by Gabriel Ryan (@s0lst1c3) @ SpecterOps (gryan@specterops.io)
Silentbridge is a toolkit for quickly bypassing 802.1x port security first presented at DEF CON 26. It provides the first documented means of bypassing 802.1x-2010 via its authentication process, as well as improvements to existing techniques for bypassing 802.1x-2004.
You can check out the accompanying whitepaper at https://www.researchgate.net/publication/327402715_Bypassing_Port_Security_In_2018_-_Defeating_MACsec_and_8021x-2010.
For usage and setup instructions, please refer to the project's wiki page:
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.
Contributions are encouraged and more than welcome. Guidelines for creating pull requests and reporting issues can be found in CONTRIBUTING.md.
We use SemVer for versioning. For the versions available, see https://github.com/s0lst1c3/silentbridge/tags.
This project is licensed under the GNU Public License 3.0 - see the LICENSE.md file for details.
This tool either builds upon, is inspired by, or directly incorporates over ten years of prior research and development from the following awesome people:
- Steve Riley - Hub-based 802.1x-2004 bypass
- Alva Duckwall - Bridge-based 802.1x-2004 bypass
- Abb - Tap-based 802.1x-2004 bypass
- Valerian Legrand - Injection-based 802.1x-2004 bypass
- Josh Wright and Brad Antoniewicz - Attacks Against Weak EAP Methods
- Dom White and Ian de Villier - More Attacks Against Weak EAP Methods
- Moxie Marlinspike and David Hulton - Attacks Against MS-CHAPv2
Additional thanks to @LargeCardinal for convincing me to actually follow through with this idea.