The world of “Enterprise WLAN solutions” is full of obscure and “non-standard” elements and technologies. Cisco’s solutions are no exception here.

In this talk we will describe potential and practical attacks against components, network traffic and/or cryptographic material in different generations of their “Enterprise WLAN offerings”. This includes pretty standard attacks against management interfaces as well as some not-so-common insight how one of their proprietary protocols works (or fails, security-wise). As usual, a number of demos will add spice and some code will be released.

About Oliver Roeschke

Oliver Roeschke is a seasoned pentester and hacker with vast experience in corporate environments. Over the years he developed his own approach to attack technologies. For the last two years his research focuses on enterprise WLAN environments. Protocol design flaws and crucial implementation failures are most interesting for him to bring down security of large-scale WLAN deployments. In his free time he’s coding hacking tools that implement practical attacks on the vulnerabilities he found. Oliver is a frequent speaker at international security conferences and will happily share his knowledge with the audience.

** Note: Presenting with Daniel Mende (ERNW GmbH)