Network Access Control
EAP- MD5
The authentication server sends a challenge to the supplicant, and the supplicant sends a response in the form of an MD5 hash (calculated by using an identifier, challenge value, and user password). The server performs the same calculation, and if the hashes match, the supplicant is authenticated.
EAP- TLS
The authentication server and supplicant establish a TLS session. The supplicant validates the X.509 certificate of the authentication server, and vice versa. By performing mutual authentication using certificates, passwords are not used.
PEAP
The supplicant and authentication server establish an authenticated TLS tunnel. MS-CHAPv2 challenge/response is used over TLS to authenticate the supplicant using the user’s credentials (i.e., username and password).
Attacking:
EAP-MD5:
eapmd5pass –r pcap.dump –w /usr/share/wordlist/sqlmap.txtPEAP
see WPA Enterprisefor hostapd-mana setup
Last updated