phantbn / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

Failure to associate with AP #2

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
Hardware - ALFA AWUS036H
Running the following command within Reaver
reaver -i mon0 -b *AP MAC*

What is the expected output? What do you see instead?
The expected output is association with the target AP. Instead I receive the 
following
http://pastebin.com/KAYwGWs0

What version of the product are you using? On what operating system?
Reaver-1.0
Backtrack 5

Please provide any additional information below.
I am able to associate with the AP using Aireplay-ng, but Reaver is unable to 
do so.

Original issue reported on code.google.com by Christia...@gmail.com on 29 Dec 2011 at 6:49

GoogleCodeExporter commented 9 years ago
I can confirm having the exact same problem on Arch Linux with this network 
card: Intel Corporation Centrino Advanced-N 6205 (rev 34).

Original comment by cos...@linux-geek.org on 29 Dec 2011 at 8:18

GoogleCodeExporter commented 9 years ago
Same here. I cannot associate. Linuxmint, reaver 1.0, libpcap 0.8, flex/bison

Original comment by cxspe...@gmail.com on 29 Dec 2011 at 8:35

GoogleCodeExporter commented 9 years ago
What drivers are you guys using? It's been tested with ath9k and realtek (Alpha 
card) drivers, but carl9170 is known to not work.

Original comment by cheff...@tacnetsol.com on 29 Dec 2011 at 10:46

GoogleCodeExporter commented 9 years ago
I'm using iwlagn from kernel 3.1.5.

Original comment by cos...@linux-geek.org on 29 Dec 2011 at 11:37

GoogleCodeExporter commented 9 years ago
Confirmed here as well:

Backtrack 5.0 R1 (vmware) + Reaver 1.0
Realtek 8187 card (rtl8187)

Original comment by stefanen...@gmail.com on 29 Dec 2011 at 11:55

GoogleCodeExporter commented 9 years ago
Interface   Chipset             Driver

wlan0       Realtek RTL8187L    rtl8187 - [phy1]
mon0        Realtek RTL8187L    rtl8187 - [phy1]

Original comment by stefanen...@gmail.com on 29 Dec 2011 at 11:57

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Similar issue here too, though have yet to test different WPA configs, WEP 
configs also note association failure, could a work-around be aireplay-ng 
--fakeauth???

Hardware:
chipset : Ralink RT2870/3070 
driver  : rt2800usb - [phy1]

Software:
Reaver1-0
Ubuntu 11.10 native.

Comments:
Otherwise I'll assume its working on cracking the WPS Pin while it fails to 
associate, which would make sense to me.

I would like to see is more feedback from the program.

Original comment by Raanan.A...@gmail.com on 29 Dec 2011 at 12:31

GoogleCodeExporter commented 9 years ago
my AP is a Cisco Linksys WAG120N which has the WPS Pin structure...

Original comment by Raanan.A...@gmail.com on 29 Dec 2011 at 12:38

GoogleCodeExporter commented 9 years ago
Me too on Ubuntu. Using Using ALFA AWUS036H and driver rtl8187

Original comment by rtstanif...@gmail.com on 29 Dec 2011 at 12:59

GoogleCodeExporter commented 9 years ago
Hrm...I'm running Ubuntu 10.04 with an Alfa AWUS036H (rtl8187) right now and 
it's chugging along just fine. I'm doing some testing, will report back ASAP.

Original comment by cheff...@tacnetsol.com on 29 Dec 2011 at 1:10

GoogleCodeExporter commented 9 years ago
I can confirm that I've reproduced the issue on Backtrack 5 RC1 with the 
AWUS036H and rtl8187 driver. The same card works fine in Ubuntu 10.04. Looking 
for the problem now.

Original comment by cheff...@tacnetsol.com on 29 Dec 2011 at 1:45

GoogleCodeExporter commented 9 years ago
I also have this issue.

Backtrack R4, AWUS036NH with rt2800usb.

The card otherwise works perfect in BT4 with this driver but I'm getting the 
'failed to associate' error.

The router being testing is a Linksys WAG160N.

Original comment by tomrile...@gmail.com on 29 Dec 2011 at 1:48

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Is it possible to associate with another program e.g. aireplay-ng? 

Original comment by tod...@gmail.com on 29 Dec 2011 at 1:50

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Don't know for sure but it may a be cause or a fix:

I'm not using the patched kernel for aircrack-ng which the program in fact 
recommends, aircrack-ng works fine though I have to use ---ignore-negative-one 
on aireplay, here is the source to patch the wireless kernel for compatibility, 
like I say i'm not sure if its a solution, but if you (Reaver Programmer) say 
its a good idea I'll give it a try:

http://wireless.kernel.org/en/users/Download/stable/#compat-wireless_3.2_stable_
releases

Also available on the Ubuntu repositories if your using a package manager.

