[foofus-tools] Wireless Fun

jmk jmk at foofus.net
Fri Jul 16 13:53:16 PDT 2010


I've uploaded two wireless scripts/hacks I recently put together:

http://www.foofus.net/?page_id=115

* "Karma" PEAP-based AP

This is a patch to hostapd, which adds Karma-style auto-probe responses
and logging of PEAP/MSCHAPv2 challenge/response authentication attempts.
The goal is to test whether client machines, configured for their
corporate PEAP network, might accidentally connect to a rogue AP.
Authentication attempts are logged for use with John the Ripper
(MSCHAPv2 format). I should note that I had better results using a cheap
basic SSL certificate, than a self-signed one. Windows 7 seems pretty
picky. 

* EAP brute-force logon script

This script uses wpa_supplicant to perform logon attempts against LEAP
and PEAP networks. It's slow, but seems to work.

If people know of better tools floating around for these tasks, I'd love
to hear about them. If not, feel free to give these a try.

Joe




More information about the foofus-tools mailing list