802.1x and Beyond!

By Brad Antoniewicz

IEEE 802.1x has been leveraged for a long time for authentication purposes. Up until this point, little has been done to help researchers expose vulnerabilities within the systems that implement the protocol. In this talk, we'll dissect IEEE 802.1x, its surrounding protocols (RADIUS/EAP), provide testing tools, and detail a number of vulnerabilities identified in popular supporting systems. We'll wrap up demonstrating a vulnerability within a RADIUS server that allows for remote code execution over 802.11 wireless using WPA Enterprise before the user is authorized to join the network.





Comments

Popular posts from this blog

Thiết lập card không dây trên Kali Linux

Monitor mode

Giới thiệu - Scapy