Pablo Guides

# FreeRADIUS Pentest Course – Section 1: Introduction and Installation

## Introduction to FreeRADIUS

FreeRADIUS is one of the most popular and robust open-source RADIUS servers available. It is widely used to provide centralized Authentication, Authorization, and Accounting (AAA) services for users. In the world of penetration testing, FreeRADIUS can be an essential tool for assessing the security of network environments, especially those involving WiFi access points, VPN servers, and more. This course will guide you through the process of installing, configuring, and using FreeRADIUS as part of your penetration testing toolbox.

## Installation of FreeRADIUS on Kali Linux

### Step 1: Update Your Kali Linux System

Before installing any new software, it is recommended to ensure that your Kali Linux system is up to date. You can do this by running the following commands in your terminal:

"`bash
sudo apt update
sudo apt upgrade -y
"`

### Step 2: Install FreeRADIUS

Kali Linux provides a straightforward way to install FreeRADIUS using the APT package manager. You can install FreeRADIUS with the following command:

"`bash
sudo apt install freeradius -y
"`

### Step 3: Verify Installation

After the installation is complete, you can verify that FreeRADIUS has been installed correctly by checking its version:

"`bash
freeradius -v
"`

### Step 4: Start FreeRADIUS Service

To start the FreeRADIUS server, you can use the following command:

"`bash
sudo systemctl start freeradius
"`

To ensure the service starts automatically on boot, use:

"`bash
sudo systemctl enable freeradius
"`

### Step 5: Check Service Status

You can confirm that FreeRADIUS is running by checking its status:

"`bash
sudo systemctl status freeradius
"`

You should see an output indicating that the FreeRADIUS service is active and running.

## Configuration of FreeRADIUS

FreeRADIUS configuration files are located in the `/etc/freeradius/3.0/` directory (the version number may change based on updates). The main configuration files you will work with are:

– `clients.conf`: Defines the client systems that will communicate with the FreeRADIUS server.
– `users`: Contains user account details for authentication.
– `radiusd.conf`: The main configuration file for FreeRADIUS.

### Step 1: Configure Clients

Edit the `clients.conf` file:

"`bash
sudo nano /etc/freeradius/3.0/clients.conf
"`

Add the following example configuration for a client:

"`plaintext
client localhost {
ipaddr = 127.0.0.1
secret = testing123
neded=3
}
"`

This configuration allows the localhost to connect to the FreeRADIUS server using the shared secret `testing123`.

### Step 2: Configure Users

Edit the users file:

"`bash
sudo nano /etc/freeradius/3.0/users
"`

Add a user for testing purposes:

"`plaintext
testuser Cleartext-Password := "password123"
"`

This creates a user named `testuser` with the password `password123`.

### Step 3: Restart FreeRADIUS

After making changes to the configuration files, restart the FreeRADIUS service for the changes to take effect:

"`bash
sudo systemctl restart freeradius
"`

## Step-by-Step Usage and Real-World Use Cases

### Basic Authentication Test

#### Step 1: Using `radtest`

One of the easiest ways to test your FreeRADIUS setup is to use the `radtest` command. This command sends an authentication request to the RADIUS server.

"`bash
radtest testuser password123 localhost 0 testing123
"`

If everything is configured correctly, you should receive an `Access-Accept` response:

"`plaintext
Sending Access-Request of id 171 to 127.0.0.1:1812
User-Name = "testuser"
User-Password = "password123"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Received Access-Accept id=171 from 127.0.0.1:1812 length=20
"`

### Real-World Use Case: WiFi Authentication

FreeRADIUS is commonly used for WiFi authentication in enterprise environments. Let’s look at how it can be configured to work with WPA/WPA2 enterprise networks.

#### Step 1: Install Required Packages

You may need to install additional packages to enable FreeRADIUS to work with WPA/WPA2:

"`bash
sudo apt install freeradius-wpe freeradius-utils
"`

#### Step 2: Configure EAP

Edit the `eap.conf` file, typically located in `/etc/freeradius/3.0/mods-available/`:

"`bash
sudo nano /etc/freeradius/3.0/mods-available/eap
"`

You may want to adjust the configuration according to your needs, including different EAP methods.

#### Step 3: Link EAP Module

Make sure the EAP module is enabled by creating a symbolic link in the `mods-enabled` directory:

"`bash
sudo ln -s /etc/freeradius/3.0/mods-available/eap /etc/freeradius/3.0/mods-enabled/
"`

#### Step 4: Restart FreeRADIUS

After updating the EAP configuration, restart the service:

"`bash
sudo systemctl restart freeradius
"`

#### Step 5: Setting Up the Supplicant

On the client device (Windows, macOS, Linux, or mobile), configure the wireless network to use WPA2-Enterprise and specify the RADIUS server's IP, port (1812), and the shared secret.

### External Reference Links

– [FreeRADIUS Official Documentation](https://freeradius.org/documentation/)
– [Kali Linux Documentation](https://www.kali.org/docs/)
– [OWASP Guide to RADIUS Security](https://owasp.org/www-project-top-ten/)

### Conclusion

In this section, we have introduced FreeRADIUS, walked through its installation and basic configuration, and conducted a simple authentication test. We also explored how to configure FreeRADIUS for WiFi authentication, demonstrating its real-world application in network security.

In the next sections, we will dive deeper into FreeRADIUS features, advanced usage scenarios, and potential vulnerabilities to exploit during penetration testing.

Stay tuned for more in-depth lessons on mastering FreeRADIUS!

Made by pablo rotem / פבלו רותם