botard89 Posted May 19, 2014 Share Posted May 19, 2014 I'm not sure that this question is one suitable for the security section, but I'm assuming it is some form of security that is preventing me from this, and I'm trying to learn as much as I can. My neighbor has a modem/router, the Motorola SURFboard SBG6580. The ISP seems to be Brighthouse Networks, because the ESSID is BHNSBG6580**** I have full permission to hack the router if I can. Figuring that the passphrase could be something the owner made or something that BHN setup, I figured the best way to go about this would be either using Reaver in Kali Linux, or WiFite. I used Wash to make sure the gateway has WPS enabled and it does. I figured it would take some time, 1.) Because it's Reaver ;) and 2.) Because these gateways are apparently known to have AP Rate Limited security features enabled (after so many pin #'s tried, gateway shuts down for approx 5-6 mins, and then the attack can continue on) Well the problem was I kept getting Timeout occurred errors and WPS Transaction failed messages (code 0x02) I thought at first that maybe my range wasn't as good as it should be, although I have done this with routers with less of a signal and succeeded. Ok. Well it was ironic because BHN was having some technical difficulties where their internet and phone lines went down. I got back on Kali, and figured I'd check around to see what was out there, and I saw the same gateway, except this time the ESSID was simply SBG6580**** I tried Reaver and sure enough it started up. It did have a few 0x02 errors, however it was actually making process, where before it was making none at all. It continued to do this until sure enough the services were back online, which told me if theservices were going through this gateway then it has some feature disabling WPS attacks, while when not having service it is possible to attack it, even with the AP Rate Limited feature. Now, with all this being said, my question is, Does anyone know of a security feature that would prevent a WPS attack on a gateway/router. provided that service is up, versus a WPS attack working while service for the same gateway/modem is down? If there is anymore info I left out then let me know and I'll be sure to include it as well. The only thing I can think of that I had left out is that I'm using Reaver 1.4 (downgrading doesn't seem to be the problem), and I am using an Alfa AWUS036H Wireless Network Adapter equipped with my Alfa -9 dBi Flat Panel Antenna, and of course I am running "airmon-ng start wlan2" to start in monitor mode, am using airodump-ng mon0 --ignore-negative-one to fix that error, and I have also tried killing processes, or leaving them running. I have done much, much research on what could be wrong "program speaking" but this doesn't seem to have anything to do with my range, MAC Address, equipment, or input of command. I would appreciate any help provided, and thanks in advance. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.