Retrieving WPS with bully... hangs and does not produce the result.

[ghost]

PixieWPS does its job in returning the PIN but bully hangs for ages without producing results.

[+] (12db) WPS Pixie-Dust: [4m54s] Cracked WPS PIN: 14104152 [+] (12db) WPS Pixie-Dust: [4m54s] Retrieving PSK using bully... [?] Executing: bully --channel 11 --bssid xx:xx:xx:xx:xx:xx --pin 14104152 --bruteforce --force wlan2mon

It is the second time it happened on various routers that I am testing it on. It is a problem as some AP switch WPS funcion off after first successful Pixie attempt and the PIN returned cannot be used with reaver -p because of this AP behaviour. Because of this it would be a good "workaround" to add option to crack with reaver.

I am using latest 2.1.5 Wifite2 with 1.1 bully, reaver 1.6.5 on RPI running Kali Linux 2018.2.

[derv82]

Unfortunately reaver stopped providing the actual PSK sometime back.

Questions:

• If Reaver cracks the PIN, and the PIN immediately gets changed on the router, what good is the PIN?
• If Wifite only provided the PIN (and didn't try to run bully), would you still be able to use the PIN?

[ghost]

1) I don't mean to say that router changes the pin after successful pixie or reaver run, but it disables the wps function and is excluded from detection during wash - I wlanX scan. 2) I have not tried that one because of point number one. However on those routers that did not disable the WPS function I supplied the retrieved PIN by wifite2 manually to reaver and sure enough the psk was revealed.