markwhi / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

WPS transaction failed (code: 0x03). i've known the WPS Pin code #515

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
A few things to consider before submitting an issue:

0. We write documentation for a reason, if you have not read it and are
having problems with Reaver these pages are required reading before
submitting an issue:
http://code.google.com/p/reaver-wps/wiki/HintsAndTips
http://code.google.com/p/reaver-wps/wiki/README
http://code.google.com/p/reaver-wps/wiki/FAQ
http://code.google.com/p/reaver-wps/wiki/SupportedWirelessDrivers
1. Reaver will only work if your card is in monitor mode.  If you do not
know what monitor mode is then you should learn more about 802.11 hacking
in linux before using Reaver.
2. Using Reaver against access points you do not own or have permission to
attack is illegal.  If you cannot answer basic questions (i.e. model
number, distance away, etc) about the device you are attacking then do not
post your issue here.  We will not help you break the law.
3. Please look through issues that have already been posted and make sure
your question has not already been asked here: http://code.google.com/p
/reaver-wps/issues/list
4. Often times we need packet captures of mon0 while Reaver is running to
troubleshoot the issue (tcpdump -i mon0 -s0 -w broken_reaver.pcap).  Issue
reports with pcap files attached will receive more serious consideration.

Answer the following questions for every issue submitted:

0. What version of Reaver are you using?  (Only defects against the latest
version will be considered.)
reaver 1.4
1. What operating system are you using (Linux is the only supported OS)?
Linux kali 3.7-trunk-686-pae #1 SMP Debian 3.7.2-0+kali6 i686 GNU/Linux
2. Is your wireless card in monitor mode (yes/no)?
yes. Atheros chipset.
3. What is the signal strength of the Access Point you are trying to crack?
-59
4. What is the manufacturer and model # of the device you are trying to
crack?
TP-Link 
5. What is the entire command line string you are supplying to reaver?
reaver -i mon0 -b F8:1A:67:D9:C8:B6 -c 1 -vv --pin 42726944 -d 15
6. Please describe what you think the issue is.
I know this AP's WPS Pin code so i tried to get the passphare quickly cause 
TP-Link's AP has a protection function as it designed to lock out (disable) WPS 
connection after several failed WPS. It will turn on WPS after over 12 hours. 
7. Paste the output from Reaver below.

[+] Switching mon0 to channel 1
[+] Waiting for beacon from F8:1A:67:D9:C8:B6
[+] Associated with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[+] Trying pin 42726944
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Trying pin 42726944
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[!] WARNING: Failed to associate with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
^C

Original issue reported on code.google.com by umih...@gmail.com on 5 Jun 2013 at 5:47

GoogleCodeExporter commented 9 years ago
try with:
reaver -i mon0 -b F8:1A:67:D9:C8:B6 -a -S -L -N -c 1 -vv -p 42726944

Original comment by deltomaf...@gmail.com on 6 Jun 2013 at 8:46

GoogleCodeExporter commented 9 years ago
output :

[+] Switching mon0 to channel 12
[+] Waiting for beacon from F8:1A:67:D9:C8:B6
[+] Associated with F8:1A:67:D9:C8:B6 (ESSID: JUNG)
[+] Trying pin 42726944
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Received M1 message
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Trying pin 42726944
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Received M1 message
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin

...

[+] Trying pin 42726944
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Received M1 message
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[!] WARNING: 10 failed connections in a row
^C

try again and the output stuck with two lines:

[+] Switching mon0 to channel 12
[+] Waiting for beacon from F8:1A:67:D9:C8:B6

after that, WPS function has been locked.

I've used reaver on BT5 and it worked with Netgear and Dlink. Im just wondering 
if this issue caused by Kali distro?

Original comment by umih...@gmail.com on 8 Jun 2013 at 3:05

GoogleCodeExporter commented 9 years ago
at least it is now associated.
now is not having enough attempts to reveal the psk.
I think that the distro is not the problem.

Original comment by deltomaf...@gmail.com on 12 Jun 2013 at 1:34

GoogleCodeExporter commented 9 years ago
can anyone help, after reavers trys a few pins my tp link router says WPS yes 
and i just keeping error code 0x03 and it keeps retrying the same pin, how do 
you stop the WPS from locking

Original comment by darrenst...@gmail.com on 18 Jun 2013 at 9:11

GoogleCodeExporter commented 9 years ago
some routers have this protection after X attempts, then only restarting the 
router. In some cases hours after unlocking

Original comment by deltomaf...@gmail.com on 20 Jun 2013 at 3:34

GoogleCodeExporter commented 9 years ago
Can you help you help me ?

[+] Trying pin 10919989
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] 99.99% complete @ 2014-01-20 15:16:49 (0 seconds/pin)

again .... and again 99.99% and cant get 100% :) ?

Original comment by apei...@gmail.com on 20 Jan 2014 at 8:25

GoogleCodeExporter commented 9 years ago
nobody can help me?

Original comment by apei...@gmail.com on 25 Jan 2014 at 4:02

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
I FOUND THE PROBLEM!!! = Distance!!! Basicly reaver tries the same code over 
and over because it did not receive back the signal that says the code didnt 
work so that it can try a new one that's basicly it( and of course after u did 
command - airmon-ng check kill)when i try using a reaver on a AP thats directly 
in my bros bedroom it works(appx 7 meters away) So now im looking for a 
stronger wifi adapter

Nothing is a 100% sure in this world try what i did to resolve it for me i hope 
this helps!

Original comment by calvicda...@hotmail.com on 5 Jun 2014 at 12:26

GoogleCodeExporter commented 9 years ago
i had the same issue and solved it with a directional antenna and the 
--no-nacks command, if the pwr is > 55 it speeds up the process and deletes the 
errors 

Original comment by karlhein...@gmail.com on 15 Dec 2014 at 3:58