Varmacscan supporting Kali 1.10a, 2 and Kali 2016.1 R is released for community use.
Program supports options to not kill Network-Manager Functions on other devices when running varmacscan.
Several text output bugs when a WPA key was found were corrected.
Differences between the three(3) different Operating Systems were incorporated into one package.
Version 3-3 updated from 3-1
Routines when attacking specific routers models have been rewritten.
You can download here thru kali or at
https://github.com/musket33/varmacscan
http://www.datafilehost.com/d/5ea4b8f4
The following script was originally designed to be used against a specific model of router which locked its WPS system after 10 pin requests. These routers were also NOT susceptible to any of the DDOS attacks available thru VMR-MDK series nor were they vulnerable to pixiedust. A few were cracked when the WPS pin reset to 12345670 and the WPS system was open. But in general reaver was not the tool of choice. To crack these routers the only methods remaining were either brute forcing a WPA handshake or social engineering approaches like WPA Phishing.
MTeams areas of operation are surrounded by this model of router. In short our areas are rich in these targets. After studying the WPA locking and unlocking a different approach was conceived. If a program could constantly search the area of reception and automatically attack any routers which had unlocked, then a small number of WPS pins could slowly be collected from a large number of routers and in time, the WPA key could be extracted.
This program was not originally considered for a MTeams release until a surprising side effect occurred. The program began cracking other models that either were resistant to previous reaver attacks or routers that we did not even know existed. This success is not because of any special reaver command line. It is simply that the program is constantly searching and then attacking all WPS enabled routers found for short periods of time automatically gathering data and moving to the next target endlessly.
Varmacscan2-0 is a totally automatic fire and forget script. Once running the script will search for any WPS enabled networks within reception range and then attack each in turn. Both search and attack times are set by the user. No specific targets are selected. After each router is subjected to reaver, any data acquired is searched for a viable pixiedust data sequence. If a sequence is found and the WPS pin extracted, it is loaded into reaver which reattacks the router using the pin number in the reaver command line. During both search and attack, modes aircrack-ng is run in the background collecting ESSIDPROBES. If a WPA key is obtained the program will skip the target in future attacks. Once all networks seen have been attacked the program rescans for targets and then attacks all seen again. This process will continue for as long as the user requires, no user input is needed.
When you have exhausted attacks against stationary unlocked WPS enabled Networks thru the command line, and/or tested VMR-MDK against all WPS locked routers, run this program up and go to bed and see what tomorrow brings..
Happy Hunting
Musket Teams