Please let me know! :] thanks.

Original comment by Raanan.A...@gmail.com on 29 Dec 2011 at 2:34

GoogleCodeExporter commented 9 years ago
All, I've found and fixed the issue. Very silly bug in the association receive 
loop, but for reasons yet unknown still happened to work on my development box. 

New code is checked in to subversion, as soon as others verify that this fixes 
their issues, I will cut a new release of Reaver.

From Backtrack 5 RC1 with the AWUS036H and rtl8187 driver:

root@bt:~/Desktop/src# ./reaver -i mon0 -b C0:C1:C0:A5:73:F7 -vv

Reaver v1.0 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

[+] Waiting for beacon from C0:C1:C0:A5:73:F7
[+] Switching mon0 to channel 2
[+] Switching mon0 to channel 3
[+] Switching mon0 to channel 4
[+] Switching mon0 to channel 5
[+] Switching mon0 to channel 6
[+] Switching mon0 to channel 7
[+] Switching mon0 to channel 8
[+] Switching mon0 to channel 11
[+] Associated with C0:C1:C0:A5:73:F7 (ESSID: cisco_e2500_normal_wifi)
[+] Trying pin 93234375
[+] Trying pin 04064374
[+] Trying pin 87284379
[+] Trying pin 63034370
[+] Trying pin 12504374
...

Original comment by cheff...@tacnetsol.com on 29 Dec 2011 at 2:37

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
This is what I get with latest subversion:

[+] Waiting for beacon from C0:3F:0E:C1:DB:A7
[+] Switching mon0 to channel 2
[+] Switching mon0 to channel 4
[!] WARNING: Failed to associate with C0:3F:0E:C1:DB:A7 
[!] WARNING: Failed to associate with C0:3F:0E:C1:DB:A7 
[+] Associated with C0:3F:0E:C1:DB:A7 
[+] Trying pin 90553301
[!] WARNING: Failed to associate with C0:3F:0E:C1:DB:A7 
[+] Switching mon0 to channel 3
[!] WARNING: Receive timeout occurred
[!] WARNING: Receive timeout occurred
[!] WARNING: Receive timeout occurred
[!] WARNING: Receive timeout occurred
Segmentation fault

I'm under kernel 3.1.5 with iwlagn driver

Original comment by gorilla....@gmail.com on 29 Dec 2011 at 2:50

GoogleCodeExporter commented 9 years ago
maguila,

I have not tested the iwlagn drivers, but since you were able to associate I'd 
suspect that injection is working properly. The failed associations and receive 
timeouts are usually an indication of poor signal strength or a lot of wireless 
interference.

The segfault is troubling though. Can you give more info on your OS ?

Original comment by cheff...@tacnetsol.com on 29 Dec 2011 at 3:00

GoogleCodeExporter commented 9 years ago
I'm using Archlinux x64. We use almost the latest packages on everything as it 
is a rolling release distro.

I have tried to run under gdb but I don't know why I don't get the segmentation 
fault:

$gdb ./reaver
GNU gdb (GDB) 7.3.1
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/user/reaver-wps-read-only/src/reaver...done.
(gdb) run -i mon0 -b C0:3F:0E:C1:DB:A7 -vv
Starting program: /home/user/reaver-wps-read-only/src/reaver -i mon0 -b 
C0:3F:0E:C1:DB:A7 -vv

Reaver v1.0 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

[+] Waiting for beacon from C0:3F:0E:C1:DB:A7
[+] Switching mon0 to channel 4
[!] WARNING: Failed to associate with C0:3F:0E:C1:DB:A7 (ESSID: ONODBA7)
[!] WARNING: Failed to associate with C0:3F:0E:C1:DB:A7 (ESSID: ONODBA7)
[!] WARNING: Failed to associate with C0:3F:0E:C1:DB:A7 (ESSID: ONODBA7)
[!] WARNING: Failed to associate with C0:3F:0E:C1:DB:A7 (ESSID: ONODBA7)
[!] WARNING: Failed to associate with C0:3F:0E:C1:DB:A7 (ESSID: ONODBA7)
[+] Associated with C0:3F:0E:C1:DB:A7 (ESSID: ONODBA7)
[+] Trying pin 26141367
[!] WARNING: Failed to associate with C0:3F:0E:C1:DB:A7 (ESSID: ONODBA7)
[+] Switching mon0 to channel 2
[!] WARNING: Receive timeout occurred
[!] WARNING: Receive timeout occurred
[!] WARNING: Receive timeout occurred
[!] WARNING: Receive timeout occurred
[!] WARNING: Receive timeout occurred
[!] WARNING: Receive timeout occurred
...etc

But again I get the segmentation fault without gdb.

