Page 3 of 3 FirstFirst 123
Results 101 to 123 of 123

Thread: Wifite including new pixiewps attack

  1. #101
    Join Date
    2015-Aug
    Posts
    15
    Hi soxrok2212,
    thank you for you reply.

    Keep in mind, reaver and pixiewps are included by default in Kali 2.0. There is a version of wifite included as well that I believe supports the pixie dust attack, but it is not aanarchyy's version.
    Yes, I know, but I think these versions are different.
    They not only accept different command parameters but they also run differently. At least as far as I can say, after testing them on the same system with the same hardware, on two separate installs.
    One with original Kali 2.0 files exclusively and one with Kali 2.0 after installing and applying modifications like aanarchyy's version and so on.
    Last edited by DinoS; 2015-08-18 at 10:00.

  2. #102
    Join Date
    2015-Aug
    Posts
    26
    Forget what i said about that "./configure" thing, was also a bit tired i guess^^ after a little research i would point to problems within the newer version of libpcap but i guess you already figure that out

    Hmm, yes

    there are 2 versions if we talk about usable packages. The original which is still build in kali and the fork from aanarchyy (better known as wifite-ng)


    wifite https://github.com/derv82/wifite
    wifite-ng https://github.com/aanarchyy/wifite-mod-pixiewps

    Is that the point?

  3. #103
    Join Date
    2015-Aug
    Posts
    15
    Hi fruchttiger00x0,
    I suppose you oversaw my edit in my original post:

    Sorry aanarchy, sorry to everyone else too.
    Seems I was a bit tired from long hours.
    Googled it and found this: https://code.google.com/p/reaver-wps.../detail?id=190

    It seems: "You can just ignore the error and do,
    "sudo reaver" or "sudo -i reaver"
    And the program is runnnig and working well.
    Enjoy! "

    I hadn't even noticed the compiled files.
    Thank you all anyway.
    After half an hour of coffee brake, I found the above mentioned posting and realized I was blind enough to oversee the compiled files.
    So, problem solved, my question answered.
    Thank you anyway for your interest and time.

  4. #104
    Join Date
    2015-Mar
    Posts
    141
    Sorry I have been slacking on this, was busy porting pixiewps to android and soon t6x-reaver :-) I will look into this shortly. Too many projects...

  5. #105
    Join Date
    2015-Aug
    Posts
    26
    take your time boy, coming when its done. the mod is my first choice, especially to run some checks after doing wifi modifications. really sweet dude!
    but btw, can you tell me if there is some verbose mode or that i at least can see what reaver is gonna do. For many APs i just wait forever because it is still trying to get Hash 1 & 2. I could run reaver or other scripts but this is surely inconvenient and wont show me options, parameters you might trigger.so anyway.. would be nice to know o

  6. #106
    Join Date
    2014-Jul
    Posts
    55
    i am having some problem while using wifite
    i am trying to attack on my AP

    my router is dlink DSL-2730U
    i am getting 0x02 error

    i am also getting error while i am trying pixie attack on some other AP
    i am not sure about this error
    its show something with PSK ...
    & then stop attack & switch to another AP


    i am using wifite with kali 2.0 (live using usb)
    my wifi adapters TP link WN722N

  7. #107
    Join Date
    2013-Jul
    Location
    United States
    Posts
    519
    Quote Originally Posted by yhi View Post
    i am having some problem while using wifite
    i am trying to attack on my AP

    my router is dlink DSL-2730U
    i am getting 0x02 error

    i am also getting error while i am trying pixie attack on some other AP
    i am not sure about this error
    its show something with PSK ...
    & then stop attack & switch to another AP


    i am using wifite with kali 2.0 (live using usb)
    my wifi adapters TP link WN722N
    The networks probably aren't vulnerable. From the looks of it, that D-Link uses a Broadcom chipset which is not vulnerable to the pixie dust attack, though it may be vulnerable to devttys0's d-link pingen.

