francoisfrank / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

How to get rid of rate limiting :D #464

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
Messing around with reaver I discovered that when the ap limit rate is detected 
and you get locked out you can unlock it again instantly by trying to 
authenticate to the access point ( actually trying to connect via Wcid and 
failing to auth) then the you can begin sending pins again(the limiter is 
aparently reset). I wonder if this can be incorporated fully into Reaver, I 
don't know if it will work on all wifi but it sure did on mine :D
          JC

Original issue reported on code.google.com by jordanc....@gmail.com on 29 Jan 2013 at 9:28

GoogleCodeExporter commented 8 years ago
unlock how via aireplay-ng ?

Original comment by kostad...@yahoo.com on 30 Jan 2013 at 7:13

GoogleCodeExporter commented 8 years ago
No after the lockout i was using the wireless manager to try to connect to
the ap(with a random password), when it fails it must reset the lockout so
i could carry on firing wpa pins.

Original comment by jordanc....@gmail.com on 30 Jan 2013 at 3:52

GoogleCodeExporter commented 8 years ago
nop, it dosn't work for me:
[!] WARNING: Detected AP rate limiting, waiting 60 seconds before re-checking
[!] WARNING: Detected AP rate limiting, waiting 60 seconds before re-checking
[!] WARNING: Detected AP rate limiting, waiting 60 seconds before re-checking
over and over again 
:(

Original comment by kostad...@yahoo.com on 2 Feb 2013 at 1:23

GoogleCodeExporter commented 8 years ago
I think I understand what you mean
I was doing (again "I think", cause I'm not sure)
the same trick using aireplay-ng.

In my case (my AP lockout after 5 false attempts for 530sec):

*1st > manualy set the channel for the mon:
# iwconfig  <mon device>    channel <channel #>

*2nd > use aireplay-ng for the association process and sending keep alive 
packets every 60sec (add -A to reaver):
#aireplay-ng  -1 60    -a <AP's BSSID>    -h <mon's mac>    -e <AP's ESSID>    
<mon device>

*3rd >
#reaver   -i <mon device>    -b <AP's BSSID>     -e <AP's ESSID>   -c <channel 
#>    -N -S -A -v

Original comment by i.boud...@gmail.com on 2 Feb 2013 at 3:01

GoogleCodeExporter commented 8 years ago
Yeah i tried on another router and didn't work so must be only on some of
them that it works.

Original comment by jordanc....@gmail.com on 3 Feb 2013 at 12:52

GoogleCodeExporter commented 8 years ago
I found another way!
U should use same MAC as already associated client

Original comment by kostad...@yahoo.com on 15 Feb 2013 at 8:55

GoogleCodeExporter commented 8 years ago
cool does it work on all routers? how many routers have u tested it on

Original comment by jordanc....@gmail.com on 20 Feb 2013 at 6:49

GoogleCodeExporter commented 8 years ago
HI, and MAC how to change :)how to find it, where to see it ... regards

Original comment by m_ili...@abv.bg on 16 Apr 2013 at 7:03

GoogleCodeExporter commented 8 years ago
first put your wireless card off    ifconfig wlan0 down    then
 macchanger -r wlan0    (the -r means it will make a random mac address)
then do     ifconfig wlan0 up     your good to go.

Original comment by jordanc....@gmail.com on 19 Apr 2013 at 9:03

GoogleCodeExporter commented 8 years ago
btw ifconfig will give you your mac address just look under wlan0 and
hardware

Original comment by jordanc....@gmail.com on 19 Apr 2013 at 9:05

GoogleCodeExporter commented 8 years ago
Hi again, now i have .cap(47.4 MB)file but with aircrack this fail not existimg 
in dictionary:pentest/psspords/wordlist/dark0de...,now I dont know what i 
do.regards.

Original comment by m_ili...@abv.bg on 20 Apr 2013 at 11:57

GoogleCodeExporter commented 8 years ago
I dont really use aircrack but if you put aircrack -h it will give you a
peramentor to specify a dictionary . Just put the dictionary files path.

Original comment by jordanc....@gmail.com on 20 Apr 2013 at 12:01

GoogleCodeExporter commented 8 years ago
hey someone can answer ap rating limiting 60 seconds error for us?

Original comment by t4kokari...@gmail.com on 6 Jul 2013 at 1:04

GoogleCodeExporter commented 8 years ago
I have the same error except the percentage progresses...affect the result?

Original comment by josuel...@gmail.com on 7 Aug 2013 at 2:06

GoogleCodeExporter commented 8 years ago
i keep getting this same problem ! (warning ap limit) can anyone help me ?
also reaver keeps trying the same pin over and over . 

if anyone could help me with these 2 issues im having it would be greatly 
appreciated 

Original comment by Dipp...@gmail.com on 12 Nov 2013 at 8:45

GoogleCodeExporter commented 8 years ago
I have a quite simple solution to this:

# reaver -i <Mon device> -b <BSSID> -vv -L

Original comment by sagid.qu...@gmail.com on 13 Nov 2013 at 5:54

GoogleCodeExporter commented 8 years ago
try this "minidwep-gtk-40420"

Original comment by downt...@parkcitywireless.com on 22 Dec 2013 at 1:54

GoogleCodeExporter commented 8 years ago
sky routers lock for 1 hour
talktalk done lock
dont no about homehubs yet

Original comment by gavinowe...@gmail.com on 22 Mar 2014 at 8:21

GoogleCodeExporter commented 8 years ago
reaver is finished pretty much all new routers are either locking out after
failed attempts or require WPS to be manually turned on(i.e. not on by
default).

