January 2012
M T W T F S S
    Feb »
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Recent Posts

Recent Comments

Category Specific RSS

by Tips and Tricks

Archives

Meta

Brute force attack against Wifi Protected Setup

Probably most of you already heard about weakness in Wifi Protected Setup discovered recently.
Using it you can reduce PIN authentication probes from 100000000 to only 11000 making brute force attack possible and reveal password to network in about 4 hours (usually even sooner).

Most AccessPoints are vulnerable thus with this attack you can brute-force almost any network around. Doesn’t matter if it uses WPA/WPA2 nor which method PSK/Radius. It only needs to be WPS enabled and most of APs are.

I’ve just packaged reaver-wps tool for Debian (I’m also an author of its ArchLinux PKGBUILD) and it’s now waiting in new queue.

If you want to try it before it enters unstable I put it also on my people.debian.org account.
After installing it all you have to do is enable monitor mode in your wifi card (you need aircrack-ng package for that):

airmon-ng start wlan0

Then start attack:

reaver -i mon0 -b xx:xx:xx:xx:xx:xx -vv

Of course name of interfaces may differ as their depend on your wifi driver. After -b switch you have to enter BSSID of the target AP.

That’s all. Happy ha^Wcracking ;)

I wonder if it really enter Debian archive, cause it’s shipped with several libraries already included in Debian. Mainly Linux Wireless Extensions library, and some part of wpa-supplicant package (this are at least slightly modified).

In fact there are chances that reaver will became the part of the aircrack-ng suite (they discuss it already), but that won’t happen soon, so it still would be great to have this package in Debian.

Written on January 4th, 2012 , ArchLinux, Debian, Linux Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

*


× three = 6

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="" highlight="">

COMMENTS
    rjc commented

    Hi fenio,

    You’ve mentioned aircrack-ng package which has been removed from Debian.
    Are you planning to package it as well again and put it into the pool prior to/with reaver?

    Having reaver without airmon-ng, which is a part of aircrack-ng, seems pointless otherwise.

    Regards,

    rjc

    Reply
    January 5, 2012 at 10:43 am
      fEnIo commented

      Well I haven’t been aware that aircrack-ng is no longer available in the archive.

      No, I won’t package it. In fact there are some problems with getting it back to Debian.

      You can read about it in the following bugreport.
      http://trac.aircrack-ng.org/ticket/953

      Reply
      January 5, 2012 at 1:07 pm
    ctrix commented

    Yust to let you know that the correct build dependency is libpcap-dev, not libcap-dev as stated erroneusly in the control file.
    I don’t believe it will ever enter debian with that error.

    Reply
    January 5, 2012 at 7:32 pm
      fEnIo commented

      Thanks for spotting it. As usual didn’t check it with pbuilder ;)

      Reply
      January 8, 2012 at 4:18 pm

fenski.pl is proudly powered by WordPress and the Theme Adventure by Eric Schwarz
Entries (RSS) and Comments (RSS).

fenski.pl

If anything can go wrong, it will