  8. #108
    Join Date
    2016-Jan
    Posts
    14
    Nice mod with only 1 thing wrong. It does not capture handshakes at all. if it captured handshakes it would be perfect. Thx again for this aanarchyy.

  9. #109
    Join Date
    2013-Sep
    Posts
    262
    though it may be vulnerable to devttys0's d-link pingen.
    Not this one: A common default PIN ( 20172527 ) has been found on several DSL-2730U
    The algorithm from craig heffner (devttys0's) affects devices with model name like this "DIR-(....)" or DAP-(....).
    If you see "DIR" or "DAP" you would have approximately 50% of probability to be in front of a vulnerable device.

  10. #110
    Join Date
    2013-Aug
    Location
    lost in space
    Posts
    580
    Quote Originally Posted by kalifornia View Post
    Nice mod with only 1 thing wrong. It does not capture handshakes at all. if it captured handshakes it would be perfect. Thx again for this aanarchyy.
    and why not start a new project? I like Wifite, but I can see the use for an 'assistant'. A program that will assist the User spoof, scan, launch attacks, with a spectrum of options. Less automation and more options.
    Kali Linux USB Installation using LinuxLive USB Creator
    Howto Install HDD Kali on a USB Key
    Clean your laptop fan | basic knowledge

  11. #111
    Join Date
    2015-Mar
    Posts
    141
    Haven't looked at this in months, but last i remember it does capture handshakes just fine, it creates a directory named "hs" and saves the caps of the handshakes in it.
    And if you do not supply a word list, all it does is capture the handshake and move on.

  12. #112
    Join Date
    2016-Jan
    Posts
    14
    I have a modified wifite the sends 5 deauths then waits 10 secs and send 5 more again. Anything with 26db or greater with a client connected gets a handshake within a minute. Wifite-ng i dont know whats wrong bro but it wont capture any. I cant be the only one.

    Not complaining at all bro just pointing it out to you. The wifite-ng script rocks. If it captured hs it would be perfect. The wps wash locked or open and connected clients works great and pixiewps attack n printing.

    I have a awus036nh whichs hasnt cracked anything yet although my bros routers is 100% vulnerable the pix attack always says failed and i get failed to associate messages lots. Ive ordered a awus036nha as ive read the rt3070 on the 036nh dont work good with reaver.

    Thx again aanarchyy!

    Voluntarist for life.

  13. #113
    Join Date
    2015-Mar
    Posts
    141
    Quote Originally Posted by kalifornia View Post
    I have a modified wifite the sends 5 deauths then waits 10 secs and send 5 more again. Anything with 26db or greater with a client connected gets a handshake within a minute. Wifite-ng i dont know whats wrong bro but it wont capture any. I cant be the only one.

    Not complaining at all bro just pointing it out to you. The wifite-ng script rocks. If it captured hs it would be perfect. The wps wash locked or open and connected clients works great and pixiewps attack n printing.

    I have a awus036nh whichs hasnt cracked anything yet although my bros routers is 100% vulnerable the pix attack always says failed and i get failed to associate messages lots. Ive ordered a awus036nha as ive read the rt3070 on the 036nh dont work good with reaver.

    Thx again aanarchyy!

    Voluntarist for life.
    I have issue with how some of reaver(and therefore also wifite as reaver is a "helper" program) is written and poor cross-compilation , and i have since backed away from reaver.

    I have a modified version of bully that seems to work much better for me though, give it a shot.
    https://github.com/aanarchyy

  14. #114
    Join Date
    2016-Jan
    Posts
    14

    My 036nha came in tmail today. Its a very fast card and blows the 036nh away. Im in the process of popping my bros asus router 2 blocks away in an hour with wps pin attack 41/146 suucess/ttl 20db is the signal level in wifite-ng lol this card is awesome with low signal. Im using nethunter on my note 3 on touchwiz. I think i will put the 036nh up on kijiji.

