And the winner is…
If you haven’t been following along, I ran a contest over the past week for the best wireless pen testing tip or trick.
As promised, I will be pre-ordering a copy of “Wireless Hacking Exposed” for Andrew.
Here was Andrews submission for the contest:
To PenTest WPA2 secured wireless networks, setup a honeypot AP and a Free-RADIUS WPE (wifi pwnage edition by Josh Wright) to harvest EAP/MS-CHAP credential hashes from improperly secured client devices which are not validating the RADIUS server. Then use John the Ripper or similar password cracking tool to crack the user password using a dictionary attack.
If you want more of Andrew’s wisdom, you can also check out his blog, “Revolution Wi-Fi” – It has some quality content.