chrsmithdemos / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
7 stars 3 forks source link

Can't associate and test wps pins with "newer" kernel versions #630

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
Ok so I tested this with many different setups and all the wlan adapter and 
systems I used worked before.
When you run reaver on a kernel version >3.10 (didn't test 3.0-3.9 yet so I 
don't know when this bug occured first) you get a few 
[!] WARNING: Failed to associate with AA:BB:CC:DD:EE:FF (ESSID: (null))
first and when it finally finds the AP you are looking for it just changes to 
[!] WARNING: Failed to associate with AA:BB:CC:DD:EE:FF (ESSID: Foobar)

It doesn't associate in 99 out of 100 tries (no matter what the distance 
between you and the ap) but when it does it can't try any pins. (I will later 
check again to get the exact error message)
Anyway I associated (successfully) with the ap with aireplay-ng and tried it 
with it, without success as well.
To eliminate any error from my part I tried it with a 2.6 kernel I had and it 
worked without any problems.

Original issue reported on code.google.com by blackhua...@gmail.com on 3 Apr 2014 at 8:05

GoogleCodeExporter commented 9 years ago
what chipset the adapter?
airmon-ng will show.
in my mind, is the wireless module into the kernel or firmware in /lib/firmware
maybe install backports can solve http://wireless.kernel.org/en/users/Download
so will install a new module.

Original comment by deltomaf...@gmail.com on 3 Apr 2014 at 10:13

GoogleCodeExporter commented 9 years ago
Oh I tested nearly every adapter I own.
ath9k (ar5418 pcie)
zd1211rw (zyair g220)
r2800usb (RT5370,RT5372,...)
...
I think I tested every last one of them (except for the really old ones).I'm 
not sure if there is any chipset I _didn't_ test.
Anyway I tried installing backports but after 1 or 2 failed compile attemps I 
got annoyed ;)

Original comment by blackhua...@gmail.com on 3 Apr 2014 at 10:34

GoogleCodeExporter commented 9 years ago
(Oh I only listed 4 adapters but I tested a lot more)

Original comment by blackhua...@gmail.com on 3 Apr 2014 at 10:43

GoogleCodeExporter commented 9 years ago
ok, when placed in monitor mode are specifying the channel?
if run airodump-ng with flag --ignore-negative-one in another terminal solved?
# airodump-ng mon0 -d <mac> -c <channel> --ignore-negative-one
in another terminal:
# reaver -b <mac> -a -S -N -vv -c <channel> -i mon0 -w

Original comment by deltomaf...@gmail.com on 3 Apr 2014 at 11:48

GoogleCodeExporter commented 9 years ago
No it doesn't oh and I forgot to mention wash -i mon0 closes after 
[root@pluto ~]# wash -i mon0

Wash v1.4 WiFi Protected Setup Scan Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

BSSID                  Channel       RSSI       WPS Version       WPS Locked    
    ESSID
--------------------------------------------------------------------------------
-------------------------------

Without displaying anything

Original comment by blackhua...@gmail.com on 4 Apr 2014 at 3:35

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
airodump-ng mon0
show something?

Original comment by deltomaf...@gmail.com on 5 Apr 2014 at 12:40

GoogleCodeExporter commented 9 years ago
Yes it does.Injection is working also.

Original comment by blackhua...@gmail.com on 5 Apr 2014 at 12:47

GoogleCodeExporter commented 9 years ago
try creating mon1:
# airmon-ng start wlan0
again:
# airmon-ng start wlan0
then make use in Wash and Reaver with mon1

Original comment by deltomaf...@gmail.com on 5 Apr 2014 at 8:28

GoogleCodeExporter commented 9 years ago
It fails the same way.

Original comment by blackhua...@gmail.com on 6 Apr 2014 at 4:37

GoogleCodeExporter commented 9 years ago
already tested version 1.5 of Reaver if it occurs?

Original comment by deltomaf...@gmail.com on 7 Apr 2014 at 11:34

GoogleCodeExporter commented 9 years ago
I tested it from svn (even thought this is still called 1.4)

Original comment by blackhua...@gmail.com on 7 Apr 2014 at 11:38

GoogleCodeExporter commented 9 years ago
no... reaver 1.5 is here:
svn checkout http://reaver-wps-fork.googlecode.com/svn/trunk/ 
reaver-wps-fork-read-only

Original comment by deltomaf...@gmail.com on 9 Apr 2014 at 12:11

GoogleCodeExporter commented 9 years ago
Ah didn't know it got forked thank you trying it now

Original comment by blackhua...@gmail.com on 9 Apr 2014 at 12:16

GoogleCodeExporter commented 9 years ago
Doesn't work either but cool that it got forked.

Original comment by blackhua...@gmail.com on 9 Apr 2014 at 12:19

GoogleCodeExporter commented 9 years ago
then it only remains to try airmon-zc for put mode monitor
it still does not work... recommend try Bully:
http://code.google.com/p/bully/

Original comment by deltomaf...@gmail.com on 10 Apr 2014 at 2:04

GoogleCodeExporter commented 9 years ago
Had tried airmon-zc before and thx for the heads up with bully (compiled it 
from git).
It too has problems associating, I really think that it's a driver problem but 
I can't really analyze it when I don't fully get WPS :/
I will play around with a few kernel patches and try to understand the wps 
handshake mechanism better.

Original comment by blackhua...@gmail.com on 10 Apr 2014 at 2:25

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Yes tested the Bully.I will first try to pinpoint what kernel release first 
failed.

Original comment by blackhua...@gmail.com on 12 Apr 2014 at 5:10

GoogleCodeExporter commented 9 years ago
this problem occurs with adapter ar5418 ?
Atheros are best for aircrack.

Original comment by deltomaf...@gmail.com on 15 Apr 2014 at 12:40

GoogleCodeExporter commented 9 years ago
Yes I'm always testing with it, since it's my internal card.

Original comment by blackhua...@gmail.com on 15 Apr 2014 at 7:48

GoogleCodeExporter commented 9 years ago
could test if Reaver work in the Livecd Kali Linux having the kernel 3.12?
may be that you have an adapter that does not require installing. 
is that I'm having trouble loading the module from my rtl8192su in Kali.

Original comment by deltomaf...@gmail.com on 18 Apr 2014 at 12:55

GoogleCodeExporter commented 9 years ago
Same thing happens to me!

Original comment by ggb...@gmail.com on 24 Apr 2014 at 9:21

GoogleCodeExporter commented 9 years ago
Unfortunately "Reaver 1.5" fails the same way. I've just tested it.

Original comment by ggb...@gmail.com on 24 Apr 2014 at 9:43

GoogleCodeExporter commented 9 years ago
KaliLinux tested with kernel 3.7-trunk-amd64 and worked my usb rt5370

Original comment by deltomaf...@gmail.com on 28 Apr 2014 at 4:54

GoogleCodeExporter commented 9 years ago
It's not working on Ubuntu 14.04 (Kernel 3.13). I've tested many previous 
kernels, none of them is working.

Original comment by ggb...@gmail.com on 29 Apr 2014 at 7:22

GoogleCodeExporter commented 9 years ago
I will test with 3.14 ...

Original comment by deltomaf...@gmail.com on 1 May 2014 at 8:10

GoogleCodeExporter commented 9 years ago
It seems that it's not related to kernel version, since my tests with 3.14 also 
failed. It appears that the issue is related to Ubuntu 14.04 that was upgraded 
from 13.10. But maybe I'm wrong...

Original comment by ggb...@gmail.com on 3 May 2014 at 2:41

GoogleCodeExporter commented 9 years ago
You are wrong. 3.14 is the newest kkernel.

Original comment by blackhua...@gmail.com on 3 May 2014 at 4:42

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
I tested Ubuntu 14.04 with 3.14, 3.14.1 and 3.14.2 kernels and it didn't work. 
Same output... 

Original comment by ggb...@gmail.com on 3 May 2014 at 5:00

GoogleCodeExporter commented 9 years ago
the command "rfkill list" showing something blocked? 

Original comment by deltomaf...@gmail.com on 3 May 2014 at 8:55

GoogleCodeExporter commented 9 years ago
No:

$ rfkill list
0: phy0: Wireless LAN
        Soft blocked: no
        Hard blocked: no
1: hci0: Bluetooth
        Soft blocked: no
        Hard blocked: no
2: phy1: Wireless LAN
        Soft blocked: no
        Hard blocked: no

Original comment by ggb...@gmail.com on 3 May 2014 at 10:04

GoogleCodeExporter commented 9 years ago
the problem is the same driver modules, the presence of channel -1 prevents the 
Reaver associate, in Airodump can use --ignore-negative-one but Reaver do not 
have it.
the way is to apply a patch on the driver as described in the forum:
https://forums.kali.org/showthread.php?20582-HOW-TO-FIX-Airodump-ng-fixed-channe
l-1-Kali-kernel-3-12-also-on-rt2870-3070usb&p=32079&viewfull=1#post32079

http://www.mathyvanhoef.com/2012/09/compat-wireless-injection-patch-for.html
then I will test this....

Original comment by deltomaf...@gmail.com on 4 May 2014 at 12:52

GoogleCodeExporter commented 9 years ago
any news? 

got exacty the same problems! but what i can say: the issue has nothing to do 
with upgrading to 14.04 from any older ubuntu-versions because iḿ new to 
ubuntu and installed trusty tahr as my first version....

Original comment by hopfefr...@gmail.com on 7 May 2014 at 7:37

GoogleCodeExporter commented 9 years ago
i'm using ubuntu 14.04 now and having the same problem, i have run reaver well 
on ubuntu 13.10 before and the kernel is 3.11.x.  I often upgrade the kernel 
immediately when new version was released so i think the 3.13.0 should be the 
first version own this bug

Original comment by haoxu...@gmail.com on 9 May 2014 at 2:40

GoogleCodeExporter commented 9 years ago
Exactly the same problem.
Chip: Atheros AR9485.
Driver: ath9k.
I used Ubuntu 12.04 for 2 years and all worked fine: airodump, injection, 
reaver..
After upgrading to Ubuntu 14.04 got the same problem. Kernel for now: 3.13.0-24.
Reaver can't associate witn any AP with mass of messages with ESSID: null.
It worked perfectly on 12.04 with the same APs.
So, some more information:
1. After # airmon-ng start wlan0 and using # airodump-ng mon0 i saw that 
airodump used only one channel -- the channel that was last on wlan0 connection 
(wlan0 is disconnected at this moment and have no association).
2. airodump-ng start working fine after turning main wifi interface off: # 
ifconfig wlan0 down. So, it's capturing data, switching to channels.. 
injecttion also workes. 
But reaver still not working with the same problems.
3. I tried to associate to AP with aireplay-ng -- successful.
But when i run reaver with "-A", i got another problem:
[!] WARNING: Failed to associate with XX:XX:XX:XX:XX:XX (ESSID: ZZZ-ZZZ)
[!] WARNING: Failed to associate with XX:XX:XX:XX:XX:XX (ESSID: ZZZ-ZZZ)
[+] Associated with XX:XX:XX:XX:XX:XX (ESSID: ZZZ-ZZZ)
[+] Trying pin 12345670
[!] WARNING: Failed to associate with XX:XX:XX:XX:XX:XX (ESSID: ZZZ-ZZZ)
[+] Sending EAPOL START request
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin

It seems to be problem with driver modules on new 3.XX kernels.
Waiting for a decision.

Original comment by zyg...@gmail.com on 9 May 2014 at 9:38

GoogleCodeExporter commented 9 years ago
Yes, it seems to be a problem with driver modules on 3.13 and later kernels. 
But why using previous kernels like 3.11 or the same last working kernel on 
13.10 doesn't work?

Original comment by ggb...@gmail.com on 9 May 2014 at 11:26

GoogleCodeExporter commented 9 years ago
Yes, it's stange.
Something points to Ubuntu 14.04 release.
Booted with last kernel from 12.04 before upgrading to 14.04 (3.2.0-61) and got 
the same problem.
Tried to use backports from newer kernels: the same.
Backports from older kernels failed to compile.
Still no luck.

Original comment by zyg...@gmail.com on 10 May 2014 at 7:32

GoogleCodeExporter commented 9 years ago
Who is to know  how to solve the problem??