    Aanarchyy i tried your modded bully with the 036nha and got a lockout within 10 secs which tells me its working. With the 036nh i could not do anything except capture handshakes. the 036nh seems more responsive with bully though. in reaver it sucks imho.

    I love the automation with wifite because i use a galaxy note 3 to pentest. It would be great to see bully implimented into wifite. Wink wink

    Cheers from BC canada.

  15. #115
    Join Date
    2016-Jan
    Posts
    14
    This awus036nha is a great card. I Never seen this model dlink router in the pixiedust database and i can confirm it works.
    Attached Images Attached Images

  16. #116
    Join Date
    2016-Jul
    Posts
    2

    Weird problem

    Hi guys i dong know if the crack works or not im using the new kali 2016.1 iso live on usb chipset 5100agn with everything configured wlan0mon and injecting packet as well im trying to connect to a AP close to me -41dB but reaver doesnt work wont get pass M2 send nack error time out occured then i tryed wifite the pixie dust doest work wont receive the eHashes eHash1 and eHashes2 so my guess its that the wps doesnt work but wash -i wlan0mon shows me that is not protected and wifite told me that its supporting wps also i tried capturing handshake aireplay lets me so it and also injecting and also deauth and fakeauth but everything else just wont receive the M3 m4 and so the only thing that seems to maybe work..its the wifite WPS pin attack im able to go 0/8900 success/ttl but no percentage and its been like 15h now i really dont know what to do by now

  17. #117
    Join Date
    2016-Jan
    Posts
    99
    try with airodump-ng wlan0mon -c 1 --wps and if the output is PBC, forget about it

  18. #118
    Join Date
    2016-Jul
    Posts
    17
    Quote Originally Posted by nuroo View Post
    Just so I can run original and your wifite, I renamed yours wifitemod:

    Heres output with new version with pixiewps timeout:
    Code:
    ~/wifite-mod-pixiewps-master# ./wifitemod -wps
    
      .;'                     `;,    
     .;'  ,;'             `;,  `;,   WiFite v2 (r85)
    .;'  ,;'  ,;'     `;,  `;,  `;,  
    ::   ::   :   ( )   :   ::   ::  automated wireless auditor
    ':.  ':.  ':. /_\ ,:'  ,:'  ,:'  
     ':.  ':.    /___\    ,:'  ,:'   designed for Linux
      ':.       /_____\      ,:'     
               /       \             
    
    modified by aanarchyy(aanarchyy@gmail.com)
    Credits to wiire,DataHead,soxrok2212,nxxxu
    
     [+] targeting WPS-enabled networks
    
     [+] scanning for wireless devices...
     [+] initializing scan (mon0), updates at 5 sec intervals, CTRL+C when ready.
     [0:00:04] scanning wireless networks. 0 targets and 0 clients found   
    
     [+] scanning (mon0), updates at 5 sec intervals, CTRL+C when ready.
    
       NUM ESSID                 CH  ENCR  POWER  WPS?  CLIENT
       --- --------------------  --  ----  -----  ----  ------
        1  DG167****              1  WPA2  36db   Locked 
        2  FiOS-S****             1  WPA2  23db   wps 
        3  SprintGatew****      1  WPA2  21db   wps 
    
     [0:00:32] scanning wireless networks. 3 targets and 2 clients found   
     [+] checking for WPS compatibility... done
     [+] removed 47 non-WPS-enabled targets
    
       NUM ESSID                 CH  ENCR  POWER  WPS?  CLIENT
       --- --------------------  --  ----  -----  ----  ------
        1  DG167****              1  WPA2  36db   Locked 
        2  TG167****             11  WPA2  25db   wps 
        3  FiOS-S****             1  WPA2  24db   wps 
        4  TDS                    6  WPA2  22db   wps 
        5  TG167****              1  WPA2  21db   wps 
        6  MiamiHEAT             11  WPA2  20db   wps 
        7  U10C0****             1  WPA   18db   wps 
        8  SprintGate****      1  WPA2  18db   wps 
        9  DIRECT-pm-BR****       1  WPA2  18db   wps 
       10  DG167****              1  WPA2  15db   wps 
    
     [+] select target numbers (1-10) separated by commas, or 'all': all
    
     [+] 10 targets selected.
    
