TimothyZhang023 / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

Reaver is skipping correct pin due to fake WSC NACK Respond #461

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
Hi there I have a problem whit Reaver 
problem is that Reaver is skipping pins due to Fake nack responds received 
after M4 message after checking second half of pin in previous attempt.

Signal strength:58db.
Wireless card used: Realtek RTL8187 built-in Toshiba Satellite in monitor mode
Router Model TP-Link TL-WR720N (TP-LINK Wireless Router WR720N)
distance about 10-15 meters
Latest version of Reaver downloaded from Backtrack Linux Repo using 
apt-get update
apt-get install Reaver commands.

6. Please describe what you think the issue is.
I think there must be an additional check that previous half of pin was correct 
or not.

[+] Trying pin 43620852
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] Trying pin 43620869
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] Trying pin 43620876
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] Trying pin 43620883
[+] Sending EAPOL START request
root@bt:~# reaver -i  mon0  -b 64:70:02:DD:F4:8C -vv --nack

Original issue reported on code.google.com by kostad...@yahoo.com on 23 Jan 2013 at 7:33

GoogleCodeExporter commented 9 years ago
reaver stop why

Original comment by alhaw...@gmail.com on 28 Jan 2013 at 2:45

GoogleCodeExporter commented 9 years ago
Reaver goes to 99,99% till the end of pin list and never found the correct one 
(repeating last in loop)

Original comment by kostad...@yahoo.com on 29 Jan 2013 at 12:14

GoogleCodeExporter commented 9 years ago
I can confirm this, I would mark it as serious bug, and it did not skipped the 
correct pin in my case.
There is a little probability of skipping the correct one but non zero.

[+] Sending M6 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] Trying pin 43620869
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message

it appears here like we missed the M5, but even with -T .9 [M5/7 timeout] 
doesn't help

[+] Received WSC NACK   
[+] Sending WSC NACK
[+] Trying pin 43620876     <- here should be a pin ....086. retry
[+] Sending EAPOL START request

My setup was Debian Wheezy, rt73usb/zd1211rw, router Tenda W311, -50dBm, reaver 
1.4 from Repo and svn rev 113.
I'm reviewing the sources and looking for solution, I will make a patch when 
the author permits or will find the workaround.

Original comment by agent...@gmail.com on 13 Feb 2013 at 4:45

GoogleCodeExporter commented 9 years ago
reached 99% and if not found, then jumped the correct pin.
already tried to start from 0 again?

Original comment by deltomaf...@gmail.com on 14 Feb 2013 at 6:15

GoogleCodeExporter commented 9 years ago
The solution of this issue is described in issue post #470 
http://code.google.com/p/reaver-wps/issues/detail?id=470 .  

Original comment by agent...@gmail.com on 15 Feb 2013 at 2:28