Original comment by olegfila...@gmail.com on 17 May 2014 at 4:27

GoogleCodeExporter commented 9 years ago
To solve the issue, just follow this, as suggested by  johnsmit...@gmail.com at 
https://code.google.com/p/reaver-wps/wiki/README:

"Hello guys/gals, this is not a reaver problem. This is output:libpcap0.8:i386 
1.5.3-2, does not work for reaver/wash and must be downgraded to 
libpcap0.8:i386 1.4.0-2.

use wget: wget 
http://mirrors.kernel.org/ubuntu/pool/main/libp/libpcap/libpcap0.8_1.4.0-2_i386.
deb 
http://mirrors.kernel.org/ubuntu/pool/main/libp/libpcap/libpcap0.8-dev_1.4.0-2_i
386.deb

then install: sudo dpkg -i libpcap0.8_1.4.0-2_i386.deb 
libpcap0.8-dev_1.4.0-2_i386.deb Note: if you have a 64bit OS, then change out 
to: libpcap0.8_1.4.0-2_amd64.deb libpcap0.8-dev_1.4.0-2_amd64.deb

then: sudo dpkg -i libpcap0.8_1.4.0-2_amd64.deb 
libpcap0.8-dev_1.4.0-2_amd64.deb "

Original comment by ggb...@gmail.com on 23 May 2014 at 1:06

GoogleCodeExporter commented 9 years ago
just made a issue about this so its libpcap that is causing the problem? Thank 
you very very much.

Original comment by blubaus...@gmail.com on 31 May 2014 at 2:13

GoogleCodeExporter commented 9 years ago
It is an issue of libcap. Just downgrade as it is instructed above, then 
problem is solved. Good luck!

Original comment by linuxt...@gmail.com on 22 Aug 2014 at 8:45

GoogleCodeExporter commented 9 years ago
guys , pleaseee help me :(((
i install bully and do commands right !
but i get this ! :

root@Max:~# bully -b xx:xx:xx:xx:xx:xx -c 6 -T  mon0
[!] Bully v1.0-22 - WPS vulnerability assessment utility
[+] Switching interface 'mon0' to channel '6'
[!] Using '00:11:22:33:44:55' for the source MAC address
[+] Datalink type set to '127', radiotap headers present
[+] Scanning for beacon from '60:a4:4c:ee:cd:a4' on channel '6'
[!] Excessive (3) FCS failures while reading next packet
[!] Excessive (3) FCS failures while reading next packet
[!] Excessive (3) FCS failures while reading next packet
[!] Disabling FCS validation (assuming --nofcs)
[+] Got beacon for 'milk' (xx:xx:xx:xx:xx:xx)
[X] The AP doesn't appear to be WPS enabled (no WPS IE)

Help me :(

Original comment by pooya.si...@gmail.com on 29 Sep 2014 at 4:56

GoogleCodeExporter commented 9 years ago
Unfortunately didn't fully work for me, but got me a lot closer. After 
downgrading libpcap to (libpcap0.8_1.4.0-2_amd64.deb 
libpcap0.8-dev_1.4.0-2_amd64.deb), I'm using amd64, wash stopped crashing but 
the card is still stuck on the channel of the last successful connection. One 
difference I have from a default ubuntu install is I installed wicd and removed 
the default network manager earlier.

Linux version 3.13.0-36-generic
AR9485 (ath9k)
new install of ubuntu 14.04

Original comment by webe...@gmail.com on 1 Oct 2014 at 3:25

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Hello guys
I am using the Kali Linux
How can I install the program in Kali Linux

libpcap0.8_1.4.0-2_amd64.deb

???

Original comment by arasto...@gmail.com on 19 Dec 2014 at 8:48

GoogleCodeExporter commented 9 years ago
Hello,

I'm using Ubuntu 14.04 32bit with an internal wireless card Intel Centrino 
Advanced-N 6205 AGN and with an external wireless card Ralink 802.11n WLAN.

Many months ago they stops to work with wash (even if I can see wireless with 
airodump), so now I can't see any SSID.

I've tried to downgrade libpcap, but this doesn't resolve my issue.

Can you gently suggest me another tip?

Thank you,
Marco

Original comment by macro...@gmail.com on 26 Dec 2014 at 1:06

GoogleCodeExporter commented 9 years ago
#41 fix it for me thank you.

Original comment by souade...@gmail.com on 20 Jan 2015 at 7:06

GoogleCodeExporter commented 9 years ago
#41 im not able to downgrade libpcap on my 64bit.
after downloading it refuses to install because the newer versions are 
conflicting with the older ones.

Original comment by getupkid...@googlemail.com on 21 Jan 2015 at 12:50