Yet another shared secret mismatch issue
Herwin Weststrate
herwin at quarantainenet.nl
Thu Jul 12 09:25:25 CEST 2018
On 12-07-18 08:59, Alberto Martínez Setién via Freeradius-Users wrote:
> Hi all,
>
> I'm trying to configure hardware (MAC) auth using FreeRADIUS.
> It works nice with another provider, but on this new one seems to do shared
> secret signing wrong.
>
> Fri Jul 6 08:37:40 2018 : Info: Ready to process requests
> Fri Jul 6 08:37:50 2018 : Debug: (0) Received Access-Request Id 4 from
> 10.70.8.199:44611 to 172.16.250.2:8812 length 271
> Fri Jul 6 08:37:50 2018 : Info: Dropping packet without response because
> of error: Received packet from 10.70.8.199 with invalid
> Message-Authenticator! (Shared secret is incorrect.)
>
> (....)
>
>
> I have no doubt that FR does the right thing, and I'm sure that this is not
> a "maybe you didn't input the same secret in both places" issue. This is
> either a hardcoded secret (not their first time) or a bad implementation.
>
> They deny any wrongdoing on their part.
>
> I intend to prove that they are doing RADIUS secret wrong and have locate
> the fr_radius_verify function.
>
> My questions are:
> Can I brute force the secret somehow?
> Can I make my point to them somehow else?
https://wifiphil.blogspot.com/2015/12/troubleshooting-decrypt-radius-packets.html
You could use that to decrypt the User-Password attribute. If it turn
out like garbage it probably used a different shared secret than you
configured.
--
Herwin Weststrate
More information about the Freeradius-Users
mailing list