muhmadkhalrd / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

WARNING: Receive timeout occurred #117

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
Backtrack 5R1 and a AWUS036 (Realtek RTL8187L), using r82, AP is a D-Link DSL 
2680 and power is between -20 and -45 so very good (I'm right next to it 
basically).

It won't associate so I'm using aireplay-ng mon0 --fakeauth 600 -e 
TALKTALK-4FFXXX -a XX:XX:XX:XX:XX:XX -h YY:YY:YY:YY:YY:YY, then reaver -i mon0 
-b XX:XX:XX:XX:XX:XX -vv -A.

Reaver Output:

[+] Associated with XX:XX:XX:XX:XX:XX (ESSID: TALKTALK-4FFXXX)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request

...which occurs over and over.

Capture attached.

Original issue reported on code.google.com by bdee...@gmail.com on 9 Jan 2012 at 10:37

GoogleCodeExporter commented 8 years ago
... I've emailed you across the PCAP- hope it helps.

Possible duplicate of issue 90, I'll let you decide!

Original comment by bdee...@gmail.com on 9 Jan 2012 at 10:39

GoogleCodeExporter commented 8 years ago
Just took a look at the pcap. The problem is that the AP isn't responding at 
all to your EAPOL start packets. After association, this is the first step to 
initiating a WPS session. 

You also mentioned problems with Reaver associating with the AP, and I'm 
guessing that is related. Can you run Reaver normally, letting it try to 
associate to the AP, and capture the association attempts? If the association 
request is being rejected, the AP should be providing a code for why it 
rejected the request and this might give a clue to the problem.

Original comment by cheff...@tacnetsol.com on 10 Jan 2012 at 1:57

GoogleCodeExporter commented 8 years ago
I've just emailed over another pcap, this time allowing reaver to run normally.

I captured two failed associations.

Original comment by bdee...@gmail.com on 10 Jan 2012 at 8:06

GoogleCodeExporter commented 8 years ago
Looking at the pcap it appears that the AP is just ignoring association 
requests from Reaver.

The only thing that I can think of that is causing the AP to ignore your 
association requests is the supported rates field in the association packet was 
changed a few revisions back. I've updated it to always report the same 
supported rates as the AP reports in its own beacon packet (r84). See if Reaver 
can now associate properly to the AP.

Original comment by cheff...@tacnetsol.com on 10 Jan 2012 at 5:47

GoogleCodeExporter commented 8 years ago
Just tried r84 and no change from my end I'm afraid.

I've emailed across a capture with a couple of failed associations.

Original comment by bdee...@gmail.com on 10 Jan 2012 at 7:50

GoogleCodeExporter commented 8 years ago
OK, looking back at the change logs and when you first reported that you could 
no longer associate with the AP, I think the most likely culprits are the 
changes made in r57. 

Unfortunately I can't reproduce this bug in the APs that I have; can you check 
out r56 and r57 and test them both to see if either can associate with your AP? 
I suspect r56 will associate but r57 will not.

Original comment by cheff...@tacnetsol.com on 11 Jan 2012 at 12:26

GoogleCodeExporter commented 8 years ago
Quick question to anyone who can reply.

If I have the right PIN for an AP, can I connect to it in a legit way without 
pushing a button on the AP ?

If so, how? Using Backtrack 5 or Windows Vista/7. Reaver is not involved but 
understanding this could help testing.

Original comment by b1957...@nwldx.com on 13 Jan 2012 at 5:31

GoogleCodeExporter commented 8 years ago
Yes, wpa_supplicant supports WPS and can act as a WPS registrar. Look at the 
wps_reg command in the wpa_cli utility.

Original comment by cheff...@tacnetsol.com on 13 Jan 2012 at 2:51

GoogleCodeExporter commented 8 years ago
Okay, finally got around to this.

Cheff, you are spot on- association works with r56 and breaks on r57.

Also tried r90, and can confirm no association or changes from the issue 
above... if you want me to pcap any of it let me know but it seems you know the 
cause already.

