You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
During an assessment I had problems within a PEAP communication, but as the TLS tunnel was created using DH to share keys I wasn't able to decrypt the tunnel.
Anyway, I finally discovered that if in hostapd-wpe you comment the line where the DH file is indicated (the dh_file=/path/to/dh_params line) the TLS tunnel is created sharing keys via RSA and you can easily decrypt that tunnel with Wireshark using the servers private key.
Describe the solution you'd like
I would like that eaphammer implement this behaviour by default (if the author considers that this won't suppose any security issue).
Describe alternatives you've considered
Create an eaphammer parameter to indicate when you want this behaviour
Add this behaviour to --debug
Additional context
I suppose that this would also be useful to decrypt EAP-TTLS tunnels, but I haven't tried it yet.
Thank you very much for the tool and for your time.
The text was updated successfully, but these errors were encountered:
During an assessment I had problems within a PEAP communication, but as the TLS tunnel was created using DH to share keys I wasn't able to decrypt the tunnel.
Anyway, I finally discovered that if in hostapd-wpe you comment the line where the DH file is indicated (the
dh_file=/path/to/dh_params
line) the TLS tunnel is created sharing keys via RSA and you can easily decrypt that tunnel with Wireshark using the servers private key.Describe the solution you'd like
I would like that eaphammer implement this behaviour by default (if the author considers that this won't suppose any security issue).
Describe alternatives you've considered
--debug
Additional context
I suppose that this would also be useful to decrypt EAP-TTLS tunnels, but I haven't tried it yet.
Thank you very much for the tool and for your time.
The text was updated successfully, but these errors were encountered: