freshlybobster Posted August 16, 2015 Share Posted August 16, 2015 I will send an update to include additional checks for SD install of reaver. I haven't installed anything on the SD card though. I updated the firmware, installed the infusion and then everything else ( reaver, bully, pixiewps ) on internal storage. Any idea what might be causing all the above? Quote Link to comment Share on other sites More sharing options...
DataHead Posted August 16, 2015 Share Posted August 16, 2015 The new firmware, as you know, now uses the latest aircrack which sets as wlanxmon. The infusion, was designed before this update. So there needs to be an update to scan with wlanxmon. As with reaver and bully not associating, while you do have a good signal strength, there could be interference somewhere. Have you tried upping your txpower on the attacking interface? If not, try setting it to 30dBm. Quote Link to comment Share on other sites More sharing options...
freshlybobster Posted August 16, 2015 Share Posted August 16, 2015 The new firmware, as you know, now uses the latest aircrack which sets as wlanxmon. The infusion, was designed before this update. So there needs to be an update to scan with wlanxmon. As with reaver and bully not associating, while you do have a good signal strength, there could be interference somewhere. Have you tried upping your txpower on the attacking interface? If not, try setting it to 30dBm. I literally just got my Pineapple 2 days ago, didn't know what has been going on with the infusion. But yeah I SSHed into the pineapple, used wash and tried reaver again, still timeouts for the APs that in my experience would have worked before - RSSI between -60 and -68 . How can I increase the TXpower though on wlan1? I've tried the usual ifconfig command but it's not working. Also, how much is it safe to increase it and for how long on the pineapple ? Thank you. Quote Link to comment Share on other sites More sharing options...
DataHead Posted August 16, 2015 Share Posted August 16, 2015 I literally just got my Pineapple 2 days ago, didn't know what has been going on with the infusion. But yeah I SSHed into the pineapple, used wash and tried reaver again, still timeouts for the APs that in my experience would have worked before - RSSI between -60 and -68 . How can I increase the TXpower though on wlan1? I've tried the usual ifconfig command but it's not working. Also, how much is it safe to increase it and for how long on the pineapple ? Thank you. If your local laws permit to upping and using 30dBm, you should be fine running the rtl8187 (wlan1) for quite some time. You should be fine running at that for a few hours. Just let it take a break for a while if you don't have a fan cooling it on the bottom vents. Quote Link to comment Share on other sites More sharing options...
freshlybobster Posted August 17, 2015 Share Posted August 17, 2015 If your local laws permit to upping and using 30dBm, you should be fine running the rtl8187 (wlan1) for quite some time. You should be fine running at that for a few hours. Just let it take a break for a while if you don't have a fan cooling it on the bottom vents. Cheers that worked, got a couple of more questions though. How can I permanently modify the region&txpower so I don't have to change it every time? Also, what the heck is the problem with reaver? I tested it on a couple of different APs and so far all I got were either timeouts ( 90% of the time ), or it worked for the first pin, after which it timed out again. These were all all -58 to -68 which should've been enough. Instead, I figured I should give bully a shot, any funny enough after trying a reaver attack and a bully one successively on each AP, bully actually worked about 80% of the time. I'm going to get a 9 dBi antenna tomorrow and give it another shot. And finally, are there any ways to crash an AP which has locked the WPS? I know about mdk3 attacks and I remember trying the revdk3 script a while ago, but with no results unfortunately. Are there any similar tools available for the pineapple? Or for Kali? I found another thread about using wlan1 with Kali so I will try that if there are any alternatives to revdk3. Thanks for all the help though. Quote Link to comment Share on other sites More sharing options...
DataHead Posted August 17, 2015 Share Posted August 17, 2015 The problem you are having with reaver seems it could be fixed with setting a timeout length. I am unsure of which switch(s) it is at the moment, but reaver --help will outline this for you. Reaver can be a bit more picky than bully at times, and vise versa. But I suspect that issues you and a few others are having, is a quality of the signal, not just the strength. So try with a different antenna, the 9dbi works nicely. Also, for setting the txpower on boot, you can use a dipswitch setup to run the commands :-) Quote Link to comment Share on other sites More sharing options...
Renek Posted August 25, 2015 Share Posted August 25, 2015 Having a couple issues. First off, running reaver (just a simple, "reaver -i wlan1mon") doesn't return any results. Tested this by turning WPS on my home router and a couple test routers as well, no dice. It can the the broadcasted SSIDs in the WPS infusion interface though. Second, and somewhat related, the table that shows all detected APs(so, airodump) has a field for WPS, but all entries are a "-". When I scan the APs with an old AFLA0036 I can see WPS is active on the test routers. I have a sneaking suspicion it's related to the 2.4 firmware and the new version of aircrack, but figured I'd see if anyone else was having similar issues. Quote Link to comment Share on other sites More sharing options...
DataHead Posted August 25, 2015 Share Posted August 25, 2015 For the first issue, reaver -i wlanxmon, is invalid use. You must at the least, supply a target bssid ( -b ). And for airodump, are you doing airodump-ng -i wlanxmon --wps Quote Link to comment Share on other sites More sharing options...
deadlyhabit Posted August 26, 2015 Share Posted August 26, 2015 yea it should be reaver -i wlan1mon -b ma:ca:dd:rr:es:ss -vvv -K 1 to start (pixiewps attack) or just a reaver will show all commands and options for it including the fork btw datahead, any chance of helping out terry's fork for the reaver pro ii? (installed pixie and your fork with a bit of pain on it, but would be nice with his gui) Quote Link to comment Share on other sites More sharing options...
hairbag Posted August 29, 2015 Share Posted August 29, 2015 reaver no longer provides wpa pass after cracking wps pin. Quote Link to comment Share on other sites More sharing options...
DataHead Posted August 30, 2015 Share Posted August 30, 2015 (edited) reaver no longer provides wpa pass after cracking wps pin. And had tested, and it does. Do you have highest verbose modes enabled?( -vvv ) that should be enabled if not. also, some AP's do not report back the wpa password, but will with the pin only. A bit of a self note, i should make a change back to reaver so that only -vv is required again Edited August 30, 2015 by DataHead Quote Link to comment Share on other sites More sharing options...
hairbag Posted August 31, 2015 Share Posted August 31, 2015 tried with -vvv again and it looks like the -S option borks the process and only spits out the wps pin? without the -S spits out both pass and pin. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.