jadgorre / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

Reaver doesn't recover the passphrase, even with correct pin supplied. #393

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
A few things to consider before submitting an issue:

0. We write documentation for a reason, if you have not read it and are
having problems with Reaver these pages are required reading before
submitting an issue:
http://code.google.com/p/reaver-wps/wiki/HintsAndTips
http://code.google.com/p/reaver-wps/wiki/README
http://code.google.com/p/reaver-wps/wiki/FAQ
http://code.google.com/p/reaver-wps/wiki/SupportedWirelessDrivers
1. Reaver will only work if your card is in monitor mode.  If you do not
know what monitor mode is then you should learn more about 802.11 hacking
in linux before using Reaver.
2. Using Reaver against access points you do not own or have permission to
attack is illegal.  If you cannot answer basic questions (i.e. model
number, distance away, etc) about the device you are attacking then do not
post your issue here.  We will not help you break the law.
3. Please look through issues that have already been posted and make sure
your question has not already been asked here: http://code.google.com/p
/reaver-wps/issues/list
4. Often times we need packet captures of mon0 while Reaver is running to
troubleshoot the issue (tcpdump -i mon0 -s0 -w broken_reaver.pcap).  Issue
reports with pcap files attached will receive more serious consideration.

Answer the following questions for every issue submitted:

0. What version of Reaver are you using?  (Only defects against the latest
version will be considered.)
1.4, haver tried 1.3 with very similar results
1. What operating system are you using (Linux is the only supported OS)?
Debian Squeeze, 2.6.32
2. Is your wireless card in monitor mode (yes/no)?
Yes, have tried rtl8187 and ipw2200
3. What is the signal strength of the Access Point you are trying to crack?
100%, Laptop and AP on the same desk.
4. What is the manufacturer and model # of the device you are trying to
crack?
Virgin Media SuperHub
5. What is the entire command line string you are supplying to reaver?
reaver -i mon0 -b xx:xx:xx:xx:xx:xx -vv --pin=12523579
6. Please describe what you think the issue is.
I'd say it was a shitty AP. But this is happening with the 6 different APs I 
have
7. Paste the output from Reaver below.

[?] Restore previous session? [n/Y] n
[+] Waiting for beacon from xx:xx:xx:xx:xx:xx
[+] Associated with xx:xx:xx:xx:xx:xx (ESSID: virginmediaxxxxxxx)
[+] Trying pin 12525379...
[+] Trying pin 12525379...
[+] Trying pin 12525379...
[!] WARNING: Detected AP rate limiting, waiting 315 seconds before re-checking.

And so on. I have 4 of these SuperHubs, a Sky DSL router and and a Belkin hub, 
all WPS enabled, all tried with the correct pin. Same results across the board. 
Both my cards pass the injection tests with aireplay. I'm at a loss.

Original issue reported on code.google.com by martinpa...@googlemail.com on 7 Sep 2012 at 12:40

GoogleCodeExporter commented 9 years ago
NVM, I'm a retard. All these AP's sport a "push to connect" feature. Disabling 
it works like a charm <3

Original comment by martinpa...@googlemail.com on 8 Sep 2012 at 10:04

GoogleCodeExporter commented 9 years ago
ghgjghjg

Original comment by iman.rez...@gmail.com on 8 Oct 2012 at 2:56

GoogleCodeExporter commented 9 years ago
I have got exactly the same problem, but my wireless driver is b43. help please.

Original comment by iman.rez...@gmail.com on 8 Oct 2012 at 2:59

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
On Virgin Media Super Hub routers WPS via PIN is disabled by default, so it 
won't send reaver a positive response to the first four digits at all, and so 
reaver will keep trying 9998 forever. Perhaps in later versions reaver will 
quit with an error instead of just going on forever and leaving people 
wondering.

Note: so it looks like router manufacturers are slowly cluing on to the fact 
that WPS via PIN is very insecure.

Original comment by pho...@gmail.com on 4 Aug 2013 at 8:36