WiFi networks leverage various EAP types to authenticate wireless users. Many of these EAP installations are vulnerable to a variety of attacks, often revealing authentication credentials for users. In this presentation, the author will present attacks against multiple EAP types including PEAP and TTLS, demonstrating how an attacker can compromise these otherwise strong authentication mechanisms. Bio - Brad Antoniewicz Brad is a senior security consultant for Foundstone Professional Services where his focus is on wireless security assessments. In the past, Brad has also worked with businesses to deploy large scale 802.11 wireless networks particularly in highly stressful, dense environments. Overall, Brad is a big fan of the wifi, and enjoys long warwalks in commercial areas. Bio - Joshua Wright Joshua is the author of several tools designed to demonstrate vulnerabilities in wireless networks, an editor for the Wireless Vulnerabilities and Exploits (WVE) project, and a regular speaker at information security conferences. When not breaking wireless networks, Josh likes to work on his house, where he breaks things of a different sort.