breakstuff Posted December 7, 2018 Share Posted December 7, 2018 I'm pentesting a hidden WPA2 802.1x RADIUS network. I was able to get the SSID name, but I don't know the other settings I would need to connect, like whether it is using PEAP, etc. Is there a method to determine those settings on a hidden network, or would it just come down to trying different ones along with different username/password combinations and hoping for the best? Quote Link to comment Share on other sites More sharing options...
digininja Posted December 7, 2018 Share Posted December 7, 2018 I've never had to do it but I'd assume you could probably work it out by sniffing authentication traffic. Each of the main types should have distinct fingerprints, for example looking for anonymous usernames Vs real usernames in the visible traffic. I'd also look at their network and base a guess on that, eg if they are a committed Microsoft shop then it is probably PEAP and CHAP. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.