802.1x and Beyond!

Presented at Black Hat USA 2014, Aug. 6, 2014, 5 p.m. (60 minutes)

IEEE 802.1x has been leveraged for a long time for authentication purposes. Up until this point, little has been done to help researchers expose vulnerabilities within the systems that implement the protocol. In this talk, we'll dissect IEEE 802.1x, its surrounding protocols (RADIUS/EAP), provide testing tools, and detail a number of vulnerabilities identified in popular supporting systems. We'll wrap up demonstrating a vulnerability within a RADIUS server that allows for remote code execution over 802.11 wireless using WPA Enterprise before the user is authorized to join the network.

Presenters:

• Brad Antoniewicz - Foundstone
  Brad Antoniewicz works in Foundstone's security research division to uncover flaws in popular technologies. He is a contributing author to both the "Hacking Exposed" and "Hacking Exposed: Wireless" series of books and has authored and contributed to various internal/external Foundstone tools, training courses, White Papers, and methodologies.

Links:

• https://www.blackhat.com/us-14/archives.html#802-1x-and-beyond
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2014/video/802.1x and Beyond.mp4
• https://www.youtube.com/watch?v=uXukuhVebtY
• https://www.blackhat.com/docs/us-14/materials/us-14-Antoniewicz-802.1x-And-Beyond.pdf

Similar Presentations:

• DerbyCon 8.0 Evolution (2018) / Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010
• DEF CON 14 (2006) / 802.1x Networking
• DEF CON 26 (2018) / Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010