backwardhero / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

[+] Sending EAPOL START request [!] WARNING: Receive timeout occurred #169

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
Hello,

I am trying to launch again this issue which is already present here:

http://code.google.com/p/reaver-wps/issues/detail?id=117

because I tried to continue the discussion, but apparently it was closed.

So.. I'm running an Atheros AR928X installed in an Acer EasyNote TJ75. Here are 
the rest of the details:

0. What version of Reaver are you using? (Only defects against the latest 
version will be considered.)

Latest one.

1. What operating system are you using (Linux is the only supported OS)?

Ubuntu 11.10

2. Is your wireless card in monitor mode (yes/no)?

Yes

3. What is the signal strength of the Access Point you are trying to crack?

Very strong (I make the test being very close to my modem)

4. What is the manufacturer and model # of the device you are trying to crack?

Huawei EchoLife HG520b

5. What is the entire command line string you are supplying to reaver?

sudo reaver -i mon0 -b XX:XX:XX:XX:XX:XX -vv --ignore-locks

6. Please describe what you think the issue is.

May be WPS is not enabled on my modem.. I tried with wash -i mon0 but any row 
was returned.. so I don't know if WPS is enabled or not..

7. Paste the output from Reaver below.

[+] Waiting for beacon from XX:XX:XX:XX:XX:XX
[+] Switching mon0 to channel 6
[+] Associated with XX:XX:XX:XX:XX:XX (ESSID: xxxxxxxx)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred

... after it occurs over and over.

ps:

* I also properly tested revisions 95 and 96.. without success.

* When I run the command line without --ignore-locks, I have this output:

[+] Waiting for beacon from XX:XX:XX:XX:XX:XX
[+] Switching mon0 to channel 6
[+] Associated with XX:XX:XX:XX:XX:XX (ESSID: xxxxxxxx)

The output stop here, even if I wait 30 minutes.

Original issue reported on code.google.com by reclamha...@gmail.com on 23 Jan 2012 at 5:15

GoogleCodeExporter commented 8 years ago
Wash only displays APs that support WPS, so if your AP wasn't displayed then it 
doesn't support WPS.

Original comment by cheff...@tacnetsol.com on 23 Jan 2012 at 5:32

GoogleCodeExporter commented 8 years ago
Thank you for your response.. just for understand; what means "Packet with bad 
FCS"?

Cause when I enter this command line: sudo wash -i mon0   I have this output:

BSSID        Channel       RSSI       WPS Version       WPS Locked        ESSID
--------------------------------------------------------------------------------
--
[!] Found packet with bad FCS, skipping...
[!] Found packet with bad FCS, skipping...
[!] Found packet with bad FCS, skipping...
[!] Found packet with bad FCS, skipping...

But when I add --ignore-fcs to the command, I have nothing displayed:

BSSID        Channel       RSSI       WPS Version       WPS Locked        ESSID
--------------------------------------------------------------------------------
--

Original comment by reclamha...@gmail.com on 24 Jan 2012 at 3:10

GoogleCodeExporter commented 8 years ago
That probably means your AP doesn't support WPS. If you can provide a pcap I 
can double check for you.

FCS is the frame checksum of the 802.11 packet. A bad checksum indicates a 
corrupted packet.

Original comment by cheff...@tacnetsol.com on 25 Jan 2012 at 4:42

GoogleCodeExporter commented 8 years ago
Thank you, but can you please tell me how to provide you with a pcap?

Original comment by reclamha...@gmail.com on 26 Jan 2012 at 3:17

GoogleCodeExporter commented 8 years ago
You can use Wireshark or tcpdump to capture packets. Something like:

tcpdump -i mon0 -s0 -w broken_reaver.pcap

should work.

Original comment by cheff...@tacnetsol.com on 26 Jan 2012 at 3:20

GoogleCodeExporter commented 8 years ago
Ok, I will test it as soon as possible and send it to your mail.. just tell me 
in which folder will I collect the file broken_reaver.pcap?

Thank you again.

Original comment by reclamha...@gmail.com on 26 Jan 2012 at 3:33

GoogleCodeExporter commented 8 years ago
It will be located in whichever directory you ran the tcpdump command in.

Original comment by cheff...@tacnetsol.com on 26 Jan 2012 at 4:04

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
Here is the output:

tcpdump: WARNING: mon0: no IPv4 address assigned
tcpdump: listening on mon0, link-type IEEE802_11_RADIO (802.11 plus radiotap 
header), capture size 65535 bytes

I have just sent you the pcap file to your mail.

I interrupted the tcpdump command at a moment before sending the file. When I 
selected Ctrl + C to stop the process, I got this output:

2298 packets captured
2298 packets received by filter
0 packets dropped by kernel

ps: I was connected to my wireless during the process.

Thanks a lot.

Original comment by reclamha...@gmail.com on 26 Jan 2012 at 7:47

GoogleCodeExporter commented 8 years ago
I assume the 'HuaweiEchoLife' AP is yours. It does not support WPS.

Original comment by cheff...@tacnetsol.com on 26 Jan 2012 at 8:22

GoogleCodeExporter commented 8 years ago
Exactly, it's mine.. I thank you for the support.

Original comment by reclamha...@gmail.com on 26 Jan 2012 at 8:42