Jump to content

Why is monitor mode necessary for WPS cracking?


Craphoontio

Recommended Posts

It may look obvious, but I really can't get it. I must be missing a pretty big detail about network modes and the low level inner working of WPS, despite I read all of the papers I could find[1].

According to wikipedia, monitor mode is a mode that allows mostly only to listen without being associated to any access point or router (and if the hardware and the driver allows it too, to transmit as well, and there we have what's called packet injection).

So far so good.

When you try to bruteforce WPS PINS, though, you do associate with the AP first. At least, reaver does.

So why you actually need to be in monitor mode?

All WPS cracking program require it, so it's no doubt it's a necessity. All the tutorials out there just tell you to "do it" but none as I could find tells the why of that.

Please help, I'd really love to understand it better :)

Thanks so much!

[1] Only two actually :P but one is Stefan Viehböck's original paper. The other is this transcript of a very nice talk: https://www.grc.com/sn/sn-337.htm

Link to comment
Share on other sites

Monitor mode allows the card to passively collect raw data, no frames are transmitted. All packets captured are unfiltered. Some cards that allow transmitting of packets while monitoring(packet injection) allows you to obtain unfiltered packets that contain data relating to the injected data you're transmitting. This in turn allows the cracking/info gathering programs to function.

Link to comment
Share on other sites

If I may try...

Think about a walky talky. Those hand held radio's can change channels by pressing a button...

If you and your friend have both walky talkies on channle 1 then you can share a conversation...

Your walky talkie can also channle hop. Could allow you to listen to all conversation on all channels by changing channels quickly.

If you notice when you run airodump your wifi card is channel hopping. trying to record data on all channel's

I tried :-)

Edit. misread the question..

Edited by i8igmac
Link to comment
Share on other sites

Monitor mode allows the card to passively collect raw data, no frames are transmitted. All packets captured are unfiltered. Some cards that allow transmitting of packets while monitoring(packet injection) allows you to obtain unfiltered packets that contain data relating to the injected data you're transmitting. This in turn allows the cracking/info gathering programs to function.

And how is this related to reaver in any way? Reaver isn't collecting anything.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...