     [0:00:00] initializing PixieWPS attack on DG167**** (...........:73:90)
     [+] E-Nonce found
     [+] PKE hash found
     [+] PKR hash found
    
     [!] unable to complete successful try in 60 seconds
     [+] skipping pixiewps on DG167****
    
     [+] Pixiewps attack failed!
    
     [0:00:00] initializing WPS PIN attack on DG167**** (...........:73:90)
    ^C0:00:18] WPS attack, 0/0 success/ttl, 
     (^C) WPS brute-force attack interrupted
    
     [+] 9 targets remain
     [+] what do you want to do?
         [c]ontinue attacking targets
         [e]xit completely
     [+] please make a selection (c, or e): c
    
     [0:00:00] initializing PixieWPS attack on TG167**** (...........:EC:10)
    
     [!] unable to complete successful try in 60 seconds
     [+] skipping pixiewps on TG167****
    
     [+] Pixiewps attack failed!
    
     [0:00:00] initializing WPS PIN attack on TG167**** (...........:EC:10)
    ^C0:00:22] WPS attack, 0/0 success/ttl, 
     (^C) WPS brute-force attack interrupted
    
     [+] 8 targets remain
     [+] what do you want to do?
         [c]ontinue attacking targets
         [e]xit completely
     [+] please make a selection (c, or e): c
    
     [0:00:00] initializing PixieWPS attack on FiOS-S**** (...........:EC:C2)
     [+] E-Nonce found
     [+] PKE hash found
     [+] PKR hash found
     [+] E-Hash1 found
     [+] E-Hash2 found
    Traceback (most recent call last):
      File "./wifitemod", line 3124, in <module>
        main()
      File "./wifitemod", line 321, in main
        need_handshake = not wps_attack(iface, t)
      File "./wifitemod", line 2912, in wps_attack
        line = f.readline()
    UnboundLocalError: local variable 'f' referenced before assignment
    Timeout for pixie worked. but another error above.
    Please make pixie timeout configureable.
    also option if pixewps fail, no brutefructe, move to next target.
    Please consider because failed attempt locked router
    Code:
    For those wondering what reavers -P option is intended for:
    
    Option (-P) in reaver puts reaver into a loop mode that does not do the  WPS protocol to or past the M4 message to hopefully avoid lockouts. This  is to ONLY be used for PixieHash collecting to use with pixiewps, NOT  to 'online' bruteforce pins.
    This option was made with intent of:
    
    ----Collecting repe***ive hashes for further comparison and or analysis / discovery of new vulnerable chipsets , routers etc..
    
    ----Time sensistive attacks where the hash collecting continues repe***ively until your time frame is met.
    
    ----For scripting purposes of whom want to use a possible lockout preventable way of PixieHash gathering for your Use case.                         
    by datahead



    try : ./wifite-ng ......on the directory that you have the files.... ( sorry for the bad english) ...:

    if it doesnt let you use it... use

    chmod +x ./wifite-ng
    and after that ./wifite-ng
    ^^

  19. #119
    Join Date
    2014-Oct
    Posts
    42
    Hey guys I am having an issue with PixieDust not working on confirmed routers like the " D-Link DIR-501 A1" I get a message that it might be vulnerable to try --force but the force command doesnt seem to work. also, while WPS is enabled, and I can see the AP, if I run wifite --pixie, the AP does not show in the list, if I just run wifite, then I am able to see it, but it defaults to all attacks but WPS. Any suggestions?

