SecureState is releasing an updated version of EAPeak today. EAPeak is a suite of source tools to facilitate auditing of wireless networks that utilize the Extensible Authentication Protocol framework for authentication. It is meant to give useful information relating to the security of these networks for PenTesters to use while searching for vulnerabilities. Version 1.4 now includes additional features and multiple bug fixes. The new features introduced in Version 1.4 include support for viewing TLS certificates in EAPeak and a new tool in beta-status called EAPScan.
The certificate support within EAPeak now allows users to view details regarding what certificates certain EAP types are using. This can often aid an attacker in creating a malicious certificate by being able to imitate the original with authenticated information. In addition, EAPeak now has a certificate export wizard that can be used to write x509 certificates to files. The export wizard can export the certificates in either DER or PEM format for use and inspection with other utilities.
EAPScan, the other major addition in Version 1.4 of EAPeak, changes EAPeak from a standalone tool to a suite that begins to bridge the gap from passive analysis to active attacks. EAPScan is used for scanning wireless access points to determine what EAP types they are configured to use for authentication. The benefit of this approach is that the attacker can generate the traffic necessary to footprint the network without having any clients present. EAPScan also begins to introduce functionality for wireless frame injection that will continue to be used in future enhancements.
For more information on EAPeak, see the original blog post.
The EAPeak Suite