Cracking WPS Locked Networks

**mmusket33** · 2019-05-04

Routers with their WPS system locked still go thru a period where the WPS system is open, usually after reboot or power failure etc. This open state though is temporary. Usually after a few WPS pins are collected, the router locks and no more WPS pins can be tested thru Reaver.

However if the router is susceptible to pixiedust then it is possible to collect the WPS pin number via pixiedust on one opening and when the router is again temporarily open, collect the WPA key. The trick here is one of timing.

M-Teams runs varmacscan constantly in our areas of operation and routinely crack WPS locked routers thru this method. Varmacscan is robotic in nature and tests all networks within antenna range automatically. If the WPS pin is collected thru pixiedust then the program will constantly attempt to collect the WPA key using that WPS pin. Should the network ever be open again, the WPA key can be automatically extracted and stored for the user.

M-Teams finds a surprising success rate is the early morning hours between 04:00 and 06:00 probably due to terrestrial radiation causing low level temperature inversions trapping the signal along the surface much like VHF radio long distance communication when temperature inversions are present.

For download and info see

https://forums.kali.org/showthread.p...-community-use

https://github.com/musket33/varmacscan

Musket Teams

Thread: Cracking WPS Locked Networks

Thread Tools

Search Thread

Display

Threaded View

Cracking WPS Locked Networks

Similar Threads

Bios Menu got locked

wps locked reaver !!

Posting Permissions