Jump to content

Reaver Pro - Unboxing

WiFiN00b

By WiFiN00b
in Security

 Share

Recommended Posts

  • 5 weeks later...
  • 2 weeks later...
levisiccard Newbie

levisiccard

Posted
Posted

Anyone has an idea what the difference is between reaver pro and reaver in kali linux?

First time I used reaver on my router at home it took me 4 secs to crack my WPA2. Seemed like my pin was 01234567. (first attempt)

Needless to mention how stupid I felt but it was a good result and proof for my school project on wireless security :-)

Link to comment
Share on other sites
Guest spazi

Guest spazi

Posted
Posted

From what I can see there is no difference at all feature wise, except that Reaver pro has dedicated hardware.
Because of that I guess that Reaver and the Reaver Pro program should be identical. Just that Reaver pro has been compiled to fit onto the Alfa AP and it has a GUI as well and can be deployed literally anywhere.

I remember someone talking about changing the order of pin attempts which should speed up the process. Not sure if Reaver pro has implemented that.

Does exactly the same thing though.

Link to comment
Share on other sites
ZaraByte Newbie

ZaraByte

Posted
Posted

I'm hoping to possibly get my hands on one of these Reaver Pro's that are selling for $200 so i can have a look at and give it a review on my YouTube to explain what makes it any better then the console reaver or the that comes on a ISO.

I've been talking to the guy thats selling these reaver pro's at reaver systems hoping i possibly get picked for a review on there reaver pro.

Always up for reviewing stuff so any other companies are looking for someone to review their hardware get in contact with me i can review in a upcoming for for my youtube channel.

Link to comment
Share on other sites
Guest spazi

Guest spazi

Posted
Posted (edited)

I actually found one difference. On Reaver pro you don't have to switch between walsh to scan for vulnerable access points and then use reaver.

On Reaver pro it shows you WPS enabled access points in real time and you just click the one you want to pin crack.

Not 100% sure though, but that's how I understood it.

I hope people are aware that most access points have fixed the WPS vulnerability, especially newer ones. You can very often only make 10 pin attempts and it locks out completely. Doesn't matter if you try to spoof your mac address or anything. The access point needs a manual restart by shutting it down and turning it on again. So I don't really see the point on spending 200$ on something that is kinda outdated. Not saying the Reaver pro ain't cool, I just think it's overpriced.

Maybe the found a way to overcome the WPS pin attempt limit?

My personal experience is that only one out of ten access points are hackable. The rest of the access points auto-updated the firmware and fixed the WPS vulnerability.

Edited by spazi
Link to comment
Share on other sites
ZaraByte Newbie

ZaraByte

Posted
Posted (edited)

Meh Where i am 1 out of every 5 routers i've tested appear to still be vulnerable to a WPS attack. I have yet to see any router have a auto update feature yet maybe the newer ones but for people who have routers that are like before 2013 i think are all still vulnerable to a WPS attack unless the owner manually updates their firmware.

Lets face it at least 85% of you're home routers do the owners ever update their firmware or even know how to do it or anything about the router other then buying it so they can have there wireless to use with their laptops.

One thing i do know now is it appears people in my area thanks to the ISP's like Comcast and centurylink are now giving their customers Modems that have a built in router sometimes it depends on the Tech that comes to hook their service up might disable WPS for them but i've noticed people who have like SSID names like ciscoxxxx x's being numbers are DSL modems that centurylink gives their customers half of them have WPS enabled that i have have seen around my area.

Comcast is really terrible here where i am people won't like comcast service so they tend to use centurylink.

I also noticed to that the Cisco DDR2200-CL modem has terrible security the Tech Support Remote Login Password is in plaintext if you view the source code of the inside of the modem.

Also the admin password and other user logins for the modem are visible in plaintext however you need to be logged in to see it.

Edited by ZaraByte
Link to comment
Share on other sites
Guest spazi

Guest spazi

Posted
Posted (edited)

Yeah I guess it varies a lot from area to area and it depends on what ISP you have.
Don't get me wrong, I totally agree that many routers sold before 2013 are vulnerable to wps pin cracking.
I tested on my own billion router (bought in 2012) and guess what, WPS was DISABLED and I could still crack the pin! How stupid is that?!
Most people I know don't know how to update the router firmware, too bad for them.

Thankfully my local ISP really did a major security update by selling routers pre-configured to auto-update and disabling WPS by default.
I've tested them several times, they are great routers.

Only downside is they all have the same admin password :ph34r:

Edited by spazi
Link to comment
Share on other sites
ZaraByte Newbie

ZaraByte

Posted
Posted (edited)

One bad thing about updating you're firmware or updating any firmware for that matter on anything is if you're not running off a battery pack and you lose power for just a second in the middle of updating the firmware install you dun bricked you're router and then you gotta start spending money to get a new one if its not covered under a warranty still.

I've heard people say WPA is vulnerable but if im not mistaken its only vulnerable against a wordlist attack to be all honest i don't waste my time with networks that have a WPA/WPA2 encryption chances of a hacker managing to get you're wireless password without having WPS or a weak password is highly unlikely you really have a better chance of going outside and getting hit by lighting on a really nice day then a hacker ever breaking into you're wifi.

The real world unless the person lives next door to you then chances are the hacker laptop would run out of battery before he managed to crack you're wireless.

It would basically be a thing where it would take a couple visits to finish where he left off.

Myself when im out and about i go for the easy target rather then wasting my time something that might potentially take me a couple returns to get access to.

Thats the real world in my view.

Unless someone on here knows something i don't about Wireless Security.

Edited by ZaraByte
Link to comment
Share on other sites
  • 1 month later...
>script_kiddie Newbie

>script_kiddie

Posted
Posted

hmm $199 for a Reaver_pro box........ or $0.00 to run reaver on Kali linux, no shipping, no 3 day wait PIN,PSK here i come!

however on my VM after running Reaver for an hour or so my mon0 gets all screwed up and i have to rinse and repeat, still cheaper then 199$ tho

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...