Name Last modified Size Description
Parent Directory -
README.html 2020-01-26 01:16 3.6K
README.md 2020-01-26 01:16 1.9K
Updated patch for FreeRadius 3.0.20
More information about WPE can be found: http://www.willhackforsushi.com/?page_id=37
Supported and tested EAP Types/Inner Authentication Methods (others may also work):
apt-get install libssl-dev build-essential libtalloc-dev libpcre3-dev
apt-get install libsqlite3-dev libhiredis-dev libykclient-dev libyubikey-dev default-libmysqlclient-dev libcurl4-openssl-dev libperl-dev libpam0g-dev libcap-dev libmemcached-dev libgdbm-dev libiodbc2-dev libpq-dev libwbclient-dev libkrb5-dev libjson-c-dev freetds-dev libwbclient-sssd-dev samba-dev libiodbc2-dev
Run the following commands:
wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.20.tar.bz2
tar -xjf freeradius-server-3.0.20.tar.bz2
cd freeradius-server-3.0.20/
wget https://raw.githubusercontent.com/aircrack-ng/aircrack-ng/master/patches/wpe/freeradius-wpe/freeradius-wpe.patch
patch -Np1 -i freeradius-wpe.patch
./configure
make
make install
ldconfig
Start radiusd in a terminal:
radiusd -s -X
If it fails running and complains about OpenSSL being vulnerable, make sure OpenSSL is up to date. If you are using a recent distribution, most likely OpenSSL is patched, and you can safely allow it. In order to do so, edit /usr/local/etc/raddb/radiusd.conf and change allow_vulnerable_openssl from no to 'CVE-2016-6304' (with the single quotes).
Now, connect a client. Once a username/password is entered and the certificate accepted, information regarding that session will be stored in /usr/local/var/log/radius/freeradius-server-wpe.log.
Note: This file won't be created until the first client connects and authenticates to the access point.