BYO-Disaster and Why Corporate Wireless Security Still Sucks

DEF CON 21

Presented by: Josh Hoover, James Snodgrass
Date: Saturday August 03, 2013
Time: 16:00 - 16:45
Location: Track 1
Track: Track 1

Right when you thought this topic had been beaten to death, something new emerges. This horse isn’t dead yet! This talk will focus on a completely new vulnerability in the way some devices handle MsChapV2 and present some newer methods for capturing clear text credentials easily and without heavy processing power. We will walk you through a full attack against WPA2 enterprise networks using a special patched version of radius that makes this all possible. But wait, there’s more! Act now, by coming to the talk, and you’ll receive access to new automation tools to do a lot of the work for you. If you’re lazy like us and would like access to credentials without a math degree this talk is for you!

James Snodgrass

James Snodgrass enjoys pumping iron and flattening hats. His greatest aspiration in life is leveling his Ford truck and finding that next tight t-shirt.

Josh Hoover

Josh Hoover (@wishbone1138) has spent over a decade in computer security, focused on digital forensics and penetration testing. He has been attending DEF CON for 14 years but this is the first time he has ever spoken at one.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats