December 16, 2017, 08:26:40 PM
Welcome, Guest. Please login or register.

When in doubt...WPS!

Author Topic: Reaver in bt5r2 , same pin.  (Read 20562 times)

Offline masonx

  • Prospect
  • *
  • Posts: 11
  • Internets: +0/-0
Reaver in bt5r2 , same pin.
« on: June 11, 2012, 11:05:24 PM »
Hello, I running reaver in bt5r2 and it seems to be working except , ...every time it displays "Trying Pin 12345670"its always the same pin 12345670. Is it not working correctly ?  That same pin showed up at least a dozen times also 0.00 % complete. Im still learning so be patient please. Thanks

wireless usb card awus036h
started wlan0 , checked injection ...working
monitor mode enabled mon0
used command reaver -i mon0 -b XX:XX:XX:XX:XX:XX -vv

Offline Duane

  • *CWSP Certified*
  • Enthusiast
  • *******
  • Posts: 77
  • Internets: +12/-0
  • Stayed at a Holiday Inn Express!
Re: Reaver in bt5r2 , same pin.
« Reply #1 on: June 12, 2012, 04:40:46 AM »
Hi Masonx, I've had the same problem with Reaver, I cracked my AP the first time in 6 hours but that's the only time it's been successful.  Sometimes it will start off great then stop in the middle, other times it does the same thing that yours did.  In my opinion, Reaver is just plain flaky. 

Offline 3therk1ll

  • *CWSP Certified*
  • Elite
  • *******
  • Posts: 579
  • Internets: +12/-1
  • Try, fail, learn, repeat
Re: Reaver in bt5r2 , same pin.
« Reply #2 on: June 12, 2012, 05:54:38 AM »
Reaver works fine, what you're experiencing is more likely to be a security feature of the AP, it's detecting the brute force and locking out your Mac, I found this difficuilty whilst testing on a Belkin router, try setting timeouts and breaks in the attack, look at the router as well, the one I tested displayed a red flashing light when the attack began to fail/was detected. Also, for the original post, make sure WPS mode is enabled on the router or the attack doesn't work.
If for some reason that doesn't work, try spoofing your mac address 'macchanger -r #your_interface#'
if you stop an attack, reaver will pick up where you left off.
« Last Edit: June 12, 2012, 06:02:19 AM by 3therk1ll »
Every time [some software engineer] says, �Nobody will go to the trouble of doing that,� there�s some kid in Finland who will go to the trouble.

� Alex Mayfield

Offline jroy08

  • Elite
  • *****
  • Posts: 518
  • Internets: +3/-0
  • Soaking it up!!
Re: Reaver in bt5r2 , same pin.
« Reply #3 on: June 12, 2012, 07:43:53 AM »
Hello, I running reaver in bt5r2 and it seems to be working except , ...every time it displays "Trying Pin 12345670"its always the same pin 12345670. Is it not working correctly ?  That same pin showed up at least a dozen times also 0.00 % complete. Im still learning so be patient please. Thanks

wireless usb card awus036h
started wlan0 , checked injection ...working
monitor mode enabled mon0
used command reaver -i mon0 -b XX:XX:XX:XX:XX:XX -vv

That particular pin is the one reaver always starts with. In your case it never got past the first pin. It may be a security feature as suggested, but wps security does behave oddly sometimes. With reaver I have never had much success with a router that is in the same room as me. I have however had a lot of success on routers that were some distance away. Like mentioned be sure wps is enabled, but if it wasn't I don't think reaver would get past the association. I also have had more success when starting, stopping and restarting reaver periodically.
J_roy08

Offline 3therk1ll

  • *CWSP Certified*
  • Elite
  • *******
  • Posts: 579
  • Internets: +12/-1
  • Try, fail, learn, repeat
Re: Reaver in bt5r2 , same pin.
« Reply #4 on: June 12, 2012, 09:51:50 AM »
Just to be clear, I muddled the two together before...
1) Stopping halfway, more likely to be a security feature as the AP realises it is coming under attack, -t option to initiate timeouts to make attack less obvious. Consider using -d to delay between pin attempts for the same reason or if the AP security periodically locks out WPS pin attempts, set the option -l (time in seconds).
2)Not starting, WPS not enabled, stopping Reaver from being able to work full stop.

Like jroy08 said, stopping and starting helps, but it is possibly an issue with inbuilt AP timeouts, try the above commands. I have never had Reaver fail once I worked out each routers quirks, even with those directly next to my interface, possibly again, idiosyncrasies in different router types.
Just keep experimenting with different AP's/conditions/settings.
Every time [some software engineer] says, �Nobody will go to the trouble of doing that,� there�s some kid in Finland who will go to the trouble.

� Alex Mayfield

Offline masonx

  • Prospect
  • *
  • Posts: 11
  • Internets: +0/-0
Re: Reaver in bt5r2 , same pin.
« Reply #5 on: June 12, 2012, 03:16:20 PM »
Thanks everyone for the responses and the advice. I will try all of the above. I really like the fact that reaver saves what you've accomplished and you can continue your attack at a later time. It seems to be working alittle better when I stop ans restart alittle later. I also noticed it helps to close the distance between your computer and the access point your attacking. Thank you all again , I really enjoy this stuff I just dont know enough about it yet.

Offline batman1538

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 12
  • Internets: +0/-0
Reaver in BT5R2
« Reply #6 on: July 08, 2012, 06:18:18 PM »
Good Day
 Having the same issue

I have a router and have the password even the pin thats is on the back and for some reason I can get in. The commands I use and get a timeout and stays at pin 01234567.
 
reaven -i mon0 -b (the MAC Address) -c (Channel) -e (name) -p (pin) -vv
 
reaven -i mon0 -b (the MAC Address) -c (Channel) -e (name) -p (pin) -vv -T 5
 
I also tried /wash -i first and it shows up on as AP open

this is just testing to see if I can get in

rougter is linksys cisco WRT320N

Offline R4v3N

  • Administrator
  • Super Elite
  • *****
  • Posts: 3693
  • Internets: +160/-1
  • The googles and the metasploits...
    • Top-Hat-Sec
Re: Reaver in bt5r2 , same pin.
« Reply #7 on: July 08, 2012, 06:30:26 PM »
masonx, what is the command that you are using to run reaver ? There are many factors that come into play when attacking WPS.

Offline batman1538

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 12
  • Internets: +0/-0
Re: Reaver in bt5r2 , same pin.
« Reply #8 on: July 08, 2012, 07:27:47 PM »
It's Batman1538 asking for help

wash -i mon0

chk that the WPS is on then

reaver -i mon0 -b (the MAC Address) -c (Channel) -e (name) -p (pin) -vv

and also
 
reaver -i mon0 -b (the MAC Address) -c (Channel) -e (name) -p (pin) -vv -T 5

the pin I use is the one on the back of the router I do know the PW but just chking to see if it comes up with reaver

Offline Red

  • *CWSP Certified*
  • Elite
  • *******
  • Posts: 811
  • Internets: +4/-0
  • "AKA SGT"
Re: Reaver in bt5r2 , same pin.
« Reply #9 on: July 08, 2012, 09:06:41 PM »
How far away are you from the AP?

Offline TAPE

  • Top Hat Member Moderator
  • Elite
  • ********
  • Posts: 1249
  • Internets: +193/-0
Re: Reaver in bt5r2 , same pin.
« Reply #10 on: July 09, 2012, 12:01:06 AM »
Just so that it is clear on what you are trying;

You are entering the PIN using the -p switch to verify whether reaver is working on your router
by entering the PIN directly.
Correct ?

If there is no response and reaver continues to try the same PIN, then it looks like your
router is not susceptible to the attack even though wash is saying it is..


Have you confirmed that your router is indeed vulnerable to the reaver attack ?
Checkout: https://docs.google.com/spreadsheet/ccc?key=0Ags-JmeLMFP2dFp2dkhJZGIxTTFkdFpEUDNSSHZEN3c#gid=0
to verify whether your router is vulnerable at all.

Although wash may say it is responding, perhaps you need to try more of the different options to
have a shot at it ?

Take all the advice you like and then tell everyone to **** off and do your own thing -- Gitsnik

Offline batman1538

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 12
  • Internets: +0/-0
Re: Reaver in bt5r2 , same pin.
« Reply #11 on: July 09, 2012, 06:02:52 AM »
The router is in the same room

Offline batman1538

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 12
  • Internets: +0/-0
Re: Reaver in bt5r2 , same pin.
« Reply #12 on: July 09, 2012, 06:05:54 AM »
rougter is cisco WRT320N

Offline TAPE

  • Top Hat Member Moderator
  • Elite
  • ********
  • Posts: 1249
  • Internets: +193/-0
Re: Reaver in bt5r2 , same pin.
« Reply #13 on: July 09, 2012, 03:45:03 PM »
Huh, in the database it says "maybe" under the vulnerable column for that router..

Not terribly helpful ;)

In any case;
- You know the PIN, you are trying it correctly, it is not responding..
- It is in the database as a 'maybe vulnerable' with comments on continuous WPS transaction failures.

So.. if it looks like a duck, quacks like a duck.. it is most likely a duck..

Probably not vulnerable.
Take all the advice you like and then tell everyone to **** off and do your own thing -- Gitsnik

Offline batman1538

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 12
  • Internets: +0/-0
Re: Reaver in bt5r2 , same pin.
« Reply #14 on: July 09, 2012, 04:48:32 PM »
 :'(