Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt

Use this file to discover all available pages before exploring further.

Overview

EAP-TLS authenticates using a client certificate instead of a password. More secure than PEAP, requires both the server CA certificate and a signed client certificate. Used in high-security enterprise environments.

Config File

wpa-enterprise-tls.conf: 
network={
    ssid="NETWORK-NAME"
    scan_ssid=1
    mode=0
    proto=RSN
    key_mgmt=WPA-EAP
    auth_alg=OPEN
    eap=TLS
    identity="DOMAIN\username"
    ca_cert="./ca.crt"
    client_cert="./client.crt"
    private_key="./client.key"
    private_key_passwd="keypassword"
}

Generate Client Certificate

If a CA and its private key are available (obtained during a rogue AP attack): 
openssl genrsa -out client.key 2048
openssl req -config client.conf -new -key client.key -out client.csr
openssl x509 -days 730 -extfile client.ext \
  -CA ca.crt -CAkey ca.key -CAserial ca.serial \
  -in client.csr -req -out client.crt

Connect

sudo wpa_supplicant -Dnl80211 -i <INTERFACE> -c wpa-enterprise-tls.conf
Get an IP address: 
sudo dhclient <INTERFACE> -v