Original comment by bdee...@gmail.com on 13 Jan 2012 at 10:08

GoogleCodeExporter commented 8 years ago
OK, I reverted the affected code in r92; see if you can associate now.

Original comment by cheff...@tacnetsol.com on 16 Jan 2012 at 5:25

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
I have the latest r92  but is getting the same error  when trying the pin..

Trying pin 01165678
[+] Sending EAPOL START request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK

the commmand I used : reaver -i mon0 -b XX:XX:XX:XX:XX:XX -vv
my signal is around 40%

Original comment by AdiR...@gmail.com on 16 Jan 2012 at 8:24

GoogleCodeExporter commented 8 years ago
AdiRusF, that sounds like a separate issue. If the problem persists, please 
create a new ticket and provide a pcap.

Original comment by cheff...@tacnetsol.com on 16 Jan 2012 at 3:24

GoogleCodeExporter commented 8 years ago
Good news!

Associating with r95 and reaver seems to be doing its thing... On 1% currently. 
I'll let you know if it's successful.

Good work.

Original comment by bdee...@gmail.com on 16 Jan 2012 at 7:34

GoogleCodeExporter commented 8 years ago
Good. :)

FYI, I know it was just checked in but r95 introduced a bug, I'd grab r96.

Original comment by cheff...@tacnetsol.com on 16 Jan 2012 at 7:40

GoogleCodeExporter commented 8 years ago

Original comment by cheff...@tacnetsol.com on 17 Jan 2012 at 1:09

GoogleCodeExporter commented 8 years ago
Grabbed r96 and...

[+] Pin cracked in 20839 seconds

Woohoo! :)

Original comment by bdee...@gmail.com on 17 Jan 2012 at 6:42

GoogleCodeExporter commented 8 years ago
Awesome. :)

Original comment by cheff...@tacnetsol.com on 17 Jan 2012 at 12:44

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
Hello all,

I have the same problem reported in this issue. I'm running an Atheros AR928X 
with Ubuntu 11.10 installed in an Acer EasyNote TJ75.

I have tried with svn and apt-get install, and in the two cases, when I run:

sudo (./)reaver -i mon0 -b XX:XX:XX:XX:XX:XX -vv   I have this output:

[+] Waiting for beacon from XX:XX:XX:XX:XX:XX
[+] Switching mon0 to channel 6
[+] Associated with XX:XX:XX:XX:XX:XX (ESSID: xxxxxxxx)

When I run:

sudo (./)reaver -i mon0 -b XX:XX:XX:XX:XX -vv --ignore-locks   I have:

[+] Waiting for beacon from XX:XX:XX:XX:XX
[+] Switching mon0 to channel 6
[+] Associated with XX:XX:XX:XX:XX (ESSID: xxxxxxxx)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request

... and as bdeesal says.. it occurs over and over.

ps: I also properly tested revisions 95 and 96.. same result.

Thank you.

Original comment by reclamha...@gmail.com on 19 Jan 2012 at 6:49

GoogleCodeExporter commented 8 years ago
can u please tell me how to ''grab''? thesse r96, r95? :P

Original comment by tdjur...@gmail.com on 16 Feb 2012 at 10:41

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
this happens with my b43 driver. Injection works and distance is not an issue. 
I only got a password the first time I used reaver. now it simply gives me this 
or another reoccurring error every time I use it on any router.

Original comment by metaltu...@gmail.com on 11 Sep 2012 at 4:21

GoogleCodeExporter commented 8 years ago
Make sure network-manager does not run
sudo stop network-manager

Bring up your wlan0 interface with ifconfig wlan0 up

Patch your code with
Index: reaver-r113/src/exchange.c
===================================================================
--- reaver-r113.orig/src/exchange.c 2012-10-13 20:20:23.452675557 +0200
+++ reaver-r113/src/exchange.c  2012-10-13 20:29:39.741682088 +0200
@@ -273,7 +273,12 @@
        send_termination();
        stop_timer();
    }
-   
+
+   if (get_external_association()) 
+   {
+       deauthenticate();
+   }
+
    return ret_val;
 }

Original comment by mathias....@gmail.com on 13 Oct 2012 at 7:59