[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4752: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4754: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4755: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4756: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
Sethioz Industries Forum • View topic - WPS - Crack any WPA/WPA2/WEP access point / router

WPS - Crack any WPA/WPA2/WEP access point / router

Learn how to test your wireless network security. Is your mobile phone safe to talk on? Is DSL internet really 100% safe or can it be hacked?!

WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Thu Aug 15, 2013 8:05 pm

WPS attacks have been possible since 2011 Dec already, but i just wrote a quick wiki article on how to attack WPS enabled stations
See on how it can be done, that article is not very detailed, but should be enough to get you going. Maybe in future i will add screenshots to it.

UPDATE:
There's a new method to hack WPS, check out the "pixie dust" method for more info. It's a way to crack WPS pin based on the info that router gives during the first WPS pin attempt, it appears that the WPS pins are not randomly generated and it can be calculated based on the info, not all the routers are vulnerable tho. Just check out Pixie Dust and tool is called pixiewps
there's also auto pixie (or autopixie) that does it automatically, but those tools are in beta and work on only very few routers, mostly on routers available in US i think.
User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby iyass092 » Mon Nov 25, 2013 11:17 am

i need the code for reaver , mean the new one that your freind worte it
thankx
iyass092
Newbie..
Newbie..
 
Posts: 1
Joined: Mon Nov 25, 2013 11:16 am

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Mon Nov 25, 2013 1:06 pm

ok, will post it within 48h. have to get it from the laptop first.
User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sucher » Tue Dec 10, 2013 9:01 am

Man, I stumbled across your tutorial on wps and would like to get that code as well. Thanks.
Sucher
Newbie..
Newbie..
 
Posts: 1
Joined: Tue Dec 10, 2013 8:56 am

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Tue Dec 10, 2013 2:46 pm

Attachments
ryreaver-reverse.rar
(169.1 KiB) Downloaded 7351 times
User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby GALAXYLANG » Sat Jan 25, 2014 5:03 pm

can give me the code?
galaxylang@gmail.com
GALAXYLANG
Newbie..
Newbie..
 
Posts: 1
Joined: Sat Jan 25, 2014 4:46 pm

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Mon Jan 27, 2014 5:31 am

it's attached in previous post, are you blind?
User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby fonzy35 » Sat Feb 01, 2014 7:56 am

Thanks for the code.. I'm all new to linux kali, maybe 3 weeks. How do I make it run, do i have to rebuild the kernel so that he can see ryreaver-reverse to run it?

Thank again for the program
fonzy35
Newbie..
Newbie..
 
Posts: 2
Joined: Sat Feb 01, 2014 7:37 am

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Sat Feb 01, 2014 7:39 pm

dude stop being stupid, it's in previous posts how to run it. what's wrong with you?
User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby fonzy35 » Sat Feb 01, 2014 8:49 pm

fonzy35
Newbie..
Newbie..
 
Posts: 2
Joined: Sat Feb 01, 2014 7:37 am

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Sun Feb 02, 2014 8:39 am

what exactly didn't work on kali?
i tested it on BT5, worked fine.

yes to learn, but not to ask things that have been explained.
User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby shehroz » Tue Feb 18, 2014 11:05 pm

sorry i know that this post is quite old, i am new to reaver and lunix. I would like to know how to use the code of the nwe reaver. I was not able to understand it from the above post, I would greatly appreciate if someone tell it step by step, thanks in advance.
shehroz
Newbie..
Newbie..
 
Posts: 2
Joined: Tue Feb 18, 2014 11:01 pm

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Wed Feb 19, 2014 5:42 pm

User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby shehroz » Sat Feb 22, 2014 12:57 am

i am really sorry but i am having a bit of problem. As in the above Post it is said by sethizo that it is good to use a linux's that has reaver per-installed, so i downloaded BT5R3 and make a directory for ryreaver-reverse as cd /root/Desktop/modifiedreaver/ and place ryreaver-reverse file here after i opened a terminal and according to the above post i first started my wireless card in monitor mode and then typed whole command "cd /root/Desktop/modifiedreaver/ryreaver-reverse" in the terminal and it gave me an error "(cd /root/Desktop/modifiedreaver/ryreaver-reverse is not a directory)" then i just navigated to the folder where the ryreaver-reverse file was present i.e (cd /root/Desktop/modifiedreaver) and typed ryreaver-reverse --bssid xx:xx:xx:xx:xx -c X -vv -i mon0 and i got a error "command not found"

i am sorry if a am not able to make myself clear but i did what i understood from the post above. I would appreciate any help that what i did wrong and guide me correct. Thanks in Advance
shehroz
Newbie..
Newbie..
 
Posts: 2
Joined: Tue Feb 18, 2014 11:01 pm

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Sat Feb 22, 2014 9:43 pm

User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby flyinghaggis » Thu Feb 27, 2014 6:26 pm

Hi, managed to get this working (ryreaver-reaver) enventually.

