Wireless Security
Creating a fake AP for FreeRadius-WPE hacks Jul 07 2011 07:32PM
John Nash (rootsecurityfreak gmail com) (2 replies)
Re: Creating a fake AP for FreeRadius-WPE hacks Jul 08 2011 12:44PM
jmk (jmk foofus net)
On Fri, 2011-07-08 at 01:02 +0530, John Nash wrote:
> I am trying to create a setup so I can do a PEAP MITM attack.
>
> I want to setup a fake access point which uses my fake radius server
> running Freeradius-wpe. Would airbase-ng work for this? My first
> reaction is no, as it has no configuration option for a Radius server
> to communicate with.
>
> How do I create this entire setup on my BT instance then? without
> having to use a real access point.
>
> Can someone please help.
>
> jn

I had played with this approach a while back and couldn't figure out a
way to get airbase-ng to play with FreeRadius-WPE. I ended up modifying
hostapd to both log PEAP exchanges and perform Karma-style answer any
probe responses. I haven't had an opportunity to test this attack at
many clients, but it seemed to work in the lab. IIRC, I ended up
purchasing a certificate to get around Win7 complaining when it
connects.

Feel free to give my patch a try:

http://www.foofus.net/?page_id=115

Please let me know if it works or you run into issues.

Thanks,
Joe

[ reply ]
Re: Creating a fake AP for FreeRadius-WPE hacks Jul 08 2011 09:51AM
Archangel Amael (archangel amael gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus