Jump to content

Wpa-enterprise + Arpspoofing - Is It Possible?


Recommended Posts

Posted

This is a simple question (I think) but one that I have not been able to find the answer to on Google. Maybe I am just using the wrong search terms.

We know that if someone can connect to a WEP or WPA-PSK network then he can ARPspoof it and become the MITM.

What I do not know is whether an individual who can connect to an WPA-ENTERPRISE network can also ARPspoof it.

Obviously on an ENTERPRISE network most people will have unique usernames and passwords whereas on a WPA-PSK or WEP network everyone is using the same password.

Is it possible to ARPspoof when on a WPA-ENTERPRISE network (assuming that you are connected to the network and have an IP address)?

Many thanks!

Posted

Although I've never tried it specifically with WPA enterprise, I'd think it would be possible. However, in my experience, usually beefy routers that are using 3rd party RADIUS servers have things like AP isolation enabled which will render a arpspoofing attack useless.

Just my opinion, but in a real life situation, I'd say you have a much higher probability of success by deauthenticating your target and getting them to connect to your own AP. Or connect to the real AP, and if it happens to be a weak router (which if it's using wpa enterprise it probably isn't) you can change some DNS settings. I don't like arpspoofing attacks because 1, they are hard to verify that they're actually working, 2, most browsers/anti-viri can see arpspoofing attacks and act accordingly, 3, to properly do it you need some halfway decent hardware which most laptops don't have.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...