Jump to content

raz0r

Active Members
  • Posts

    198
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by raz0r

  1. You know what i find strange is when i have been attacking an AP for a long time i lose the signal strength so all i done was reinstall the infusion but made sure i backed up the files.

    Any way good luck fella

    Regards

    Raz0r

  2. Please help me chaps for some unknown reason my pineapple keeps rebooting i have flashed it bit it keeps doing it, it will be OK for like 10-20 min then that's it BAM !!

    Any ideas would be helpful

    Kind Regards

    Raz0r

  3. Also the best way to lern is not by scripts but the manual way other wise people will call u a script kiddie

    Learn the hard way first , that script is good for mitm and evil twin I believe ;)

    Raz0r

  4. Wifislax is good I've been using it but I'm a Kali fan I have been using it since it started off now I'm 31 lol and still love security .

    Believe me m8 translate that page and sign up.

    Download the script and use it on Kali

    But only on your own router other wise u might get into trouble

    Regards

    Raz0r

  5. Yea I find that also with bully sometimes

    But I have a little present for you one that has been over looked !!

    I'm no good at PHP but I got friends who are

    How about making this into an infusion !!!

    I have used it many times on routers my own of course

    http://lampiweb.com/foro/index.php?topic=9834.0

    Now what about if this were to be an infusion download the script in Kali and let me know what you think

    Raz0r

  6. Good to hear its working for you :)

    Try attacking it with Bully and use the -D option as it detects lockouts.

    Or you could try putting a delay in with Reaver

    Best thing to do is try different settings and see what works for you.

    usage: bully <options> interface
    Required arguments:
      interface      : Wireless interface in monitor mode (root required)
      -b, --bssid macaddr    : MAC address of the target access point
    Or
      -e, --essid string     : Extended SSID for the access point
    Optional arguments:
      -c, --channel N[,N...] : Channel number of AP, or list to hop [b/g]
      -i, --index N          : Starting pin index (7 or 8 digits)  [Auto]
      -l, --lockwait N       : Seconds to wait if the AP locks WPS   [43]
      -o, --outfile file     : Output file for messages          [stdout]
      -p, --pin N            : Starting pin number (7 or 8 digits) [Auto]
      -s, --source macaddr   : Source (hardware) MAC address      [Probe]
      -v, --verbosity N      : Verbosity level 1-3, 1 is quietest     [3]
      -w, --workdir path     : Location of pin/session files  [~/.bully/]
      -5, --5ghz             : Hop on 5GHz a/n default channel list  [No]
      -B, --bruteforce       : Bruteforce the WPS pin checksum digit [No]
      -F, --force            : Force continue in spite of warnings   [No]
      -S, --sequential       : Sequential pins (do not randomize)    [No]
      -T, --test             : Test mode (do not inject any packets) [No]
    Advanced arguments:
      -a, --acktime N        : Deprecated/ignored                  [Auto]
      -r, --retries N        : Resend packets N times when not acked  [2]
      -m, --m13time N        : Deprecated/ignored                  [Auto]
      -t, --timeout N        : Deprecated/ignored                  [Auto]
      -1, --pin1delay M[,N]  : Delay M seconds every Nth nack at M5 [0,1]
      -2, --pin2delay M[,N]  : Delay M seconds every Nth nack at M7 [5,1]
      -A, --noacks           : Disable ACK check for sent packets    [No]
      -C, --nocheck          : Skip CRC/FCS validation (performance) [No]
      -D, --detectlock       : Detect WPS lockouts unreported by AP  [No]
      -E, --eapfail          : EAP Failure terminate every exchange  [No]
      -L, --lockignore       : Ignore WPS locks reported by the AP   [No]
      -M, --m57nack          : M5/M7 timeouts treated as WSC_NACK's  [No]
      -N, --nofcs            : Packets don't contain the FCS field [Auto]
      -P, --probe            : Use probe request for nonbeaconing AP [No]
      -R, --radiotap         : Assume radiotap headers are present [Auto]
      -W, --windows7         : Masquerade as a Windows 7 registrar   [No]
      -Z, --suppress         : Suppress packet throttling algorithm  [No]
      -V, --version          : Print version info and exit
      -h, --help             : Display this help information
    
    root@Raz0r:~# reaver
    
    Reaver v1.4 WiFi Protected Setup Attack Tool
    Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>
    
    Required Arguments:
    	-i, --interface=<wlan>          Name of the monitor-mode interface to use
    	-b, --bssid=<mac>               BSSID of the target AP
    
    Optional Arguments:
    	-m, --mac=<mac>                 MAC of the host system
    	-e, --essid=<ssid>              ESSID of the target AP
    	-c, --channel=<channel>         Set the 802.11 channel for the interface (implies -f)
    	-o, --out-file=<file>           Send output to a log file [stdout]
    	-s, --session=<file>            Restore a previous session file
    	-C, --exec=<command>            Execute the supplied command upon successful pin recovery
    	-D, --daemonize                 Daemonize reaver
    	-a, --auto                      Auto detect the best advanced options for the target AP
    	-f, --fixed                     Disable channel hopping
    	-5, --5ghz                      Use 5GHz 802.11 channels
    	-v, --verbose                   Display non-critical warnings (-vv for more)
    	-q, --quiet                     Only display critical messages
    	-h, --help                      Show help
    
    Advanced Options:
    	-p, --pin=<wps pin>             Use the specified 4 or 8 digit WPS pin
    	-d, --delay=<seconds>           Set the delay between pin attempts [1]
    	-l, --lock-delay=<seconds>      Set the time to wait if the AP locks WPS pin attempts [60]
    	-g, --max-attempts=<num>        Quit after num pin attempts
    	-x, --fail-wait=<seconds>       Set the time to sleep after 10 unexpected failures [0]
    	-r, --recurring-delay=<x:y>     Sleep for y seconds every x pin attempts
    	-t, --timeout=<seconds>         Set the receive timeout period [5]
    	-T, --m57-timeout=<seconds>     Set the M5/M7 timeout period [0.20]
    	-A, --no-associate              Do not associate with the AP (association must be done by another application)
    	-N, --no-nacks                  Do not send NACK messages when out of order packets are received
    	-S, --dh-small                  Use small DH keys to improve crack speed
    	-L, --ignore-locks              Ignore locked state reported by the target AP
    	-E, --eap-terminate             Terminate each WPS session with an EAP FAIL packet
    	-n, --nack                      Target AP always sends a NACK [Auto]
    	-w, --win7                      Mimic a Windows 7 registrar [False]
    
    Example:
    	reaver -i mon0 -b 00:90:4C:C1:AC:21 -vv
    
    
  7. I find it is better then Reaver BUT you need to be really close for it to work smooth, other wise you just get timeouts !!

    Yea get a good outdoor antenna but make sure you got the right connectors on the end m8

    Let me know how u get on

    Regards

    Raz0r

  8. Not that i know of i have only been using a few infusions on there at the moment.

    Also take a look at bully but use the -C command i find that works good but you need to be close to the AP or have a very good antenna

    To be honest i leave mine at work lol i stick with Kali at the min cos i can get my jobs done very quick using it in VM player :)

    But the Mark V is a great tool just need more time with it.

    Regards

    Raz0r

  9. I also wouldn't have thought that as i don't have to do it in Kali Linux i was getting frustrated my self until i read something on here.

    Just strange that you don't have to do it on Kali, maybe someone else here could answer your question :)

    Raz0r

×
×
  • Create New...