Results 1 to 5 of 5

Thread: Reaver - Issues after issues

  1. #1
    Join Date

    Reaver - Issues after issues

    Hey Folks,

    I don't usually ask for help with these kinds of things, however I have exhausted the past 48 hours trying to figure this out on my own to absolutely no avail. I will attempt to be as detailed as possible for your convenience, and I appreciate all the help in advance!

    I am attempting, for educational and security purposes, to crack my own router via the WPS vulnerability using Reaver. I have the latest version of Kali Linux (full 64-bit download) running as the primary operating system on my laptop, it is NOT on a VM of any sort. Internet connectivity was used during the installation aswell as afterwards to make sure the whole system was up-to-date. The router is WPS enabled (confirmed in wash) and is running on the default vendor settings. The router is also positioned directly beside the laptop itself (for signal strength).

    I am using the onboard wireless card on my laptop and do not wish to purchase a dedicated external card to only use for testing purposes.

    My wireless card is:
    Qualcomm Atheros AR9285

    The card is confirmed being able to be put into monitor mode with:
    airmon-ng start wlan0
    This will result in a device named "wlan0mon" in monitoring mode.

    The card is also confirmed to be injection-ready by using this command:
    aireplay-ng -9 wlan0mon
    Injection is working!
    Found 15 APs
    Now that we have established what my system is, and that it is capable, lets get onto my issue.

    No matter what I try, Reaver simply will not work. 1 of 3 things always happens.

    1) Continuous "Response timeout occurred" on identification response
    2) Continuous looping of the first pin (pin failed; retrying last pin)
    3) Can not associate with the AP

    Testing with my own home network, my primary issue was #3. However, after trying for hours to do it, a friend invited me over to try it on his AP. With his AP (confirmed once again to be WPS enabled and vulnerable in wash) the issues seemed to alternate between #1 and #2.

    Once again, both APs are using their stock vendor settings.

    This is my EXACT process to start an attack.

    airmon-ng start wlan0
    airodump-ng wlan0mon0
    reaver -i wlan0mon -b XX:XX:XX:XX:XX:XX -vv
    Where XX:XX:XX:XX:XX:XX = the MAC of the network found from airodump-ng wlan0mon0

    Following this process I always end up with one of the above 3 problems. I have tried several other attempts at using different variables from within reaver, such as specifying the channel with -c, however nothing has held up.

    I am an incredibly persistent person and will not stop until I am able to do this. I don't understand at all why it wouldn't be working.

    Thank you again in advance for any and all help you are able to provide! Cheers!

  2. #2
    Join Date

    airodump-ng --channel=<?> -w <capfile save name> wlan0mon NOT wlan0mon0

    Leave running for 2-5 mins pending on signals and clients.

    Use aircrack-ng <capfile save name> to see if any handshakes are in this .cap file we created

    You used the wash -i wlan0mon to find wps set @ " No " ?

    Brand of both routers you were using to test also?

    Having the router too close can be problematic also when running reaver against it.

    Also,that card is the same one i have broken twice in two separate laptops same chipset AR9285

    Excellent for grabbing handshakes and injecting before they died, just be warned they have a threshold that can be broken.

    Good luck bro.
    Last edited by drewsky; 2015-08-13 at 20:44.

  3. #3
    Join Date
    New Caledonia
    Quote Originally Posted by h4ck0ry View Post
    Thank you again in advance for any and all help you are able to provide! Cheers!
    it wont help much but i encounter the same issue on an alpha card

  4. #4
    Join Date
    Try to let the aireplay-ng do the association instead of reaver.

    Put -A in reaver commandline and open another terminal and run aireplay-ng against the target.

    And what the others told you, you can be to close to a router to, its like reading a paper, you cant read it if you are to far away, but not either if you have the paper pushed against your faceXD

  5. #5
    Join Date
    which version of Kali do you have ?

Similar Threads

  1. [Reaver][Kali 2016] Reaver Association Issues (Code 18)
    By h4ck0ry in forum General Archive
    Replies: 3
    Last Post: 2016-07-06, 11:54
  2. WiFite/Reaver issues
    By mire3212 in forum TroubleShooting Archive
    Replies: 9
    Last Post: 2015-09-06, 05:00
  3. Reaver/Dependency Installation Issues
    By draco in forum TroubleShooting Archive
    Replies: 2
    Last Post: 2013-10-05, 21:44

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts