On Windows OS, Can I only Use NT Hash for WPA-Enterprise PEAP-MSCHAPv2 Auth?












0















I am recently on a wireless network security assessment task for a enterprise client. They didn't apply the WPA-PEAP-MSCHAPv2 user authentication configuration correctly (stations don't validate the servers' identity) and I successfully intercepted the NETNTLM string by Evil Twin attack, cracked the string, got the NT hash and managed to join their wireless network from Kali Linux using the wpa-supplicant tool with the hash.



However, for reasons I don't know or understand, the client's IT manager insists it's not adequate PoC if I can only show him the evidence that Kali joined their network and asked me to show him that I got my Windows laptop into their network.



I did a lot of Googling trying to find out how to let Windows machine joining a wireless network only use the NT hash instead of the plaintext password but cannot find anything helpful. So I wonder if this is viable at all or I am just stuck on some questions too naive to be given an answer?



Thank you!










share|improve this question



























    0















    I am recently on a wireless network security assessment task for a enterprise client. They didn't apply the WPA-PEAP-MSCHAPv2 user authentication configuration correctly (stations don't validate the servers' identity) and I successfully intercepted the NETNTLM string by Evil Twin attack, cracked the string, got the NT hash and managed to join their wireless network from Kali Linux using the wpa-supplicant tool with the hash.



    However, for reasons I don't know or understand, the client's IT manager insists it's not adequate PoC if I can only show him the evidence that Kali joined their network and asked me to show him that I got my Windows laptop into their network.



    I did a lot of Googling trying to find out how to let Windows machine joining a wireless network only use the NT hash instead of the plaintext password but cannot find anything helpful. So I wonder if this is viable at all or I am just stuck on some questions too naive to be given an answer?



    Thank you!










    share|improve this question

























      0












      0








      0








      I am recently on a wireless network security assessment task for a enterprise client. They didn't apply the WPA-PEAP-MSCHAPv2 user authentication configuration correctly (stations don't validate the servers' identity) and I successfully intercepted the NETNTLM string by Evil Twin attack, cracked the string, got the NT hash and managed to join their wireless network from Kali Linux using the wpa-supplicant tool with the hash.



      However, for reasons I don't know or understand, the client's IT manager insists it's not adequate PoC if I can only show him the evidence that Kali joined their network and asked me to show him that I got my Windows laptop into their network.



      I did a lot of Googling trying to find out how to let Windows machine joining a wireless network only use the NT hash instead of the plaintext password but cannot find anything helpful. So I wonder if this is viable at all or I am just stuck on some questions too naive to be given an answer?



      Thank you!










      share|improve this question














      I am recently on a wireless network security assessment task for a enterprise client. They didn't apply the WPA-PEAP-MSCHAPv2 user authentication configuration correctly (stations don't validate the servers' identity) and I successfully intercepted the NETNTLM string by Evil Twin attack, cracked the string, got the NT hash and managed to join their wireless network from Kali Linux using the wpa-supplicant tool with the hash.



      However, for reasons I don't know or understand, the client's IT manager insists it's not adequate PoC if I can only show him the evidence that Kali joined their network and asked me to show him that I got my Windows laptop into their network.



      I did a lot of Googling trying to find out how to let Windows machine joining a wireless network only use the NT hash instead of the plaintext password but cannot find anything helpful. So I wonder if this is viable at all or I am just stuck on some questions too naive to be given an answer?



      Thank you!







      windows wireless-networking security wpa-supplicant eap-mschapv2






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Jan 31 at 2:39









      hubbeshubbes

      11




      11






















          0






          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1400355%2fon-windows-os-can-i-only-use-nt-hash-for-wpa-enterprise-peap-mschapv2-auth%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1400355%2fon-windows-os-can-i-only-use-nt-hash-for-wpa-enterprise-peap-mschapv2-auth%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Probability when a professor distributes a quiz and homework assignment to a class of n students.

          Aardman Animations

          Are they similar matrix