Thought I'd share my current wifite-ng command line usage and thoughts, user asked on github.
./wifite-ng -ponly -pto 50 -paddto 20 -wpst 60 -wpsretry 5 -c<x> -pow 50
Code:
-ponly ---------> quick and dirty, low hanging fruit.......key cracked offline even.
-pto 50 --------> if router doesn't respond in 50 secs, I'm too far away or need to spoof mac
-paddto 20 -----> if hashes start flowing add more time
-wspt 60 -------> if pin found, and I'm close enough - reaver will find passphrase quickly.....if not, need advanced options from command line,
don't hang script. Move on to next target. script default is 660 secs
-wpsretry 5 ----> try pin 5 times only. If I'm close enough, thats enough retry times. Else spoof or move closer. possibly -t20, -T20 in reaver.
-c -------------> try routers on specific channels, optional. just less clutter in crowded locations
-pow 50 --------> only try routers 50dB and above, if below your chasing other problems but distance is the main problem
1st know which routers are at this point broken - check soxrok2212's database (1st set of hashes will let u know)
After router scans and wps compatibility check use wifite-ng signal strength colors as indicator of possible success - green targets in range, yellow maybe, red don't even try
Let wifite-ng do its thing...........
If wifite-ng isn't able to crack any targets, consider your distance mostly and if any of the targets routers are vulnerable.
Then use command line to verify with reaver output:
Failed association:
- Use airodump-ng to find clients of router ***
- Use reaver -m (mac of client) and -A (aireplay-ng does associations)
- Move closer **
Rate Limiting Detected:
- send less pin request and use lock out timer
- use mdk3, try reset router **
Use airodump to see connected clients and or if router resets with mdk3.
