Ethical Hacking and Penetration Testing Guide


Using Reaver to Crack WPS-Enabled Wireless Networks



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə185/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   181   182   183   184   185   186   187   188   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

305
Using Reaver to Crack WPS-Enabled Wireless Networks
Reaver is the penetration tester’s ultimate choice, this tool can help you crack WPA/WPA2 keys 
within a matter of hours. Reaver does not directly perform a brute force attack against the WPA/
WPA2 keys, but it performs a brute force attack against the WPS pins. The WPS pins are eight 
digits in length, and as most routers use default pins, they can easily be compromised.
Once reaver compromises the pins by either using the default pins or by using a brute force 
attack, which won’t take much long since eight-digit pins would have 10,000,000 (10^7) and the 
last digit can be calculated by using the first seven pins according to official documentation.
As reaver compromises the pins, it gets authenticated as a valid external registrar. A registrar 
has access to all the configurations of the access point, which would include the WPA/WPA2 
keys. For this attack to work, the access point should have WPS enabled. The good thing is that 
we would have it enabled in most of the access points we encounter. Let’s see how we can use reaver 
to crack WPS-enabled wireless networks.
Step 1
—Make sure that your wireless card is in the monitor mode.
Step 2
—Next, we would use airodump-ng to select our target we want to attack.
In this case we target the access point with ESSID PTCL-BB, and BSSID F4:3E:61:F5:FC:49. 
We will copy the BSSID, since this will be the only input required for reaver to work.
Step 3
—Now, we will use reaver to attack our access point. The command would be as follows:
reaver –i mon0 –b F4:3E:61:F5:FC:49 –vv
The –i parameter was used to specify the interface, which is mon0, followed by the –b param-
eter used to define the bssid and –vv for the verbosity. The verbosity is set to twice, which means 
that it will display each pin’s number as it’s tried against the access point.



Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   181   182   183   184   185   186   187   188   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin