Quote Originally Posted by nuroo View Post
In reaver 1.5.2, only -K1 is necessary. reaver now automatically does -K2,3.............
Code:
-K  --pixie-dust=<number>       [1] Run pixiewps with PKE, PKR, E-Hash1, E-Hash2 and E-Nonce (Ralink, Broadcom, Realtek)
no need to have your script execute -K1,2,3 >>> just -K1

In reaver 1.5.2 the -W1 and -W2 options are only for specific brands (belkin and dlink?). In my opinion the possible pins should not be displayed unless user attacking those brands, otherwise confusing.

As of reaver 1.5.2, user still must notice if new pixiewps 1.1 thinks router may be vulnerable to -f option, then try it manually. So that response should showed to user.

##############
If the user decides he wants a spoof/random mac address, does your script also pass the -m option to reaver
ie:
reaver -i mon0 -b 00:11:22:33:44:55:66 -m 11:00:11:00:11:00 -vv -S -N -K1
also in aireplay, the -h option:
aireplay-ng -1 6000 -o 1 -q 10 -e teddy -a 00:11:22:33:44:55:66 -h 11:00:11:00:11:00 mon0
I recommend for mac filtering routers. Reaver will still pass the real mac if above -m not used......
Cheers for the info, i'll be updating the attacks soon.
I left the -W options just incase any other ap's use the same pin generation method, it's a long shot I know but still worth a try.