Original comment by gorilla....@gmail.com on 29 Dec 2011 at 3:22

GoogleCodeExporter commented 9 years ago
New SVN read-out: 

Reaver v1.0 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
<cheffner@tacnetsol.com>

[+] Waiting for beacon from BA:DA:55:B4:55:23
[+] Associated with BA:DA:55:B4:55:23 (ESSID: _)
[+] 0.05% complete @ 5 seconds/attempt
[+] 0.09% complete @ 6 seconds/attempt
[+] 0.13% complete @ 6 seconds/attempt
[+] 0.16% complete @ 6 seconds/attempt
[+] 0.21% complete @ 6 seconds/attempt
[+] 0.25% complete @ 6 seconds/attempt
[+] 0.29% complete @ 6 seconds/attempt
[+] 0.34% complete @ 6 seconds/attempt
[+] 0.36% complete @ 6 seconds/attempt

cool program dude!

Original comment by Raanan.A...@gmail.com on 29 Dec 2011 at 3:25

GoogleCodeExporter commented 9 years ago
Thanks, this has also been verified by Stefan; marking as verified.

maguila, I'm opening a new ticket for your segfault issue.

Original comment by cheff...@tacnetsol.com on 29 Dec 2011 at 3:34

GoogleCodeExporter commented 9 years ago
Cheff, I am using carl9170 with Reaper v1.4 and it's working fine. It's a USB 
D-Link card. Did not want to run reaper in BT5 but works fine with Ubuntu 11.10 
3.1.5.

Original comment by dremode....@gmail.com on 26 Jan 2012 at 9:41

GoogleCodeExporter commented 9 years ago
I have the same problem as OP. I'm running a BackTrack 5 Live USB. I've tried 
to get results with three cards: the AWUS036H (driver rtl8187), the AWUS036NH 
(driver 2800usb) and the integrated Broadcom adapter (I forget the exact model, 
but it uses the b43 driver under BT). I'm using reaver-1.4bt1. 

I get no results save a spam of "failed to associate". I have tried this 
against several access points, all of which are of relatively high power (-60 
or better) and quality (80+%).

What might be the problem here?

Original comment by adh...@gmail.com on 29 Jan 2012 at 2:56

GoogleCodeExporter commented 9 years ago
I have the same issue with Reaver v1.4.  I'm running BT5 in Virtualbox with 
Alfa AWUS036H card and driver rtl8187.

Original comment by tre...@gmail.com on 22 Feb 2012 at 9:48

GoogleCodeExporter commented 9 years ago
Same issue with Reaver v1.4. I'm on Ubuntu 11.10 using a Netgear WG111v3 with 
driver rt8187.

Original comment by mun...@gmail.com on 8 Mar 2012 at 6:00

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Got problem with reaver on my BT5R2. Suddenly stopped working. Using the RTL8187

Original comment by itha...@gmail.com on 3 May 2012 at 2:18

GoogleCodeExporter commented 9 years ago
Same here, cant assoc, usb wireless adapter , TL-WN821N driver athuw ver 
7.7.0.93
Tried using -A and let aireplay assoc but reaver simply stops working after 
first assoc. no messages, nothing. Hope someone can help with that

Original comment by sword...@gmail.com on 17 May 2012 at 11:33

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Same here, usb wireless adapter sky city 200000 with the rtl8187 driver.. 
Pwr is a negative value in airodump

Original comment by allaert....@gmail.com on 8 Jun 2012 at 6:41

GoogleCodeExporter commented 9 years ago
Same issue here. BT5 R2 using Intel 5100 against Buffalo WZR-HP-AG300H and 
D-Link DIR-605...

Original comment by gefthefr...@gmail.com on 26 Jun 2012 at 3:58

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Same here. AWUS036H, Backtrack 5R2, Reaver v1.4 against three different access 
points.

Original comment by lorenzki...@gmail.com on 1 Aug 2012 at 10:53

GoogleCodeExporter commented 9 years ago
it is a card drivers issue  as of my experience.

Original comment by J0J0...@gmail.com on 25 Jul 2013 at 12:33