nicholasoh / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

Reaver associates with AP but wont start trying pins #134

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
A few things to consider before submitting an issue:

0. We write documentation for a reason, if you have not read it and are
having problems with Reaver these pages are required reading before
submitting an issue:
http://code.google.com/p/reaver-wps/wiki/HintsAndTips
http://code.google.com/p/reaver-wps/wiki/README
http://code.google.com/p/reaver-wps/wiki/FAQ
http://code.google.com/p/reaver-wps/wiki/SupportedWirelessDrivers
1. Reaver will only work if your card is in monitor mode.  If you do not
know what monitor mode is then you should learn more about 802.11 hacking
in linux before using Reaver.
2. Using Reaver against access points you do not own or have permission to
attack is illegal.  If you cannot answer basic questions (i.e. model
number, distance away, etc) about the device you are attacking then do not
post your issue here.  We will not help you break the law.
3. Please look through issues that have already been posted and make sure
your question has not already been asked here: http://code.google.com/p
/reaver-wps/issues/list
4. Often times we need packet captures of mon0 while Reaver is running to
troubleshoot the issue (tcpdump -i mon0 -s0 -w broken_reaver.pcap).  Issue
reports with pcap files attached will receive more serious consideration.

Answer the following questions for every issue submitted:

0. What version of Reaver are you using? Reaver 1.3

1. What operating system are you using Backtrack5

2. Is your wireless card in monitor mode Yes mon0

3. What is the signal strength of the Access Point you are trying to crack? 
100% I am in the same room.

4. What is the manufacturer and model # of the device you are trying to
crack? Cisco epc2425

5. What is the entire command line string you are supplying to reaver?
reaver -i mon0 -b XX:XX:XX:XX:XX -VV

6. Please describe what you think the issue is. Reaver waits for the beacon, 
switches channel and then associates with the AP and then does nothing, even if 
I leave it on all night

7. Paste the output from Reaver below. Associated with XX:XX:XX:XX:XX

Original issue reported on code.google.com by rory...@gmail.com on 13 Jan 2012 at 5:04

GoogleCodeExporter commented 8 years ago
Try to put the channel argument, and the -VV must be -vv.
Maybe it is the AP problem or even your chipset.
Do you manage to use aircrack properly (injection support etc...)?

Original comment by andremeg...@hotmail.com on 13 Jan 2012 at 11:36

GoogleCodeExporter commented 8 years ago
Can you provide a pcap while you have Reaver running?

Original comment by cheff...@tacnetsol.com on 13 Jan 2012 at 1:48

GoogleCodeExporter commented 8 years ago
Thanks for the speedy reply guys. Unfortunately I'm new to Linux/Backtrack and 
dont really understand "channel argument, aircrack or pcap". I did however use 
-vv in the code, I accidently typed it in capitals in the comments.

Original comment by rory...@gmail.com on 14 Jan 2012 at 4:29

GoogleCodeExporter commented 8 years ago
I'm actually having this same issue. I had it at one point and then it worked.. 
let me see if I can reproduce it.

Original comment by kidspu...@gmail.com on 14 Jan 2012 at 8:50

GoogleCodeExporter commented 8 years ago
maybe should try wash or walsh mon0 to make sure that WPS is even running on 
the modem ?

Original comment by alphe...@gmail.com on 14 Jan 2012 at 10:56

GoogleCodeExporter commented 8 years ago
Hello, I am facing the same problem on BT5|R2 32bit installed on the PC as main 
and only OS , I'm using an RTL8187BvB(early) chipset Wifi USB2.0 with the 
rtl8187 drivers integrated in the OS .The device is working prefectly with the 
aircrack-ng (injection,monitor mode ect.) But when I type the command it simply 
shows me 

Swiching mon0 to channel 1 

and then

Associated with XX:XX:XX:XX:XX and remains there forever ....

I'm using the 1.4 version of reaver and the AP signal is 90/95%.

Any Ideas ?

Original comment by gunz_pla...@abv.bg on 3 May 2012 at 6:32

GoogleCodeExporter commented 8 years ago
same here ;(

I'm using RT2870/3070 Chipset with RT2800usb driver
In BT5R2, can monitor & Inject

but when I use  reaver -i mon0 -b XX:XX:XX:XX:XX -vv  with a very good AP signal
nothing happen after Association ok

Original comment by SamG...@gmail.com on 28 Jun 2012 at 7:58

GoogleCodeExporter commented 8 years ago
I'm using the rt2800usb drivers both provided with Ubuntu 12.04 and via 
linuxwireless.org and my rt2870 fails to work with Reaver.  Granted, I haven't 
gotten it to work perfectly with aircrack-ng, but even my Atheros card fails 
with Reaver and works perfectly with aircrack-ng.
I'm presently right next to my router so there's no issue with distance.  I'm 
thinking that reaver 1.4 needs to be updated to utilize more up-to-date and/or 
simplified commands.
I'll give it this, it does manage to change channels better than aireplay-ng 
does, but it doesn't even like to associate on its own.

