Skip to content

Virtual machines and scripts to attack WPA2-Enterprise networks through Rogue Access Points downgrading the authentication method to GTC

Notifications You must be signed in to change notification settings

ricardojoserf/wpa2-enterprise-attack

Repository files navigation

WPA2-Enterprise: Rogue APs

Through these scripts it is possible to create Rogue or Fake Access Points and carry out an authentication downgrade attack against WPA and WPA2-Enterprise networks, obtaining passwords in hash format or cleartext (if GTC downgrade is successful).

Both the installation scripts, ISO files and virtual machines (in VMWare and VirtualBox format) are included.


ISO files and Virtual machines download

Operating system Platform Credentials Size Link
Ubuntu 16.04.5 VMware ricardojoserf:wifi 3.25 GB MEGA
Kali 2019.1 VMware root:wifi 4.99 GB MEGA
Ubuntu 16.04.5 VirtualBox (OVA) ricardojoserf:wifi 3.18 GB MEGA
Kali 2019.1 VirtualBox (OVA) root:wifi 5.56 GB MEGA

Hostapd & Freeradius-wpe

Start the Access Point using:

sh freeradius_wpe_init.sh $AP_NAME $INTERFACE

Or if you are using the virtual machine:

freeradiuswpe $AP_NAME $INTERFACE

Screenshot

When a client connects, read logs with:

sh freeradius_wpe_read.sh

Or if you are using the virtual machine:

readlog

Screenshot

Result:

Screenshot


Hostapd-wpe

Start the Access Point using:

sh hostapd_wpe_init.sh $AP_NAME $INTERFACE

Or if you are using the virtual machine:

start_wpe $AP_NAME $INTERFACE

Screenshot


Installation

In case you do not want to use the virtual machine, you can install everything using:

sh install.sh