Results 1 to 5 of 5

Thread: Reaver - Issues after issues

  1. #1
    Join Date
    2015-Aug
    Posts
    3

    Reaver - Issues after issues

    Hey Folks,

    I don't usually ask for help with these kinds of things, however I have exhausted the past 48 hours trying to figure this out on my own to absolutely no avail. I will attempt to be as detailed as possible for your convenience, and I appreciate all the help in advance!

    I am attempting, for educational and security purposes, to crack my own router via the WPS vulnerability using Reaver. I have the latest version of Kali Linux (full 64-bit download) running as the primary operating system on my laptop, it is NOT on a VM of any sort. Internet connectivity was used during the installation aswell as afterwards to make sure the whole system was up-to-date. The router is WPS enabled (confirmed in wash) and is running on the default vendor settings. The router is also positioned directly beside the laptop itself (for signal strength).

    I am using the onboard wireless card on my laptop and do not wish to purchase a dedicated external card to only use for testing purposes.

    My wireless card is:
    Qualcomm Atheros AR9285

    The card is confirmed being able to be put into monitor mode with:
    Code:
    airmon-ng start wlan0
    This will result in a device named "wlan0mon" in monitoring mode.

    The card is also confirmed to be injection-ready by using this command:
    Code:
    aireplay-ng -9 wlan0mon
    Injection is working!
    Found 15 APs
    Now that we have established what my system is, and that it is capable, lets get onto my issue.

    No matter what I try, Reaver simply will not work. 1 of 3 things always happens.

    1) Continuous "Response timeout occurred" on identification response
    2) Continuous looping of the first pin (pin failed; retrying last pin)
    3) Can not associate with the AP

    Testing with my own home network, my primary issue was #3. However, after trying for hours to do it, a friend invited me over to try it on his AP. With his AP (confirmed once again to be WPS enabled and vulnerable in wash) the issues seemed to alternate between #1 and #2.

    Once again, both APs are using their stock vendor settings.

    This is my EXACT process to start an attack.

    Code:
    airmon-ng start wlan0
    airodump-ng wlan0mon0
    reaver -i wlan0mon -b XX:XX:XX:XX:XX:XX -vv
    Where XX:XX:XX:XX:XX:XX = the MAC of the network found from airodump-ng wlan0mon0

    Following this process I always end up with one of the above 3 problems. I have tried several other attempts at using different variables from within reaver, such as specifying the channel with -c, however nothing has held up.

    I am an incredibly persistent person and will not stop until I am able to do this. I don't understand at all why it wouldn't be working.

    Thank you again in advance for any and all help you are able to provide! Cheers!

  2. #2
    Join Date
    2015-Jul
    Posts
    15
    Using

    airodump-ng --channel=<?> -w <capfile save name> wlan0mon NOT wlan0mon0

    Leave running for 2-5 mins pending on signals and clients.

    Use aircrack-ng <capfile save name> to see if any handshakes are in this .cap file we created

    You used the wash -i wlan0mon to find wps set @ " No " ?

    Brand of both routers you were using to test also?

    Having the router too close can be problematic also when running reaver against it.

    Also,that card is the same one i have broken twice in two separate laptops same chipset AR9285

    Excellent for grabbing handshakes and injecting before they died, just be warned they have a threshold that can be broken.

    Good luck bro.
    Last edited by drewsky; 2015-08-13 at 20:44.

  3. #3
    Join Date
    2015-Aug
    Location
    New Caledonia
    Posts
    2
    Quote Originally Posted by h4ck0ry View Post
    Thank you again in advance for any and all help you are able to provide! Cheers!
    it wont help much but i encounter the same issue on an alpha card

  4. #4
    Join Date
    2015-May
    Posts
    18
    Try to let the aireplay-ng do the association instead of reaver.

    Put -A in reaver commandline and open another terminal and run aireplay-ng against the target.

    And what the others told you, you can be to close to a router to, its like reading a paper, you cant read it if you are to far away, but not either if you have the paper pushed against your faceXD

  5. #5
    Join Date
    2014-Jun
    Posts
    71
    which version of Kali do you have ?

Similar Threads

  1. [Reaver][Kali 2016] Reaver Association Issues (Code 18)
    By h4ck0ry in forum General Archive
    Replies: 3
    Last Post: 2016-07-06, 11:54
  2. WiFite/Reaver issues
    By mire3212 in forum TroubleShooting Archive
    Replies: 9
    Last Post: 2015-09-06, 05:00
  3. Reaver/Dependency Installation Issues
    By draco in forum TroubleShooting Archive
    Replies: 2
    Last Post: 2013-10-05, 21:44

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •