Just registered to say thank you toSlim for coding Frankenscipt!
It's awesome that someone is still improving on reaver and WPS vulnerabilities. The script has made things much faster and easier. I do have a few suggestions for improvement:
1) I would like to second the idea to add syntax lists for Reaver and Bully. Most of them i've memorized but i still have to refer to my "cheat sheet" on occasion.
2) Also, I would like to see a way to save custom syntax in either a list, or in association with a specific ESSID. For instance, I commonly use -vv -N -T -d 3 on a couple of my routers where basic settings will not work. I have to use trial and error to find the best syntax strings and usually write them down in a notebook. It would be nice to be able to save them.
3) Is there any way to automate the trial and error process based on Reaver output? Say I get a rate limit lockout, and the scipt adds -L to try and ignore the lockout which sometimes works. Or, sets a high -d X number and works down to determine the ideal time between pin attempts or number of pin attempts that trigger a lockout? There are alot of ways to go with this and I'm sure some more experianced users could weigh in on how they addapt their syntax for certain situations.
4) Add options for flooding the router for a reset. Currently I scan AP's using wash in Frankenscript, then hop over to a script called AP-Fucker and use the Destruction Mode to attempt to reset the AP. This sometimes works.
5) I don't know if it's been discussed but there is another way to determine the default pin on some d-link routers discovered by the same guy who created Reaver. Check it out on his blog
here. His blog has a lot of good ino on router vulnerabilities.
That's all I can think of for now. Thanks again Slim!
Originally Posted by L0vecore