One problem though, I am unable to save/restart a session. Which is a little inconvenient should I need to shut
the computer down. Doing this just starts the pin from the beginning again.

Even editing the wpc file does not help. Is it possible for your friend to write this back into the programme or
do you have a suggestion on how I can resume a session?

Rab.
flyinghaggis
Newbie..
Newbie..
 
Posts: 2
Joined: Thu Feb 27, 2014 6:20 pm

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Thu Feb 27, 2014 7:13 pm

hmm that's odd. Well his not around at the time, he should be back maybe in 2-3 months.
He wrote it, because we had a problem that Reaver found the first 4 digits of the pin, but it was unable to find the last 3 digits.
WPS pin works like this:
4 digits = first part of WPS pin
3 digits = second part of WPS pin
1 digit = checksum of 7 previous digits

So checksum is automatically calculated based on first 7 digits.
Even tho we ran it thru like 2-3 times, reaver did not find last 3+1 digits. So he re-wrote it and then ran the command, obviously it needed only 999 tries and it did it in less than day, so we never had to resume and never tested. It found the pin just fine tho.
User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby flyinghaggis » Fri Feb 28, 2014 6:34 am

aye - but depending on the router - some can run without being locked.

The one I am trying at the moment I have set at a delay of 10 and a wait of 30 after 3 tries - taking forever lol, due in the
main to previous failures.

I had to restart the comp as I wished to transfer this to my lappy and run it directly from there as it is supposed to run better
(was running it through a vm). Copied the wpc to lappy and placed in same folder as proggy (root) but did not resume.

It's not a big problem now that I know the behaviour.

Sorry to hear about your mate maybe he can look into this when he gets back - hope he gets out early with good behaviour psml

I agree with one of your earlier posts concerning the Virgin Modems and the behaviour of the wps. This works on the earlier firmware r19 but
as soon as I upgrade the pin fails.

Will maybe try running it without the delays in future and see what happens.

Rab.
flyinghaggis
Newbie..
Newbie..
 
Posts: 2
Joined: Thu Feb 27, 2014 6:20 pm

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby Sethioz » Fri Feb 28, 2014 6:36 pm

It's taken me like a week to crack some of WPS pins. There are TALKTALK routers that keep failing for no reason, maybe some incompatibility issues, no idea. It works 100%, just keeps failing too often.

If you want to continue a session, find the file where reaver saves the session. It's usually a file with mac address of the station. not sure where it is tho, you have to search for "reaver" and you'll find it. in that file, first 4 digits specifies where it left the pin. It only saves first 4 digits.
So you can also resume manually by changing the reaver file, in which order it takes the pins from. you just delete from beginning to that point and it will try the remaining pins. so its one solution for "resuming" the session, but for that, you have to manually do it and remember where session was left.

lol you have some messed up mind, he's actually travelling, he said he'll be back before summer, but don't know when.

as far as i know, all the routers will unlock themselves after some time, but for some, that delay is like 2-3 days. so if you doing it on a router you're not suppose to, you gotta wait until it unlocks. then increase the delay between pin attempts and run it again. I've had to use delay as big as 300 seconds, its a lot, but it isn't THAT much. It should be less than month. However if router has 8 digit password (upper or lower alpha only) and you have good enough PC, you can just take a whack at the handshake.
but yeah, virginmedia routers do not have WPS enabled. it says it is, but it isn't. If you go into settings, you will notice it. You'd have to enable the WPS pin entering. I mean WPS is enabled, but its on the "push the button" mode, so in order to connect via WPS, you have to hold the button down on router and on the WPS capable wifi card. .. not sure how it works tho, i thought that doing that, it just uses that same PIN, maybe it just enables it for that short time, like enables it for 1 minute when you press the button and then disables it.
as far as i know, WPS button just enters the pin automatically for both devices, that's all. If you have virginmedia router, go ahead and test. hold WPS button (like it says in manual in order to connect) and at same time, use reaver to try and crack the WPS pin (use specific pin, look it from router settings). It should crack it during that time.
User avatar
Sethioz
Admin
Admin
 
Posts: 4766
Joined: Fri Jul 27, 2007 5:11 pm
Location: unknown

Re: WPS - Crack any WPA/WPA2/WEP access point / router

Postby bambito » Wed Mar 05, 2014 12:12 pm

Can I get the source as this is not statically linked. The version of libpcap (0.8.x) it's linked against is over a decade old. Thanks!
bambito
Newbie..
Newbie..
 
Posts: 1
Joined: Wed Mar 05, 2014 12:06 pm

Next

Return to Wireless / Network / Internet / Mobile > Hacking / Cracking / Exploiting / Researching

Who is online

Users browsing this forum: No registered users

cron
Fatal: Not able to open ./cache/data_global.php