Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Exchange TLS symmetric keys via RSA instead of DH to debug/inspect PEAP and EAP-TTLS tunnels #134

Open
carlospolop opened this issue Jan 10, 2020 · 1 comment

Comments

@carlospolop
Copy link

During an assessment I had problems within a PEAP communication, but as the TLS tunnel was created using DH to share keys I wasn't able to decrypt the tunnel.
Anyway, I finally discovered that if in hostapd-wpe you comment the line where the DH file is indicated (the dh_file=/path/to/dh_params line) the TLS tunnel is created sharing keys via RSA and you can easily decrypt that tunnel with Wireshark using the servers private key.

Describe the solution you'd like
I would like that eaphammer implement this behaviour by default (if the author considers that this won't suppose any security issue).

Describe alternatives you've considered

  • Create an eaphammer parameter to indicate when you want this behaviour
  • Add this behaviour to --debug

Additional context
I suppose that this would also be useful to decrypt EAP-TTLS tunnels, but I haven't tried it yet.

Thank you very much for the tool and for your time.

@s0lst1c3
Copy link
Owner

This is awesome and will definitely be added in the future. Thanks for figuring this out!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants