default, PEAP and MS-CHAPv2 as inner authentication.
I was concerned with security risks when it comes to rogue APs but a colleague told me that there are no risks for preconfigured clients.
He told me there are risks on… Continue reading WPA2 Enterprise: no risks for preconfigured clients when it comes to Rogue APs?
the same as fluxion but without the captive portal just like this video
Stealing 802.1x Credentials with Rogue AP & RADIUS server
he was able to get the username and the password of an EAP wifi without cracking just by… Continue reading is it possible to evil twin a WPA 2 Wifi using one of EAP methods?
I am studying abroad and trying to communicate with my tech support to get my device registered on the university wifi, but they do not really listen to what I have to say (either because they do not understand my English wel… Continue reading How would one register a devices MAC Address to a WPA2 enterprise wifi? [on hold]