Reaver Brute Force Attack Tool Cracking:

[True_Grift]

Reaver is very bad thing indeed for the current generation of secured wireless devices.

I did a scan with wash on the networks in my area, which has about 13 ESSID's usually visable via my Alfa. Not too traffic heavy. Wash was able to detect 6 of those that were vulnerable to the WPS attack, and had WPA encryption. The others were open, or WEP. So most of the eligible routers were vulnerable. Some of the discussions going on about Reaver mention that WPS doesn't even have to be enabled on the routers, that some routers with WPS purposely disabled are actually still vulnerable and will still give the key if attacked.

It would be interesting to see more about which devices are actually safe.

BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

0C:D5:02:C8:1E:2E -44 20 1 0 6 54 WEP WEP 11FX08036440

00:12:17:B0:13:BC -59 17 0 0 6 54 OPN Sweet

68:7F:74:FF:A1:8E -63 15 5 0 9 54e. OPN Sweets

00:15:05:D5:42:6C -62 8 1 0 9 54 . OPN BANKSBROTHERS

C0:3F:0E:4F:AC:AE -63 10 1 0 11 54e WPA2 CCMP PSK AJ-PC_Network

98:FC:11:C7:25:FE -66 13 9 2 6 54e. WPA2 CCMP PSK jessjackjazz

0C:D5:02:CD:12:15 -62 20 1 0 6 54 WEP WEP HARU

00:1E:2A:06:80:30 -65 8 0 0 11 54 . WPA2 CCMP PSK Private

00:1C:DF:51:6D:90 -67 4 4 0 1 54 WPA TKIP PSK Ding Dongs

0C:D5:02:86:CB:84 -69 5 0 0 6 54 WEP WEP 11FX02046757

EC:55:F9:2D:C1:B5 -68 3 0 0 1 54e WEP WEP 1c42

BSSID Channel RSSI WPS Version WPS Locked ESSID

---------------------------------------------------------------------------------------------------------------

00:1C:DF:51:6D:90 1 -69 1.0 No Ding Dongs

98:FC:11:C7:25:FE 6 -64 1.0 No jessjackjazz

98:FC:11:C7:1F:12 6 -73 1.0 No OWNER-PC_Network

68:7F:74:FF:A1:8E 9 -60 1.0 No Sweets

C0:3F:0E:4F:AC:AE 11 -63 1.0 No AJ-PC_Network

Most of those networks are in the 60's which seems to be kind of pushing it with Reaver's range, though it might not be as much of a problem for people living in Bolivia ^^

[claudiax69]

i started trying to get my router's pin and wpa2 pass using reaver 1.4 just two days ago, i used airmon-ng start wlan0 to put my card into monitor mode.. after that i used wash to see what routers were wps enabled and all of them were (apparently) mine was one of them obviously. i went and used reaver -i mon0 -b 'mac address' -vv

everything was going smoothly (2 seconds/pin) until it reached 28.8% in about 2 hours. i started getting WPS transaction failed (0x04) and it just stuck there for about an hour until i decided to just cancel the thing.

anybody knows what this error code means? anything that can be done to go around it?

[GuardMoony]

The more newer routers got extra protection on there WPS. They would stop reacting after X attempts in X time. This could have happend in your test.

Other things could be. Your wireless got disabled. Mayby some other attack did a wireless connection to a other network or so.

[Bountyhunter50]

The more newer routers got extra protection on there WPS. They would stop reacting after X attempts in X time. This could have happend in your test.

Other things could be. Your wireless got disabled. Mayby some other attack did a wireless connection to a other network or so.

I've noticed this on Friendly Targets. I've noticed some still surrender their mysteries if I put in the proper delay attempt, but be ready to wait a little longer than expected.

[Amomynous]

I'm running Reaver 1.4 and checked with wash if my own access point was vurnerable.

When I received a positif result i tried to launch Reaver against my own wireless access point.

reaver -i mon0 -f -c 11 -b XX:XX:XX:XX:XX:XX -vv -x 60

However, i keep receiving a warning: failed to associate with ...

How is this possible?