Using External CA Certs and Keys

If you happen to "stumble" across a valid CA certificate and private key, you can use these to create trusted SSL certificates. Note that the CA certificate and private key must be in PEM format. To do this, you need to use the --ca-cert and --ca-key flags as shown in the following example:

./eaphammer --cert-wizard create 
 --cn MySecureWiFi.biz 
 --ca-cert /path/to/ca.crt 
 --ca-key /path/to/ca.key

As with the creation of self-signed certs, the mandatory --cn flag is used to set the Common Name (CN) of the certificate. Additionally, all of the flags listed in the next section can be used to further configure the generated certificate.

If the CA certificate and private key have been combined into a single PEM file, the --ca-key flag can be omitted:

./eaphammer --cert-wizard create
 --cn MySecureWiFi.biz 
 --ca-cert /path/to/ca_cert_and_key.pem

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Using External CA Certs and Keys

EAPHammer Wiki

Home

Setup Guide

I. Kali Setup Instructions

II. Parrot OS (Security)

III. Ubuntu

IV. Other Distros

Usage Guide

I. x.509 Certificate Generation

II. Stealing RADIUS Credentials Using EAPHammer

III. Stealing AD Credentials Using Hostile Portal Attacks

IV. Indirect Wireless Pivots

V. Performing Captive Portal Attacks

VI. Attacking 802.11n Networks

VII. Hardware Modes

VIII. Attacking WPA EAP and WPA2 EAP Networks

IX. EAPHammer User Database

X. ESSID Cloaking

XI. Using Karma

XII. PMKID Attacks Against WPA PSK and WPA2 PSK Networks

XIII. Password Spraying

XIV. Cert Wizard

XV. Attacking Opportunistic Wireless Encryption

XVI. Protected Management Frames

XVII. ESSID Stripping Attacks

XVIII. Advanced Granular Controls

Acknowledgements

Clone this wiki locally