[Support] WPS

[juststartingout]

Manually refresh, worked for me.

I left it running overnight and ended up with a 20mb log file. Bully had stopped but when I try to restart it just comes back not running again, problem is it's not creating the log file so don't know what the problem is.

Sorry my bad, creating now once I deleted the 20mb file but now it's like Raz0rs and still says wps not running. Problem was my pineapple must have rebooted and the mon0 wasn't turned on. Strange never rebooted before?

Edited July 17, 2014 by juststartingout

[raz0r]

My bad you have to leave it running for a few minutes before it starts logging.

HMMMM sometimes it works and others it doesn't yep gonna cry !!!

Regards

Raz0r

Edited July 17, 2014 by raz0r

[cheeto]

Hey raz0r,

Same thing here.

It takes around 7 min or so to start showing something in the log.

If I want to suspend a session and resume it later. How would I go about doing that with Bully?

Cheers,

cheeto

[cheeto]

never had that happen. Are you using the original sd card that came with your mkv?

The one that come with the MKV is not know to be really good. It is advised to buy a class 10 sd card instead.

[Sebkinne]

Anything related to the WPS infusion should be discussed in the infusions forum.

Thanks!

[raz0r]

Right if the file is corrupt ssh into pineapple sftp and delete the folder /root/.bully mind you ya will lose ya progress.

Or the other option i have found is if you find the .run file in /root/.bully the numbers being the MAC address IE cc33bb3fa71e.run and delete the last two lines in the file and save it, then it starts to work again.

PS i have had this happen to me on Kali sometimes

Regards

Raz0r

Edited July 17, 2014 by raz0r

[MitchMalik]

I have gone to install the reaver and bully dependencies, and it loads, and then it says it is not installed. I try to install them to the SD and the internal, and it doesn't install. I keep trying, but nothing works.

[m40295]

ttry a diffrent browser. firefox does that to me. chrome usally works

[MitchMalik]

ttry a diffrent browser. firefox does that to me. chrome usally works

I'm using Chrome. I will try something else.

[thedeadhand]

i have tried everything i can think of with no success for reaver infusion. bully works fine.

I GOT REAVER TO WORK WITH SSH...

just install reaver via opkg

[ViTALiTY]

Everytime I try to use Bully, this happens.

Could anyone please help me out?

Thanks in advance.

[ViTALiTY]

Forgot to add something. If it helps, I'm using wlan0 as client to another AP and wlan1 to use Bully (but not on that AP of course).

[Sebkinne]

Make sure that wlan1 is DOWN.

Best Regards,

Sebkinne

[ViTALiTY]

Make sure that wlan1 is DOWN.

Best Regards,

Sebkinne

What do you mean by that? "ifconfig wlan1 down"?

[Sebkinne]

What do you mean by that? "ifconfig wlan1 down"?

Yes, that's what I mean. That should allow the monitor interface to channel hop.

Best Regards,

Sebkinne

[ViTALiTY]

Yes, that's what I mean. That should allow the monitor interface to channel hop.

Best Regards,

Sebkinne

Ok, great. Sorry for the stupid question, but where exactly do I enter the command?

[evil666]

You can do this when you ssh into the pineapple wifi or you can click disable on the specified interface and then click monitor. This also is done on Reaver as well I believe.

Its for Reaver but the concept is the same for Bully

https://forums.hak5.org/index.php?/topic/32748-mark-v-reaver-video-tutorial/#entry244818

Edited July 30, 2014 by evil666

[ViTALiTY]

You can do this when you ssh into the pineapple wifi or you can click disable on the specified interface and then click monitor. This also is done on Reaver as well I believe.

Its for Reaver but the concept is the same for Bully

https://forums.hak5.org/index.php?/topic/32748-mark-v-reaver-video-tutorial/#entry244818

Thanks. I don't know why have I forgot to set the SSH access.

Another question... Because now this is happening and I have no idea why.

[!] Bully v1.0-22 - WPS vulnerability assessment utility

[+] Switching interface 'mon0' to channel '6'

[!] Using '00:13:37:93:58:34' for the source MAC address

[+] Datalink type set to '127', radiotap headers present

[+] Scanning for beacon from 'XX:XX:XX:XX:XX:XX' on channel '6'

[X] Unable to get a beacon from the AP, possible causes are

[.] an invalid --bssid or -essid was provided,

[.] the access point isn't on channel '6',

[.] you aren't close enough to the access point.

Using Kali, Bully gets the beacon right away but times out.

Here, Bully does not get the beacon. The power is always around 70%. The AP shows up on wash, it has the vulnerability. Isn't that enough?

Or is anything else wrong?

[evil666]

Thats out of my spectrum. One of the avid users would have to comment on that. I'm still learning myself.

[ViTALiTY]

Would anyone kindly explain to what exactly happened here and how can I improve the attack?

[!] Bully v1.0-22 - WPS vulnerability assessment utility
[+] Switching interface 'mon0' to channel '6'
[!] Using '**:**:**:**:**:**' for the source MAC address
[+] Datalink type set to '127', radiotap headers present
[+] Scanning for beacon from '**:**:**:**:**:**' on channel '6'
[+] Got beacon for '***-********' (**:**:**:**:**:**)
[+] Loading randomized pins from '/root/.bully/pins'
[!] Restoring session from '/root/.bully/58983579b651.run'
[+] Index of starting pin number is '0002000'
[+] Last State = 'NoAssoc' Next pin '25770940'
[+] Rx( M5 ) = 'Pin1Bad' Next pin '93460941'
[+] Rx( M5 ) = 'Pin1Bad' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Sent packet not acknowledged after 3 attempts
[+] Tx( Assn ) = 'Timeout' Next pin '89430941'
[+] Rx( Auth ) = 'Timeout' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Sent packet not acknowledged after 3 attempts
[+] Tx( M2 ) = 'Timeout' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'

Thanks in advance!

[ViTALiTY]

Nevermind, it's just a WPS lock.

Now, from what I've seen, there are some things to try.

The mdk3 attacks, but they have to be automated. Found a script to do it by repzeroworld:

https://forums.hak5.org/index.php?/topic/32494-reaver-ap-rate-limiting-detected-and-automatic-mdk3-solution/

But it's for reaver... I need it working for Bully, as reaver just hangs on the "Association sucessfull" message.

Another thing I wanted to try out was something like a mac changer automated script, to change mac address every x seconds.

But how viable is this option? Don't the interfaces have to be down in order to change the MAC?

If so, that would mean that I would have to automate that too. Stopping the attack on Bully, changing the MAC, and starting the attack again...

Can anyone shed some light on all this?

[thedeadhand]

Vitality: raz0r made a video but didn't post it on youtube. I have a link I'll repost it when I get back.

Some routers wps lock stays locked or have other features like netgear. Try multiple routers.

Edited August 1, 2014 by thedeadhand

[ViTALiTY]

Yea, I would appreciate if you posted the link.

I think people should start looking more at Bully and not reaver. Bully can attack APs with only 40% power, I tested that myself. Reaver, to attack decently, needs at least 80%, and among other features that Bully has and Reaver doesn't.

Thanks in advance.

Edited August 1, 2014 by ViTALiTY

[thedeadhand]

https://mega.co.nz/#!mYVw1CzT!4sNWGUmTstnnPiCnCIdhrMla3Cg_ihRBoDNzRDdc03g

[ViTALiTY]

https://mega.co.nz/#!mYVw1CzT!4sNWGUmTstnnPiCnCIdhrMla3Cg_ihRBoDNzRDdc03g

I appreciate the video, but after watching, that's just the basics of it...