In similar news, I absolutely have to run wash with the -C option or it fails.  
This indicates to me a checksum error that can be circumvented via an option or 
minor tweak in code.  Most likely, it's an issue with the rt2800usb drivers.  
If this is so, there might need to be a patch in place with the compat 
backports.  : /

Original comment by Jupiter...@gmail.com on 12 Jul 2012 at 2:45

GoogleCodeExporter commented 8 years ago
Make sure network-manager does not run
sudo stop network-manager

Bring up your wlan0 interface with ifconfig wlan0 up

Patch your code with
Index: reaver-r113/src/exchange.c
===================================================================
--- reaver-r113.orig/src/exchange.c 2012-10-13 20:20:23.452675557 +0200
+++ reaver-r113/src/exchange.c  2012-10-13 20:29:39.741682088 +0200
@@ -273,7 +273,12 @@
        send_termination();
        stop_timer();
    }
-   
+
+   if (get_external_association()) 
+   {
+       deauthenticate();
+   }
+
    return ret_val;
 }

Original comment by mathias....@gmail.com on 13 Oct 2012 at 8:00

GoogleCodeExporter commented 8 years ago
Regarding the above try to authenticate with aircrack-ng -1 5 -e YOUR_SSID mon0 
and use reaver with the -A switch

Original comment by mathias....@gmail.com on 13 Oct 2012 at 8:04

GoogleCodeExporter commented 8 years ago
I I have the same problem when I was in the folder: / reaver-wps-read-only/src 
and inscription:. / reaver-i mon0-b xx: xx: xx: xx: xx: xx:-e-c xxy xxy - w as 
associated with ap
and when I write: reaver-i mon0-b xx: xx: xx: xx: xx: xx-vv shows me:

[+] Switching mon0 to channel 1
[+] Switching mon0 to channel 2
[+] Switching mon0 to channel 3
[+] Switching mon0 to channel 4
[+] Switching mon0 to channel 5
[+] Switching mon0 to channel 6
[+] Switching mon0 to channel 7
[+] Switching mon0 to channel 8
[+] Switching mon0 to channel 9
[+] Switching mon0 to channel 11

Original comment by guli...@azet.sk on 12 Jan 2013 at 8:47

GoogleCodeExporter commented 8 years ago
each time i had this kind of problem i used aireplay-ng -0 0 -a 
xx:xx:xx:xx:xx:xx mon0 - sending deauthentication frames to an AP for few 
seconds then restarting attack with reaver and it worked each time

Original comment by pozega.t...@gmail.com on 18 Jan 2013 at 11:38

GoogleCodeExporter commented 8 years ago
Hi My Dear Brothers,
I got success in cracking over WPA-PSK routers/modem by using Reaver1.4 and 
Currently i am using BackTrack5R3.
While cracking WPA2-PSK ( Wash tell me that -WPS Locked-"No". So i run 
Reaver1.4 to crack it, i use Reaver -i mon0 -c XX -b XX -S -L -vv
Then
" switching mon0 channel xx
Waiting Becon from xx:xx:xx:xx:xx
associating with xx:xx:xx:xx:xx (ESSID:XXXX)
Trying Pin 12345670
Sending EAPOL start request
Received Identity request
Sending Identity Repose.
--------------------------------------------------
Now it stop here does not go further. Even waited one hour.
Then i Saw in google code that in this case open another konsol and try
aireplay-ng -1 120 -a BSSID mon0
But Issue remain same. Is there any issue over attacking WPA2-Psk Pin Codes.

Guidance is required about this Issue on this forum.
Thanks

Original comment by farrukhb...@gmail.com on 20 Dec 2013 at 5:33

GoogleCodeExporter commented 8 years ago
reaver nothis show anything on that line "associated with" hanging on this line 

what i do please help me 

reaver -i mon0 -b C8:3A:35:FA:10:50 -vv

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

[+] Waiting for beacon from C8:3A:35:FA:10:50
[+] Switching mon0 to channel 11
[+] Associated with C8:3A:35:FA:10:50 (ESSID: Deepak Com)

Original comment by amitgn...@gmail.com on 22 Feb 2015 at 3:26