When attacking an 802.11 network that uses 802.1X Enterprise authentication it is key to know what Extensible Authentication Protocol (EAP) type is being used to authenticate the client. The EAP type used by the network will greatly influence which attacks can be successfully launched to gain access to the network. Until now there have been very few tools designed specifically for attacking these types of networks. During this talk attendees will learn how enterprise authentication works, how to manually determine the EAP type and what other useful data can be learned by examining an EAP handshake. Finally the EAPeak suite of tools will be released with new components that facilitate actively enumerating EAP types on wireless networks as well as EAPwn, a Python powered soft-AP designed as an all inclusive tool for client side EAP related attacks.
Spencer J. McIntyre / ZeroSteiner
as Spencer McIntyre
Spencer McIntyre is a Staff consultant at SecureState LLC where he is a part of the penetration testing team and works on research and development projects. Spencer has been avid in the security community for a few years, and is an active developer.