Original comment by jordanc....@gmail.com on 23 Mar 2014 at 10:47

GoogleCodeExporter commented 8 years ago
homehub 5 dont seem to lock out yet 

Original comment by gavinowe...@gmail.com on 25 Mar 2014 at 9:22

GoogleCodeExporter commented 8 years ago
I have found an effective way to flood Access Point rate limit pins by flooding 
it for 10-20 seconds.
Check the following links to see how i carried out the attacks!

https://www.youtube.com/watch?v=hHVPSJn4Fqo
https://www.youtube.com/watch?v=_uVvi8qf7JY

Original comment by repzerow...@gmail.com on 18 Apr 2014 at 4:11

GoogleCodeExporter commented 8 years ago
Thats quite interesting nice work.

Original comment by jordanc....@gmail.com on 18 Apr 2014 at 8:48

GoogleCodeExporter commented 8 years ago
thank you

Original comment by repzerow...@gmail.com on 20 Apr 2014 at 1:24

GoogleCodeExporter commented 8 years ago
hey guys well if u got ap rate limit u have to wait 360 second thats ok . witch 
mean as soon this router well locked it self and u well get this error recive 
time out :D . so now to make the router restart him self you need to disconnect 
the router by using mdk3

Original comment by ka3bo...@gmail.com on 16 May 2014 at 1:01

GoogleCodeExporter commented 8 years ago
SCRIPT FOR UNLOCK WPS  WARNING: Detected AP rate limiting, waiting 60 seconds 
before re-checking
https://www.youtube.com/watch?v=3KviQTiVmuw

Original comment by slma...@abv.bg on 27 Jun 2014 at 6:50

GoogleCodeExporter commented 8 years ago
hi guys i tried this code and its work for me but it take a long time..

reaver -i mon0 -b xx:xx:xx:xx:xx:xx -c (ch) -a -L --dh-small -vv -d 5

replace xxxxxx with ap bssid and repalce ch with channel of the ap to looks 
like.

reaver -i mon0 -b 99:77:55:44:00:11 -c 11 -a -L --dh-small -vv -d 5

you will never see error ( WARNING: Detected AP rate limiting, waiting 60 
seconds before re-checking ) but its take long time but you will get the 
password :)

Original comment by arabiccr...@gmail.com on 19 Aug 2014 at 3:43

GoogleCodeExporter commented 8 years ago
comment #26 seems to be working for some routers but it is not working for 
actionteh v1000 router. actionteh stops progress after .09%, any solution? it 
seems to be automatialy locking up the wps with this (#26) command, any work 
around?

Original comment by marktwo...@gmail.com on 22 Aug 2014 at 12:45

GoogleCodeExporter commented 8 years ago
wa

Original comment by EmailDab...@googlemail.com on 27 Sep 2014 at 6:34

GoogleCodeExporter commented 8 years ago
Comment #26 doesnt work for my TP-Link (W8970). Never changes the PIN it is 
trying.

Original comment by JCRule...@gmail.com on 9 Nov 2014 at 4:40

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
i start to get results with #26 arabiccr...@gmail.com tips but im stuck at 
0.14% pin 00045674

Original comment by onlies...@gmail.com on 24 Nov 2014 at 4:34

GoogleCodeExporter commented 8 years ago
hello every1.
i have a  NETGEAR router with WPS enabled.
to crack a WPS Pin with reaver it is taking  2 to 10hrs with 30sec delay.
to success a flood attack it is taking 20sec where i can save only 10sec only 
per 1 PIN.
1) whats are the solutions to save more time
2) Along with MAC Address Change  Script For Every pin.

Thanks to every1 who replied and viewed

Original comment by lokeshre...@gmail.com on 3 Dec 2014 at 4:34

GoogleCodeExporter commented 8 years ago
It depends, some have hard set limits, no matter where the pin try is coming 
from, it will only allow so many per second. Also some routers like mine, are 
absolutely terrible, and can only handle so many pin tries at a time before 
they crash and burn. You are lucky mine took 6 hours and the router has no hard 
limits :)

Original comment by jordanc....@gmail.com on 3 Dec 2014 at 3:28

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
I took 8 days with many pause, resume to compete till 99.99 % on a DLINK 
router. First 4 digits are 0105 so I reached at 90% on first day.
Reaver has competed all 1000 pins from 0105000 - 0105999.
I have read all d comments and now getting confused,
Well will some one plzzz help me, what should I do next, because with a great 
patience I reached on  99.99 % :) 
Plz help me ....

Original comment by Heman...@gmail.com on 26 Mar 2015 at 7:30

GoogleCodeExporter commented 8 years ago
Seems like no one have tried this, reaver 1.4 with built-in mac changer.. Works 
great for me. 
https://github.com/gabrielrcouto/reaver-wps

Original comment by hassaan....@gmail.com on 20 Apr 2015 at 3:42

GoogleCodeExporter commented 8 years ago
i tried all methods but did not find any solution of cracking ap rate limiting, 
what to do 

http://www.hackingdream.net/2014/08/all-methods-and-types-of-wifi-hacking.html

Original comment by BhanuNam...@gmail.com on 28 Apr 2015 at 12:23