"The bigger they are, the harder they Fall." | ||
| --Popular Saying | ||
WPA-Enterprise has always had an aura of unbreakable ability around it. Most network administrators think of it as a panacea for all their wireless security problems. In this chapter, we will see that nothing could be further from the truth.
In this chapter, we will learn how to attack WPA-Enterprise using different tools and techniques available on Kali.
In this chapter, we will cover the following topics:
- Setting up FreeRADIUS-WPE
- Attacking PEAP on Windows clients
- Security best practices for Enterprises
We will need a RADIUS server for orchestrating WPA-Enterprise attacks. The most widely used open source RADIUS server is FreeRADIUS. However, setting it up is difficult and configuring it for each attack can be tedious.
Joshua Wright, a well-known security researcher, created a patch for FreeRADIUS that makes it easier to set up and conduct attacks. This patch was released as the FreeRADIUS-WPE (Wireless Pwnage Edition). Kali doesn't naturally come with FreeRADIUS-WPE, so you need to perform the following steps to set up FreeRADIUS-WPE:
- Navigate to https://github.com/brad-anton/freeradius-wpe and you will find the downloaded link at https://github.com/brad-anton/freeradius-wpe/raw/master/freeradius-server-wpe_2.1.12-1_i386.deb:
Once it is downloaded, install it with dpkg –i freeradius-server-wpe_2.1.12-1_i386.deb followed by ldconfig:
Let's now quickly set up the RADIUS server on Kali.