Jump to content

Determine 802.1x settings on hidden network


Recommended Posts

I'm pentesting a hidden WPA2 802.1x RADIUS network. I was able to get the SSID name, but I don't know the other settings I would need to connect, like whether it is using PEAP, etc. Is there a method to determine those settings on a hidden network, or would it just come down to trying different ones along with different username/password combinations and hoping for the best?

Link to comment
Share on other sites

I've never had to do it but I'd assume you could probably work it out by sniffing authentication traffic. Each of the main types should have distinct fingerprints, for example looking for anonymous usernames Vs real usernames in the visible traffic.

I'd also look at their network and base a guess on that, eg if they are a committed Microsoft shop then it is probably PEAP and CHAP.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...