802 1x and Beyond

Channel:
United States All Hacking Cons
Subscribers:
5,970
Published on ● Video Link: https://www.youtube.com/watch?v=1nd9hj-dCBg


Duration: 31:46
2 views
0

IEEE 802.1x has been leveraged for a long time for authentication purposes. Up until this point, little has been done to help researchers expose vulnerabilities within the systems that implement the protocol. In this talk, we'll dissect IEEE 802.1x, its surrounding protocols (RADIUS/EAP), provide testing tools, and detail a number of vulnerabilities identified in popular supporting systems. We'll wrap up demonstrating a vulnerability within a RADIUS server that allows for remote code execution over 802.11 wireless using WPA Enterprise before the user is authorized to join the network.

PRESENTED BY
Brad Antoniewicz

Black Hat - USA - 2014 Black Hat - USA - 2014 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-03Thinking Outside the Sandbox Violating Trust Boundaries in Uncommon Ways
2022-01-03Why Control System Cyber Security Sucks
2022-01-02The Networked Security State Estimation Toolkit
2022-01-02Cybersecurity as Realpolitik by Dan Geer presented at Black Hat USA 2014
2022-01-02BadUSB On Accessories that Turn Evil by Karsten Nohl Jakob Lell
2022-01-02Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces
2022-01-02Data Only Pwning Microsoft Windows Kernel
2022-01-0248 Dirty Little Secrets Cryptographers Don't Want You To Know
2022-01-02Defeating the Transparency Feature of DBI
2022-01-02Fingerprinting Web Application Platforms by Variations in PNG Implementations
2022-01-02802 1x and Beyond
2022-01-02From Attacks to Action Building a Usable Threat Model to Drive Defensive Choices
2022-01-02Bitcoin Transaction Malleability Theory in Practice
2022-01-02A Journey to Protect Points of Sale
2022-01-02Extreme Privilege Escalation on Windows 8 UEFI Systems
2022-01-02Babar ians at the Gate Data Protection at Massive Scale
2022-01-02Exposing Bootkits with BIOS Emulation
2022-01-02Attacking Mobile Broadband Modems Like a Criminal Would
2022-01-02Creating a Spider Goat Security with Intel CPU Transactional Memory Support
2022-01-02APT Attribution and DNS Profiling
2022-01-02Exploiting Unpatched iOS Vulnerabilities for Fun and Profit


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
virus
information
hack
online
password
code
web
concept
protection
network
scam
malware
secure
identity
criminal
phishing
software
access
safety
theft
system
firewall
communication
business
privacy
binary
account
programmer
program
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
Brad Antoniewicz