freeradius-wpe Package Description
A patch for the popular open-source FreeRADIUS implementation to demonstrate RADIUS impersonation vulnerabilities by Joshua Wright and Brad Antoniewicz. This patch adds the following functionality:
- Simplifies the setup of FreeRADIUS by adding all RFC1918 addresses as acceptable NAS devices;
- Simplifies the setup of EAP authentication by including support for all FreeRADIUS supported EAP types;
- Adds WPE logging in $prefix/var/log/radius/freeradius-server-wpe.log, can be controlled in radius.conf by changing the “wpelogfile” directive;
- Simplified the setup of user authentication with a default “users” file that accepts authentication for any username;
- Adds credential logging for multiple EAP types including PEAP, TTLS, LEAP, EAP-MD5, EAP-MSCHAPv2, PAP, CHAP and others
Source: http://www.willhackforsushi.com/?page_id=37
FreeRADIUS-WPE Homepage | Kali freeradius-wpe Repo
- Author: Joshua Wright and Brad Antoniewicz
- License: GPLv2
Tools included in the freeradius-wpe package
freeradius-wpe – FreeRadius Wireless Pawn Edition
root@kali:~# freeradius-wpe -h
Usage: freeradius [options]
Options:
-C Check configuration and exit.
-d <raddb> Set configuration directory (defaults to /etc/freeradius-wpe/3.0).
-D <dictdir> Set main dictionary directory (defaults to /usr/share/freeradius-wpe/dictionary).
-f Run as a foreground process, not a daemon.
-h Print this help message.
-i <ipaddr> Listen on ipaddr ONLY.
-l <log_file> Logging output will be written to this file.
-m On SIGINT or SIGQUIT clean up all used memory instead of just exiting.
-n <name> Read raddb/name.conf instead of raddb/radiusd.conf.
-p <port> Listen on port ONLY.
-P Always write out PID, even with -f.
-s Do not spawn child processes to handle requests (same as -ft).
-t Disable threads.
-v Print server version information.
-X Turn on full debugging (similar to -tfxxl stdout).
-x Turn on additional debugging (-xx gives more debugging).
Usage: freeradius [options]
Options:
-C Check configuration and exit.
-d <raddb> Set configuration directory (defaults to /etc/freeradius-wpe/3.0).
-D <dictdir> Set main dictionary directory (defaults to /usr/share/freeradius-wpe/dictionary).
-f Run as a foreground process, not a daemon.
-h Print this help message.
-i <ipaddr> Listen on ipaddr ONLY.
-l <log_file> Logging output will be written to this file.
-m On SIGINT or SIGQUIT clean up all used memory instead of just exiting.
-n <name> Read raddb/name.conf instead of raddb/radiusd.conf.
-p <port> Listen on port ONLY.
-P Always write out PID, even with -f.
-s Do not spawn child processes to handle requests (same as -ft).
-t Disable threads.
-v Print server version information.
-X Turn on full debugging (similar to -tfxxl stdout).
-x Turn on additional debugging (-xx gives more debugging).
ALL NEW FOR 2020

Penetration Testing with Kali Linux (PWK)
2X THE CONTENT
33% MORE LAB MACHINES