Comments (7)
from hostapd-mana.
Hi,
Did you find how to make EAP dumb-down attack works in hostapd-mana? Y see that the android device just try to use MSCHAPv2 instead of GTC, even when it does not have 2phase authentication method selected.
WIth freeradius-wpe I can make this attack works, but not with hostpad-mana.
Regards
from hostapd-mana.
I believe it was by changing the order of methods in the hostapd.eap_user file..
from hostapd-mana.
Hi,
Thanks for the reply, do you have an example file I can see?
I am not hable to make this attack works..
Maybe is using this line of configuration?:
"t" PEAP,GTC,TTLS-MSCHAPV2,MSCHAPV2,MD5,TTLS-PAP,TTLS-CHAP,TTLS-MSCHAP,TTLS "1234test" [2]
Regards
from hostapd-mana.
I log PAP plaintext, not GTC. Will add it. Thanks.
from hostapd-mana.
https://twitter.com/W00Tock/status/1019251419310972930
Edit file "hostapd-wpe.eap_user" (You can replace PEAP with FAST)
PEAP [ver=1]
"t" GTC "password" [2]
./hostapd-wpe hostapd-wpe.conf -ddddd
-snip- EAP-GTC: Response password: -snip-
By configuring the eap)user file, you can request from Apple and Android devices a GTC clear text password - which is shown in the debug console, but is currently not logged.
Thanks Singe, thought this might help you find that bug...
from hostapd-mana.
Thanks everyone. I now log GTC, you can see the code at https://github.com/sensepost/hostapd-mana/blob/master/src/eap_server/eap_server.c#L2136
from hostapd-mana.
Related Issues (20)
- Feature request - PEAP/MSCHAPv2 MITM (relaying) HOT 2
- error when using 'make -C hostapd-mana' HOT 2
- Stuck in 'obtaining ip address' when trying to connect to the AP HOT 1
- libssl.so.1.0.0 Not Found HOT 4
- Multiple BSS with Hostapd HOT 3
- [WPA-EAP] client cannot join EAPOL TX: Message too long HOT 1
- client connected but hash not captured HOT 2
- is this possible !!!!!!!!!!!!!!!!?????
- no_probe_resp_if_max_sta = 0 not working
- Feature request: Logging EAP Identity
- ACL Bug: MAC Address Bitmasks Ignored After VLAN ID
- ACL Bug: Bitmasks Break Binary Search
- Segmentation fault using with sycophant HOT 11
- Berate_ap gets stuck on internet sharing method nat. No ap created, kali nethunter
- WPA/2 Pre-shared Key (PSK) Networks HOT 1
- Python 3 support?
- Error Handling Directed Probes HOT 1
- ld returned 1 exit status HOT 3
- . HOT 2
- .
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hostapd-mana.