  20. #120
    Also in previous version -ponly had no acknolegdement of being set to active, this version says its active.
    Sorry just gotta keep up with all the changes they keep making with the helper apps

  21. #121
    Join Date
    2016-Aug
    Posts
    1
    (i have a awful english, sorry) i have a problem, the wifite create subinterfaces one after another without me asking if I want to create another. i downloaded the last version of "aanarchyy" but i can't use script

    root@BigFalcon:~/Descargas/wifite-mod-pixiewps-master# ./wifite-ng -wps

    .;' `;,
    .;' ,;' `;, `;, WiFite v2 (r112)
    .;' ,;' ,;' `;, `;, `;,
    :: :: : ( ) : :: :: automated wireless auditor
    ':. ':. ':. /_\ ,:' ,:' ,:'
    ':. ':. /___\ ,:' ,:' designed for Linux
    ':. /_____\ ,:'
    / \

    modified by aanarchyy(aanarchyy@gmail.com)
    Credits to wiire,DataHead,soxrok2212,nxxxu,nuroo

    [+] targeting WPS-enabled networks

    [+] scanning for wireless devices...
    [+] available wireless devices:
    1. phy0 wlan2 rtl8187 Ovislink Corp. AirLive WL-1600USB 802.11g Adapter [Realtek RTL8187L]
    2. phy1 wlan7 rt2800pci Ralink corp. RT3290 Wireless 802.11n 1T/1R PCIe
    [+] select number of device to put into monitor mode (1-2): 2
    [+] enabling monitor mode on wlan7... done
    [+] available wireless devices:
    1. phy0 wlan2 rtl8187 Ovislink Corp. AirLive WL-1600USB 802.11g Adapter [Realtek RTL8187L]
    2. phy1 wlan7mon rt2800pci Ralink corp. RT3290 Wireless 802.11n 1T/1R PCIe
    [+] select number of device to put into monitor mode (1-2): 2
    [+] enabling monitor mode on wlan7mon... done
    [+] available wireless devices:
    1. phy0 wlan2 rtl8187 Ovislink Corp. AirLive WL-1600USB 802.11g Adapter [Realtek RTL8187L]
    2. phy1 wlan7monmon rt2800pci Ralink corp. RT3290 Wireless 802.11n 1T/1R PCIe
    [+] select number of device to put into monitor mode (1-2): 2
    [+] enabling monitor mode on wlan7monmon... done
    [+] available wireless devices:
    1. phy0 wlan2 rtl8187 Ovislink Corp. AirLive WL-1600USB 802.11g Adapter [Realtek RTL8187L]
    2. phy1 wlan7monmonmon rt2800pci Ralink corp. RT3290 Wireless 802.11n 1T/1R PCIe
    [+] select number of device to put into monitor mode (1-2):

  22. #122
    Join Date
    2016-Nov
    Posts
    1

    airmon-ng check kill

    Quote Originally Posted by hedbert View Post
    (i have a awful english, sorry) i have a problem, ...
    airmon-ng check kill worked for me

  23. #123
    Join Date
    2016-Oct
    Location
    South Texas
    Posts
    20
    Same issue as hedbert, I added this to the latest nethunter and I am unable to find a solution anywhere.
    Anyone have the same problem or find a solution, check kill did not work.

Similar Threads

  1. Pixiewps: wps pixie dust attack tool
    By wiire in forum Community Projects
    Replies: 243
    Last Post: 2017-11-09, 19:31
  2. Bully modified to implement pixiewps attack
    By aanarchyy in forum Project Archive
    Replies: 65
    Last Post: 2017-04-17, 21:21
  3. Replies: 26
    Last Post: 2016-08-17, 09:34
  4. Wifite including new pixiewps attack
    By aanarchyy in forum General Archive
    Replies: 75
    Last Post: 2015-05-04, 23:16
  5. Pixiewps: wps pixie dust attack tool
    By wiire in forum General Archive
    Replies: 89
    Last Post: 2015-05-04, 19:32

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •