802.1x and Beyond!
By Brad Antoniewicz
IEEE 802.1x has been leveraged for a long time for authentication purposes. Up until this point, little has been done to help researchers expose vulnerabilities within the systems that implement the protocol. In this talk, we'll dissect IEEE 802.1x, its surrounding protocols (RADIUS/EAP), provide testing tools, and detail a number of vulnerabilities identified in popular supporting systems. We'll wrap up demonstrating a vulnerability within a RADIUS server that allows for remote code execution over 802.11 wireless using WPA Enterprise before the user is authorized to join the network.
Видео 802.1x and Beyond! канала Black Hat
IEEE 802.1x has been leveraged for a long time for authentication purposes. Up until this point, little has been done to help researchers expose vulnerabilities within the systems that implement the protocol. In this talk, we'll dissect IEEE 802.1x, its surrounding protocols (RADIUS/EAP), provide testing tools, and detail a number of vulnerabilities identified in popular supporting systems. We'll wrap up demonstrating a vulnerability within a RADIUS server that allows for remote code execution over 802.11 wireless using WPA Enterprise before the user is authorized to join the network.
Видео 802.1x and Beyond! канала Black Hat
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
How Smartcard Payment Systems Fail069 802 1x, MAB, EAP OverviewFreeRADIUS ServerWhat is 802.11ax Wi-Fi?Wireless Authentication and Key GenerationThe SolarWinds Hack And The Future Of Cyber EspionageINE Live Webinar: Configuring DOT1X and MABPort Security and 802.1X - CompTIA Security+ SY0-401: 1.2802.1Q and Trunking 101The kernel reportZoneDirector: Configuring 802.1x Authentication with RadiusBypassing Firewalls with DNS Tunnelling (Defence Evasion, Exfiltration and Command & Control)What is a DMZ? (Demilitarized Zone)Part 1: Radius Server for WiFi Authentication with Windows Server 2016MicroNugget: IPsec Site to Site VPN Tunnels Explained | CBT NuggetsLies and Damn Lies: Getting Past the Hype of Endpoint Security SolutionsDEF CON 26 - Gabriel Ryan - Bypassing Port Security In 2018 Defeating MacSEC and 802 1x 2010External authentication using AAA - Video By Sikandar Shaik || Dual CCIE (RS/SP) # 35012ForeScout Network Access ControlSetup FreeRADIUS on Kali Linux for 802.1X Authentication