True_Grift Posted February 5, 2012 Share Posted February 5, 2012 Reaver is very bad thing indeed for the current generation of secured wireless devices. I did a scan with wash on the networks in my area, which has about 13 ESSID's usually visable via my Alfa. Not too traffic heavy. Wash was able to detect 6 of those that were vulnerable to the WPS attack, and had WPA encryption. The others were open, or WEP. So most of the eligible routers were vulnerable. Some of the discussions going on about Reaver mention that WPS doesn't even have to be enabled on the routers, that some routers with WPS purposely disabled are actually still vulnerable and will still give the key if attacked. It would be interesting to see more about which devices are actually safe. BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID 0C:D5:02:C8:1E:2E -44 20 1 0 6 54 WEP WEP 11FX08036440 00:12:17:B0:13:BC -59 17 0 0 6 54 OPN Sweet 68:7F:74:FF:A1:8E -63 15 5 0 9 54e. OPN Sweets 00:15:05:D5:42:6C -62 8 1 0 9 54 . OPN BANKSBROTHERS C0:3F:0E:4F:AC:AE -63 10 1 0 11 54e WPA2 CCMP PSK AJ-PC_Network 98:FC:11:C7:25:FE -66 13 9 2 6 54e. WPA2 CCMP PSK jessjackjazz 0C:D5:02:CD:12:15 -62 20 1 0 6 54 WEP WEP HARU 00:1E:2A:06:80:30 -65 8 0 0 11 54 . WPA2 CCMP PSK Private 00:1C:DF:51:6D:90 -67 4 4 0 1 54 WPA TKIP PSK Ding Dongs 0C:D5:02:86:CB:84 -69 5 0 0 6 54 WEP WEP 11FX02046757 EC:55:F9:2D:C1:B5 -68 3 0 0 1 54e WEP WEP 1c42 BSSID Channel RSSI WPS Version WPS Locked ESSID --------------------------------------------------------------------------------------------------------------- 00:1C:DF:51:6D:90 1 -69 1.0 No Ding Dongs 98:FC:11:C7:25:FE 6 -64 1.0 No jessjackjazz 98:FC:11:C7:1F:12 6 -73 1.0 No OWNER-PC_Network 68:7F:74:FF:A1:8E 9 -60 1.0 No Sweets C0:3F:0E:4F:AC:AE 11 -63 1.0 No AJ-PC_Network Most of those networks are in the 60's which seems to be kind of pushing it with Reaver's range, though it might not be as much of a problem for people living in Bolivia ^^ Quote Link to comment Share on other sites More sharing options...
claudiax69 Posted April 19, 2013 Share Posted April 19, 2013 i started trying to get my router's pin and wpa2 pass using reaver 1.4 just two days ago, i used airmon-ng start wlan0 to put my card into monitor mode.. after that i used wash to see what routers were wps enabled and all of them were (apparently) mine was one of them obviously. i went and used reaver -i mon0 -b 'mac address' -vv everything was going smoothly (2 seconds/pin) until it reached 28.8% in about 2 hours. i started getting WPS transaction failed (0x04) and it just stuck there for about an hour until i decided to just cancel the thing. anybody knows what this error code means? anything that can be done to go around it? Quote Link to comment Share on other sites More sharing options...
GuardMoony Posted April 24, 2013 Share Posted April 24, 2013 The more newer routers got extra protection on there WPS. They would stop reacting after X attempts in X time. This could have happend in your test. Other things could be. Your wireless got disabled. Mayby some other attack did a wireless connection to a other network or so. Quote Link to comment Share on other sites More sharing options...
Bountyhunter50 Posted April 29, 2013 Share Posted April 29, 2013 The more newer routers got extra protection on there WPS. They would stop reacting after X attempts in X time. This could have happend in your test. Other things could be. Your wireless got disabled. Mayby some other attack did a wireless connection to a other network or so. I've noticed this on Friendly Targets. I've noticed some still surrender their mysteries if I put in the proper delay attempt, but be ready to wait a little longer than expected. Quote Link to comment Share on other sites More sharing options...
Amomynous Posted June 3, 2013 Share Posted June 3, 2013 I'm running Reaver 1.4 and checked with wash if my own access point was vurnerable. When I received a positif result i tried to launch Reaver against my own wireless access point. reaver -i mon0 -f -c 11 -b XX:XX:XX:XX:XX:XX -vv -x 60 However, i keep receiving a warning: failed to associate with ... How is this possible? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.