EAP-PEAP-MSCHAPv2: Why should I (not) use it? - Part 1 -

This video is part 1 of 2 on attack methods on EAP-PEAP-MSCHAPv2. In this part, you will see what is MSCHAPv2 and how is it used with WPA2 Enterprise for WLAN authentication. Then we will check how to lure clients into a rogue authentication server and how the different clients respond to that. Some clients will just happily connect, revealing its username and handshakes of the password. Other clients prompt the user if they accept the new certificate; with more or less description depending on the client. In part 2, we will use the captured handshakes to gain access to the network. Please note: I'm not claiming anything new here; this information has been out for years. I just took the effort to summarize it and put it in a demo.