st5ntry / reaver-wps

Automatically exported from code.google.com/p/reaver-wps
0 stars 0 forks source link

WPS PIN given, WPA PSK is not. #517

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago

4. Often times we need packet captures of mon0 while Reaver is running to
troubleshoot the issue (tcpdump -i mon0 -s0 -w broken_reaver.pcap).  Issue
reports with pcap files attached will receive more serious consideration.

Answer the following questions for every issue submitted:

0. What version of Reaver are you using? Reaver 1.4

1. What operating system are you using (Linux is the only supported OS)? Ubuntu 
13.04

2. Is your wireless card in monitor mode (yes/no)? Yes, I have placed wlan0 
into monitor mode through 'iwconfig wlan0 mode monitor'

3. What is the signal strength of the Access Point you are trying to crack? -64

4. What is the manufacturer and model # of the device you are trying to crack? 
Belkin F9K1102 Dual-Band Router

5. What is the entire command line string you are supplying to reaver? reaver 
-i wlan0  -c6 -b xx:xx:xx:xx:xx:xx -vv- N -w -s -A -p xxxxxxxx

6. Please describe what you think the issue is. My computer is able to gain the 
WPS PIN, however, not the PSK of the router.

7. Paste the output from Reaver below.

[+] Received M5 message
[+] Received M5 message
[+] Received M7 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[+] Pin cracked in 125 seconds
[+] WPS PIN: 'xxxxxxxx'

It says the attachment quota is exceeded so I have uploaded it here: 
https://www.dropbox.com/s/ld9p9o94hin644m/broken_reaver.pcap

Original issue reported on code.google.com by quiglest...@gmail.com on 9 Jun 2013 at 12:58

GoogleCodeExporter commented 8 years ago
what's the problem? revealed the PIN right? If attempts to not reveal the PSK 
with -p, then use mode wpasupplicant.

Original comment by deltomaf...@gmail.com on 12 Jun 2013 at 1:46

GoogleCodeExporter commented 8 years ago
Yes, -p doesn't show the PSK.

wpasupplicant has been giving me issues as well which is why I've posted what 
I've posted. I found some instructions from an earlier issue and attempted to 
use it and it wouldn't run for some reason, which is frustrating me.

Original comment by quiglest...@gmail.com on 16 Jun 2013 at 3:34

GoogleCodeExporter commented 8 years ago
could post the steps wpasupplicant with the error occurring?

Original comment by deltomaf...@gmail.com on 17 Jun 2013 at 3:34

GoogleCodeExporter commented 8 years ago
Same issue: reaver 1.3 and 1.4 do not give the PSK, just the pin.
I've tried the wpa_supplicant method, as described in Issue 203, comment 6, but 
it doesn't work. 
I use BTR3
wpa_supplicant version is v0.6.9

my /etc/wpa_supplicant.conf contains the following:

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
update_config=1

I start it in daemonized mode by running this command (wlan1 is my interface)
wpa_supplicant -Dwext -iwlan1 -c/etc/wpa_supplicant.conf –B

after running
wpa_cli status
the wpa_state is indicated as INACTIVE

I then run
wps_reg "routerbssid" "wpspin"
and the following is displayed:

OK
> <2>CTRL-EVENT-SCAN-RESULTS 
<2>WPS-AP-AVAILABLE 
<2>Trying to associate with "routerbssid" (SSID='routeressid' freq=2462 MHz)
<2>CTRL-EVENT-SCAN-RESULTS 
<2>WPS-AP-AVAILABLE 
<2>Associated with "routerbssid"
<2>CTRL-EVENT-EAP-STARTED EAP authentication started
<2>CTRL-EVENT-EAP-METHOD EAP vendor 14122 method 1 (WSC) selected
<2>CTRL-EVENT-EAP-FAILURE EAP authentication failed
<2>CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
<2>CTRL-EVENT-SCAN-RESULTS 
<2>WPS-AP-AVAILABLE 
<2>Authentication with 00:00:00:00:00:00 timed out.

I am not very familiar with linux OS so I would appreciate a more simplified 
explanation. 

Thanks in advance, hopefully this would help others as well.

Original comment by viktors....@newcastle.ac.uk on 23 Jun 2013 at 1:20

GoogleCodeExporter commented 8 years ago
wps_reg "routerbssid" "wpspin"
using mac address occurs
same?
wps_reg xx:xx:xx:xx:xx:xx 12345678

Original comment by deltomaf...@gmail.com on 25 Jun 2013 at 1:37

GoogleCodeExporter commented 8 years ago
Yes, I am using the mac address  (eg. wps_reg xx:xx:xx:xx:xx:xx 12345678)

Original comment by viktors....@newcastle.ac.uk on 25 Jun 2013 at 5:08

GoogleCodeExporter commented 8 years ago
ok, a question, is killing the wpa_supplicant process.
before of run wpa_supplicant -Dwext -iwlan1 -c/etc/wpa_supplicant.conf –B ?
check and kill with:
ps auxww | grep wpa_supplicant
killall wpa_supplicant

Original comment by deltomaf...@gmail.com on 27 Jun 2013 at 2:38