silentbridge

by Gabriel Ryan (@s0lst1c3) @ SpecterOps ([email protected])

Overview

Silentbridge is a toolkit for quickly bypassing 802.1x port security first presented at DEF CON 26. It provides the first documented means of bypassing 802.1x-2010 via its authentication process, as well as improvements to existing techniques for bypassing 802.1x-2004.

You can check out the accompanying whitepaper at https://www.researchgate.net/publication/327402715_Bypassing_Port_Security_In_2018_-_Defeating_MACsec_and_8021x-2010.

Getting Started

For usage and setup instructions, please refer to the project's wiki page:

• https://github.com/s0lst1c3/silentbridge/wiki

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.

Contributing

Contributions are encouraged and more than welcome. Guidelines for creating pull requests and reporting issues can be found in CONTRIBUTING.md.

Versioning

We use SemVer for versioning. For the versions available, see https://github.com/s0lst1c3/silentbridge/tags.

License

This project is licensed under the GNU Public License 3.0 - see the LICENSE.md file for details.

Acknowledgments

This tool either builds upon, is inspired by, or directly incorporates over ten years of prior research and development from the following awesome people:

• Steve Riley - Hub-based 802.1x-2004 bypass
• Alva Duckwall - Bridge-based 802.1x-2004 bypass
• Abb - Tap-based 802.1x-2004 bypass
• Valerian Legrand - Injection-based 802.1x-2004 bypass
• Josh Wright and Brad Antoniewicz - Attacks Against Weak EAP Methods
• Dom White and Ian de Villier - More Attacks Against Weak EAP Methods
• Moxie Marlinspike and David Hulton - Attacks Against MS-CHAPv2

Additional thanks to @LargeCardinal for convincing me to actually follow through with this idea.