EAPeak Suite, Tools for 802.1x Attack and Analysis

Presented at ToorCon San Diego 13 (2011), Oct. 8, 2011, 4 p.m. (50 minutes)

When attacking an 802.11 network that uses 802.1X Enterprise authentication it is key to know what Extensible Authentication Protocol (EAP) type is being used to authenticate the client. The EAP type used by the network will greatly influence which attacks can be successfully launched to gain access to the network. Until now there have been very few tools designed specifically for attacking these types of networks. During this talk attendees will learn how enterprise authentication works, how to manually determine the EAP type and what other useful data can be learned by examining an EAP handshake. Finally the EAPeak suite of tools will be released with new components that facilitate actively enumerating EAP types on wireless networks as well as EAPwn, a Python powered soft-AP designed as an all inclusive tool for client side EAP related attacks.

Presenters:

• Spencer McIntyre / ZeroSteiner   as Spencer McIntyre
  Spencer McIntyre is a Staff consultant at SecureState LLC where he is a part of the penetration testing team and works on research and development projects. Spencer has been avid in the security community for a few years, and is an active developer.

Similar Presentations:

• 44CON 2017 / The Black Art of Wireless Post-Exploitation: Bypassing Port-Based Access Controls Using Indirect Wireless Pivots
• DEF CON 25 (2017) / The Black Art of Wireless Post Exploitation
• BSidesLV 2017 / The Black Art of Wireless Post-Exploitation: Bypassing Port-Based Access Controls Using Indirect Wireless Pivots