Closed GoogleCodeExporter closed 8 years ago
... I've emailed you across the PCAP- hope it helps.
Possible duplicate of issue 90, I'll let you decide!
Original comment by bdee...@gmail.com
on 9 Jan 2012 at 10:39
Just took a look at the pcap. The problem is that the AP isn't responding at
all to your EAPOL start packets. After association, this is the first step to
initiating a WPS session.
You also mentioned problems with Reaver associating with the AP, and I'm
guessing that is related. Can you run Reaver normally, letting it try to
associate to the AP, and capture the association attempts? If the association
request is being rejected, the AP should be providing a code for why it
rejected the request and this might give a clue to the problem.
Original comment by cheff...@tacnetsol.com
on 10 Jan 2012 at 1:57
I've just emailed over another pcap, this time allowing reaver to run normally.
I captured two failed associations.
Original comment by bdee...@gmail.com
on 10 Jan 2012 at 8:06
Looking at the pcap it appears that the AP is just ignoring association
requests from Reaver.
The only thing that I can think of that is causing the AP to ignore your
association requests is the supported rates field in the association packet was
changed a few revisions back. I've updated it to always report the same
supported rates as the AP reports in its own beacon packet (r84). See if Reaver
can now associate properly to the AP.
Original comment by cheff...@tacnetsol.com
on 10 Jan 2012 at 5:47
Just tried r84 and no change from my end I'm afraid.
I've emailed across a capture with a couple of failed associations.
Original comment by bdee...@gmail.com
on 10 Jan 2012 at 7:50
OK, looking back at the change logs and when you first reported that you could
no longer associate with the AP, I think the most likely culprits are the
changes made in r57.
Unfortunately I can't reproduce this bug in the APs that I have; can you check
out r56 and r57 and test them both to see if either can associate with your AP?
I suspect r56 will associate but r57 will not.
Original comment by cheff...@tacnetsol.com
on 11 Jan 2012 at 12:26
Quick question to anyone who can reply.
If I have the right PIN for an AP, can I connect to it in a legit way without
pushing a button on the AP ?
If so, how? Using Backtrack 5 or Windows Vista/7. Reaver is not involved but
understanding this could help testing.
Original comment by b1957...@nwldx.com
on 13 Jan 2012 at 5:31
Yes, wpa_supplicant supports WPS and can act as a WPS registrar. Look at the
wps_reg command in the wpa_cli utility.
Original comment by cheff...@tacnetsol.com
on 13 Jan 2012 at 2:51
Okay, finally got around to this.
Cheff, you are spot on- association works with r56 and breaks on r57.
Also tried r90, and can confirm no association or changes from the issue
above... if you want me to pcap any of it let me know but it seems you know the
cause already.
Original comment by bdee...@gmail.com
on 13 Jan 2012 at 10:08
OK, I reverted the affected code in r92; see if you can associate now.
Original comment by cheff...@tacnetsol.com
on 16 Jan 2012 at 5:25
[deleted comment]
I have the latest r92 but is getting the same error when trying the pin..
Trying pin 01165678
[+] Sending EAPOL START request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
the commmand I used : reaver -i mon0 -b XX:XX:XX:XX:XX:XX -vv
my signal is around 40%
Original comment by AdiR...@gmail.com
on 16 Jan 2012 at 8:24
AdiRusF, that sounds like a separate issue. If the problem persists, please
create a new ticket and provide a pcap.
Original comment by cheff...@tacnetsol.com
on 16 Jan 2012 at 3:24
Good news!
Associating with r95 and reaver seems to be doing its thing... On 1% currently.
I'll let you know if it's successful.
Good work.
Original comment by bdee...@gmail.com
on 16 Jan 2012 at 7:34
Good. :)
FYI, I know it was just checked in but r95 introduced a bug, I'd grab r96.
Original comment by cheff...@tacnetsol.com
on 16 Jan 2012 at 7:40
Original comment by cheff...@tacnetsol.com
on 17 Jan 2012 at 1:09
Grabbed r96 and...
[+] Pin cracked in 20839 seconds
Woohoo! :)
Original comment by bdee...@gmail.com
on 17 Jan 2012 at 6:42
Awesome. :)
Original comment by cheff...@tacnetsol.com
on 17 Jan 2012 at 12:44
[deleted comment]
[deleted comment]
Hello all,
I have the same problem reported in this issue. I'm running an Atheros AR928X
with Ubuntu 11.10 installed in an Acer EasyNote TJ75.
I have tried with svn and apt-get install, and in the two cases, when I run:
sudo (./)reaver -i mon0 -b XX:XX:XX:XX:XX:XX -vv I have this output:
[+] Waiting for beacon from XX:XX:XX:XX:XX:XX
[+] Switching mon0 to channel 6
[+] Associated with XX:XX:XX:XX:XX:XX (ESSID: xxxxxxxx)
When I run:
sudo (./)reaver -i mon0 -b XX:XX:XX:XX:XX -vv --ignore-locks I have:
[+] Waiting for beacon from XX:XX:XX:XX:XX
[+] Switching mon0 to channel 6
[+] Associated with XX:XX:XX:XX:XX (ESSID: xxxxxxxx)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
... and as bdeesal says.. it occurs over and over.
ps: I also properly tested revisions 95 and 96.. same result.
Thank you.
Original comment by reclamha...@gmail.com
on 19 Jan 2012 at 6:49
can u please tell me how to ''grab''? thesse r96, r95? :P
Original comment by tdjur...@gmail.com
on 16 Feb 2012 at 10:41
[deleted comment]
this happens with my b43 driver. Injection works and distance is not an issue.
I only got a password the first time I used reaver. now it simply gives me this
or another reoccurring error every time I use it on any router.
Original comment by metaltu...@gmail.com
on 11 Sep 2012 at 4:21
Make sure network-manager does not run
sudo stop network-manager
Bring up your wlan0 interface with ifconfig wlan0 up
Patch your code with
Index: reaver-r113/src/exchange.c
===================================================================
--- reaver-r113.orig/src/exchange.c 2012-10-13 20:20:23.452675557 +0200
+++ reaver-r113/src/exchange.c 2012-10-13 20:29:39.741682088 +0200
@@ -273,7 +273,12 @@
send_termination();
stop_timer();
}
-
+
+ if (get_external_association())
+ {
+ deauthenticate();
+ }
+
return ret_val;
}
Original comment by mathias....@gmail.com
on 13 Oct 2012 at 7:59
Original issue reported on code.google.com by
bdee...@gmail.com
on 9 Jan 2012 at 10:37