FORUMS

[Q] How to include the subject_match option in WPA Enterprise configuration?

1 posts
Thanks Meter: 0
 
By xamor, Junior Member on 9th August 2014, 02:07 AM
Post Reply Subscribe to Thread Email Thread
Hey,

There is a big security issue on WPA2 Enterprise (802.1x) configuration in Android. The GUI offers no way to set the sebject_match option for the certificate so it is possible to install an fake Radius server and fish user credentials even there is set a cetificate in the Wifi configuration.
As far as i know it is possible to set the subject match option manual in the wpa_supplicant.conf but this is only possible on rooted devices and not on all rooted devices. I have found out that there is the option in the wifienterpriseconfig.java. The answer of google for that beheavior is "this works as intended".

My question is now, is there a way to write a app to configure wificonnections without root privileges which includes the subject_match option and has anyone experience with that?
 
 
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes