Index of /wpe/freeradius-wpe

Icon  Name                    Last modified      Size  Description
[PARENTDIR] Parent Directory - [TXT] README.html 2020-01-26 01:16 3.6K [   ] README.md 2020-01-26 01:16 1.9K [   ] freeradius-wpe.patch 2020-01-26 01:16 18K

FreeRadius Wireless Pawn Edition

Updated patch for FreeRadius 3.0.20

More information about WPE can be found: http://www.willhackforsushi.com/?page_id=37

Supported and tested EAP Types/Inner Authentication Methods (others may also work):

Installing

Dependencies

apt-get install libssl-dev build-essential libtalloc-dev libpcre3-dev

Optional dependencies

apt-get install libsqlite3-dev libhiredis-dev libykclient-dev libyubikey-dev default-libmysqlclient-dev libcurl4-openssl-dev libperl-dev libpam0g-dev libcap-dev libmemcached-dev libgdbm-dev libiodbc2-dev libpq-dev libwbclient-dev libkrb5-dev libjson-c-dev freetds-dev libwbclient-sssd-dev samba-dev libiodbc2-dev

Compilation

Run the following commands:

wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-3.0.20.tar.bz2
tar -xjf freeradius-server-3.0.20.tar.bz2
cd freeradius-server-3.0.20/
wget https://raw.githubusercontent.com/aircrack-ng/aircrack-ng/master/patches/wpe/freeradius-wpe/freeradius-wpe.patch
patch -Np1 -i freeradius-wpe.patch
./configure
make
make install
ldconfig

Running

Start radiusd in a terminal:

radiusd -s -X

If it fails running and complains about OpenSSL being vulnerable, make sure OpenSSL is up to date. If you are using a recent distribution, most likely OpenSSL is patched, and you can safely allow it. In order to do so, edit /usr/local/etc/raddb/radiusd.conf and change allow_vulnerable_openssl from no to 'CVE-2016-6304' (with the single quotes).

Now, connect a client. Once a username/password is entered and the certificate accepted, information regarding that session will be stored in /usr/local/var/log/radius/freeradius-server-wpe.log.

Note: This file won't be created until the first client connects and authenticates to the access point.