1

I have a work network which is an EAP enterprise WiFi network using PEAP and MSCHAPv2. I unfortunately don't have the CA certificate for the network, which presumably makes it trivial to harvest my credentials by spoofing the network.

Is there a way for me to fetch the CA presented by the WiFi network so I can set it as the CA certificate to prevent spoofing?

EDIT: According to Wikipedia on PEAP, the WiFi server uses a CA for signing its server-side certificate for trust:

A CA certificate must be used at each client to authenticate the server to each client before the client submits authentication credentials. If the CA certificate is not validated, in general it is trivial to introduce a fake Wireless Access Point which then allows gathering of MS-CHAPv2 handshakes.[9]

I need to get this CA certificate somehow from the server, as I'm sure it issues a certificate chain with the server public key certificate and the CA public key certificate. Presently it is configured without a CA certificate, allowing arbitrary spoofing:

enter image description here

Naftuli Kay
  • 38,686
  • 85
  • 220
  • 311
  • 1
    Which certificate? You are talking about PEAP, not ttls – Rui F Ribeiro Feb 08 '19 at 19:07
  • Please see my edits above. According to Wikipedia on PEAP, server-side certificates are still used and they're signed by a common CA. I'd like to get that CA certificate somehow so I can make sure I'm not victim to spoofing. – Naftuli Kay Feb 08 '19 at 19:24
  • Are you sure the server uses a certificate signed by a common CA? It is not uncommon to use self-signed certificates (the presented certificate is the CA certificate in this case only). – Hermann Feb 08 '19 at 19:30
  • Is there a way for me to determine this from a client perspective? – Naftuli Kay Feb 08 '19 at 20:49
  • Rather than searching for a way to get the CA certificate, look for a way to get the server's certificate. If you inspect the server's certificate it should state who (which CA if any) signed it. – Philip Couling Feb 08 '19 at 22:32

1 Answers1

1

Yes, it is possible to extract the certificate presented by the network.

There might be some easier ways to do it, but I just checked that it is possible to extract it using Wireshark. You have to capture the 802.1X authentication. You should be able to find the “Extensible Authentication Protocol” communication, with “Transport Layer Security” content and a “TLSv1 Record Layer: Handshake Protocol: Certificate” record. That record may contain one or several certificates. In the example below, only one certificate is given.

Screenshot of Wireshark

If you right-click on this certificate, you can “Export Packet Bytes…” and save it as certificate.der.

Then you have your certificate in standard DER format. You can for example check its content with openssl x509 -inform DER -in certificate.der -text -noout.

user2233709
  • 1,549
  • 9
  • 18