I don't know if it is necessary but i did like this and it worked
That's actually a question that i had in mind too
Yes. Then you don't need to dig for the PKR in wireshark
Since the help vid is down MTeams provides the following:
This assumes you have a working reaver modded for pixie-dust
This assumes you can run reaver and wash
This will only show you how to quickly find the five(5) variables required.
The modified reaver obtains three(3) of the five(5) variables. The only other problem is finding the corresponding or paired --pke and --pkr in wireshark.
After you have put your wifi device in monitor mode.
1. Start wireshark
2. Select Capture
3. Select Interface and choose your capture interfaces.
4. Start the capture
5. Click capture filters
6. Type or/select wps.public_key[Enter]
When you hit enter the wireshark screen may go blank as it filters the output.
7. Start reaver
8. As reaver obtains M1 and M2 data only these lines will appear in wireshark.
9. When you have collected enough data stop reaver and wireshark.
10. Copy your reaver output from the terminal window and save it to a text file. You will need it latter.
The N1 Enrollee Nonce links the output in reaver to the correct M1 and M2 packets in wireshark.
11. Go to wireshark, Click on the top screen showing No. Time Source......Info WPS M1
The --pke is located in the WPS M1 packets.
12 Select Ctrl-f. A drop down menu will appear = Wireshark Find Packet
Select Packet Details
In the Filter Block type public key then select find
13 Your cursor should now be over Public Key in the middle wireshark window and you should be in a WPS M1 packet(top screen info),
14. Scroll up in the middle wireshark block and find the Enrollee Nonce Go to your reaver text file you saved and find the same N1 Enrollee Nonce. If it is followed by a:
You can use this packet in wireshark.
15 Scroll down in the same middle block in wireshark and find Public Key: hex string
16 Click on the Pubic key, then right click, select copy, follow the > to the right, select value. The --pke value is now on the clipboard. Copy it to a text file.
17 Go to wireshark, click on the top screen showing No. Time Source......Info WPS M2
18 Again make sure the Enrollee Nonce is the same and copy the Public Key from the M2 packet. Do not confuse the Registrar Nonce with the Enrollee Nonce in the M2 packet. You now have the paired --pkr hex string.
As long as the enrollee nonce is the same in both reaver output and wireshark M1 and M2 you have picked the right packets in wireshark.
Put the five(5) variables in your pixie dust program and try your luck.
Currently we type in leafpad the following at the bottom of our reaver output file we made in item 10 above and then just paste in the hex strings. When completed we paste the entire text string into a terminal window and type [Enter]
pixiewps --e-nonce --pke --pkr --authkey --e-hash1 --e-hash 2
After a few runs you can do this is less then three(3) minutes.,
Video is back up in full HD just search "WPS Pixie Dust" on youtube and you'll find it.
My command for all tests was:
Code:#~: pixiewps -e <pke> -s <ehash-1> -z <ehash-2> -a <auth-key> -S -n <e-nonce>
I don't know which version of the modded Reaver you are using. The description of the youtube video contains the latest (download). It prints all the info needed (see the '[P]' tag) apart PKR which can be gathered in the M2 message (under Public Key), or can be avoided if the -S option is specified in both Reaver and Pixiewps. This option is used only to "ease the burden of a 10 seconds copy and paste work".
While I was still working on the program I made a tutorial on another forum to print some information not all (Authkey, E-Hash1, E-Hash2) with the ' > ' tag at the beginning of every print. So maybe you guys are using the 'old version'?
Changing topic, Bongard tweeted my tool.
in Wireshark Public key in Both M2 Message is. So is This Normal . Should i continue with This ?? Router Chipset is BroadCom..000000000000000............