Open GoogleCodeExporter opened 9 years ago
oh i figured out the tcpdump. i put the code in and it says---
tcpdump: WARNING: mon0: no IPv4 address assigned
tcpdump: listening on mon0, link-type IEEE802_11_RADIO (802.11 plus radiotap
header), capture size 65535 bytes
thats all it says when i run reaver....
Thanks again!
Original comment by ffej5...@gmail.com
on 18 Jun 2012 at 4:39
Those TP-LINK routers that start with F8:D1:11 have a lock-up of the WPS
function until restarted after 10 incorrect PINs.
I am very interested to know how you managed to get to PIN 3494.
Use wash
Code:
wash -i mon0
or
wash -i mon0 -C -s
to see if the AP is locked. It needs to be rebooted to get unlocked so you can
try ti brute the PIN again.
What options did you use when bruting this AP to get over the automatic lock
mechanism?
Original comment by BHT...@gmail.com
on 20 Jun 2012 at 5:33
ok. did wash =i mon0 and the AP does not have WPS locked. Either of the 2 I
can't crack. The MAC's are A0:21:B7:A2:0B:CA and F8:D1:11:AC:59:42. It seemed
that injecting the AP and airodump are what helped me get to key 3494 but I
can't do anything to get past that key. Then with the MAC ending in CA the key
it got to is 2667182 but does the same thing as the one ending with MAC 42.
Both do not have WPS locked. The MAC ending in CA I had to mess with a lot but
-i mon0 -b A0:21:B7:A2:0B:CA -vv -N -n -w -S that code worked the best for me
until now.
Original comment by ffej5...@gmail.com
on 21 Jun 2012 at 2:41
Can you please share what commands did you use for airodump and AP injecti0on?
Original comment by BHT...@gmail.com
on 21 Jun 2012 at 5:21
aireplay-ng -1 0 -e surf -a F8:D1:11:AC:59:42 mon0 for test injecting which is
all I figured I needed. And airodump-ng -c 4 --bssid F8:D1:11:AC:59:42 mon0.
Nothing helps anymore though. :'( so frustrating!
Original comment by ffej5...@gmail.com
on 22 Jun 2012 at 4:21
Original issue reported on code.google.com by
ffej5...@gmail.com
on 18 Jun 2012 at 4:27