I'm newish to Kali and Bully / Reaver / Airgeddon.
Issue I am having is that the Pixie Dust attack is not working for me at all. The videos and how-to's that I've seen seem to work different, whereas my install just runs in a loop.
Deets:
uname -a:
<Linux Hummingbird 5.9.0-kali5-amd64 #1 Debian 5.9.15-1kali1 (2020-12-18) x86_64>
Reaver does not have a way to pull a version that I can find, but it is a week-old Kali install with update & upgrade and I got it via apt-get.
Bully Version 1.4-00
WLAN0 Built-in (laptop) Intel AC 9260(rev29) (******* seriously has no way to be disabled via BIOS - I've looked!
WLAN1 USB AWUS036NHA AKA Alfa Atheros AR9271 (supposedly 'the card' to have for Kali...)
I have a big pile of various routers I've decommissioned over the years. All of them are within feet of my laptop and the signal is coming in a t -44db - 50db, which is excellent.
After reading some guides, I am starting the process with:
Code:
sudo systemctl stop NetworkManager
sudo airmon-ng check kill
I run bully with -d -v3. It picks a PIN at random (it seems), but then just tries the same PIN over and over again:
Code:
[!] Received disassociation/deauthentication from the AP
[+] Rx( M1 ) = 'NoAssoc' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[!] Received disassociation/deauthentication from the AP
[+] Rx( M1 ) = 'NoAssoc' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[!] Received disassociation/deauthentication from the AP
[+] Rx( M1 ) = 'NoAssoc' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[!] Received disassociation/deauthentication from the AP
[+] Rx( M1 ) = 'NoAssoc' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[!] Received disassociation/deauthentication from the AP
[+] Rx( M1 ) = 'NoAssoc' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[!] Received disassociation/deauthentication from the AP
[+] Rx( M1 ) = 'NoAssoc' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
[+] Rx( Auth ) = 'timeout' Next Pin '95122274'.
And it pretty much does the same thing on for hours, if I leave it without ever changing the PIN.
Reaver does something similar.
I run reaver withReaver will give me a few screen fulls of what looks like HEX and will flash it a bit. It always starts with PIN 12345670 and within the big block it always say
Code:
[!] WPS transaction failed (code:0x04), retrying last pin
[!] WARNING: 10 failed connections in a row
It will flash the same brick a few times and then just do this:
Code:
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
It will do this for about 20 seconds, then loop with with the same 12345670 pin.
So, I am not sure if if the programs are broken, I am doing something wrong, of if the WPS thing is just too old, even for my older routers.
I found an article by Null_Byte from 2016 describing something similar with Reaver: https://null-byte.wonderhowto.com/fo...-dead-0168056/
Many people in the comments were saying that some dependencies (libpcap) that got updated and are now screwing with how reaver works. The instructions are not super clear on how to un-install them and get the older versions, but I wanted to see if others are having the same problem.
I also found an article from Feb 2020 https://outpost24.com/blog/wps-cracking-with-reaver
Guy there talks about slowing down Reaver with these switches:
reaver -i mon0 -c 6 -b 00:23:69:48:33:95 -vv -L -N -d 15 -T .5 -r 3:15
I tried this and I am not sure if it is working. It runs a lot slower but I've left it overnight on one of my old routers and 16 hours later it was still splashing the screen with no results. Is this normal?