Jump to content

Recommended Posts

Manually refresh, worked for me.

I left it running overnight and ended up with a 20mb log file. Bully had stopped but when I try to restart it just comes back not running again, problem is it's not creating the log file so don't know what the problem is.

Sorry my bad, creating now once I deleted the 20mb file but now it's like Raz0rs and still says wps not running. Problem was my pineapple must have rebooted and the mon0 wasn't turned on. Strange never rebooted before?

Edited by juststartingout
Link to comment
Share on other sites

  • Replies 436
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

My bad you have to leave it running for a few minutes before it starts logging.

HMMMM sometimes it works and others it doesn't yep gonna cry !!!

Regards

Raz0r

Edited by raz0r
Link to comment
Share on other sites

Right if the file is corrupt ssh into pineapple sftp and delete the folder /root/.bully mind you ya will lose ya progress.

Or the other option i have found is if you find the .run file in /root/.bully the numbers being the MAC address IE cc33bb3fa71e.run and delete the last two lines in the file and save it, then it starts to work again.

PS i have had this happen to me on Kali sometimes

Regards

Raz0r

Edited by raz0r
Link to comment
Share on other sites

You can do this when you ssh into the pineapple wifi or you can click disable on the specified interface and then click monitor. This also is done on Reaver as well I believe.

Its for Reaver but the concept is the same for Bully

https://forums.hak5.org/index.php?/topic/32748-mark-v-reaver-video-tutorial/#entry244818

Edited by evil666
Link to comment
Share on other sites

You can do this when you ssh into the pineapple wifi or you can click disable on the specified interface and then click monitor. This also is done on Reaver as well I believe.

Its for Reaver but the concept is the same for Bully

https://forums.hak5.org/index.php?/topic/32748-mark-v-reaver-video-tutorial/#entry244818

Thanks. I don't know why have I forgot to set the SSH access.

Another question... Because now this is happening and I have no idea why.

[!] Bully v1.0-22 - WPS vulnerability assessment utility

[+] Switching interface 'mon0' to channel '6'

[!] Using '00:13:37:93:58:34' for the source MAC address

[+] Datalink type set to '127', radiotap headers present

[+] Scanning for beacon from 'XX:XX:XX:XX:XX:XX' on channel '6'

[X] Unable to get a beacon from the AP, possible causes are

[.] an invalid --bssid or -essid was provided,

[.] the access point isn't on channel '6',

[.] you aren't close enough to the access point.

Using Kali, Bully gets the beacon right away but times out.

Here, Bully does not get the beacon. The power is always around 70%. The AP shows up on wash, it has the vulnerability. Isn't that enough?

Or is anything else wrong?

Link to comment
Share on other sites

Would anyone kindly explain to what exactly happened here and how can I improve the attack?

[!] Bully v1.0-22 - WPS vulnerability assessment utility
[+] Switching interface 'mon0' to channel '6'
[!] Using '**:**:**:**:**:**' for the source MAC address
[+] Datalink type set to '127', radiotap headers present
[+] Scanning for beacon from '**:**:**:**:**:**' on channel '6'
[+] Got beacon for '***-********' (**:**:**:**:**:**)
[+] Loading randomized pins from '/root/.bully/pins'
[!] Restoring session from '/root/.bully/58983579b651.run'
[+] Index of starting pin number is '0002000'
[+] Last State = 'NoAssoc' Next pin '25770940'
[+] Rx( M5 ) = 'Pin1Bad' Next pin '93460941'
[+] Rx( M5 ) = 'Pin1Bad' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Sent packet not acknowledged after 3 attempts
[+] Tx( Assn ) = 'Timeout' Next pin '89430941'
[+] Rx( Auth ) = 'Timeout' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Sent packet not acknowledged after 3 attempts
[+] Tx( M2 ) = 'Timeout' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'
[+] Rx(M2D/M3) = 'WPSFail' Next pin '89430941'

Thanks in advance!

Link to comment
Share on other sites

Nevermind, it's just a WPS lock.

Now, from what I've seen, there are some things to try.

The mdk3 attacks, but they have to be automated. Found a script to do it by repzeroworld:

https://forums.hak5.org/index.php?/topic/32494-reaver-ap-rate-limiting-detected-and-automatic-mdk3-solution/

But it's for reaver... I need it working for Bully, as reaver just hangs on the "Association sucessfull" message.

Another thing I wanted to try out was something like a mac changer automated script, to change mac address every x seconds.

But how viable is this option? Don't the interfaces have to be down in order to change the MAC?

If so, that would mean that I would have to automate that too. Stopping the attack on Bully, changing the MAC, and starting the attack again...

Can anyone shed some light on all this?

Link to comment
Share on other sites

Vitality: raz0r made a video but didn't post it on youtube. I have a link I'll repost it when I get back.

Some routers wps lock stays locked or have other features like netgear. Try multiple routers.

Edited by thedeadhand
Link to comment
Share on other sites

Yea, I would appreciate if you posted the link.

I think people should start looking more at Bully and not reaver. Bully can attack APs with only 40% power, I tested that myself. Reaver, to attack decently, needs at least 80%, and among other features that Bully has and Reaver doesn't.

Thanks in advance.

Edited by ViTALiTY
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...