Author Topic: Free Wi-Fi using Reaver and how to protect yourself  (Read 2033 times)

0 Members and 1 Guest are viewing this topic.

Offline SOFGames

  • /dev/null
  • *
  • Posts: 8
  • Cookies: -9
    • View Profile
Free Wi-Fi using Reaver and how to protect yourself
« on: March 09, 2014, 12:56:08 am »
  Most of you guys may be familiar with Reaver nut for those that aren't im gonna teach you how to gain your neighbors Wi-Fi...

 People assume that because their wireless encryption key is WPA2 standard, they are safe from cyber attack. They are wrong. Reaver is a program inside of Kali Linux that allows an attacker (maybe that creepy neighbor of yours that never comes out of their apartment without taking weird to a new level), easily compromise your routers password by attacking the PIN authorization process between your router and other devices. See, with your router’s PIN, a password is not needed. In fact, because Reaver doesn’t use a dictionary file to bruteforce your password, it doesn’t matter how strong or long it is and Reaver WILL eventually crack the PIN!

Your router’s PIN is eight numbers long. Your router knows four of these numbers and any devices that use the wireless password knows the other four numbers. Reaver randomly runs every possible combination of four numbers until it cracks the PIN! Then voila! The attacker gets your full PIN and Password

HOW TO PROTECT YOURSELF

Set your wireless router to LOCK WPS. This locks your WPS PIN and makes you invulnerable to this method of attack.

HOW THE ATTACK IS CARRIED OUT

In order to use Reaver, you need to get your wireless card’s interface name, the BSSID of the router you’re attempting to crack (which I will show you how to find), and you need to make sure your wireless card is in monitor mode. So let’s do all that!

FIND YOUR WIRELESS CARD

Inside Terminal, type: iwconfig

Press Enter. You should see a wireless device in the subsequent list. Most likely, it’ll be named:

wlan0 or wlan1

But if you have more than one wireless card, or a more unusual networking setup, it may be named something different.

Put your wireless card into monitor mode: Assuming your wireless card’s interface name is: wlan0

Execute the following command to put your wireless card into monitor mode:

airmon-ng start wlan0

This command will output the name of monitor mode interface, which you’ll also want to make note of. Most likely, it’ll be: mon0

FIND THE BSSID YOU WANT TO CRACK

Lastly, you need to get the unique identifier of the router you’re attempting to crack so that you can point Reaver in the right direction. To do this, execute the following command:

airodump-ng mon0

When you see the network you want, press Ctrl+C to stop the list from refreshing, then copy that network’s BSSID (it’s the series of letters, numbers, and colons on the far left). The network should have WPA or WPA2 listed under the ENC column.

Now, with the BSSID and monitor interface name in hand, you’ve got everything you need to start up Reaver.

CRACK THE NETWORK WITH REAVER

To find out if the AP you are attacking usese WPS (vulnerable to Reaver), you can use:

wash -i mon0

Look under the LOCK column. If your target BSSID has it’s WPS LOCKED (you will see “yes” for LOCKED WPSs), then Reaver will not be able to crack the PIN. If you see a “no”, then continue…

Now execute the following command in the Terminal. (replacing and monitor interface and the BSSID with the BSSID that you copied down above):

reaver -i mon0 -b [bssid] -vv

For example, if your monitor interface was mon0 like mine, and your BSSID was

8D:AE:9D:65:1F:B2

(a BSSID I just made up), your command would look like:

reaver -i mon0 -b 8D:AE:9D:65:1F:B2 -vv

Press Enter, sit back, and let Reaver work its disturbing magic. Reaver will now try a series of PINs on the router in a brute force attack, one after another. This will take a while. In my successful test, Reaver took about 6 hours to crack the PIN and deliver me the correct password. The Reaver documentation says it can take between 4 and 10 hours so it could take more or less time than I experienced, depending.

Offline Teapot

  • Peasant
  • *
  • Posts: 127
  • Cookies: -2
  • E-Book Whore
    • View Profile
Re: Free Wi-Fi using Reaver and how to protect yourself
« Reply #1 on: March 09, 2014, 01:23:12 am »


Offline iTpHo3NiX

  • EZ's Pirate Captain
  • Administrator
  • Titan
  • *
  • Posts: 2920
  • Cookies: 328
    • View Profile
    • EvilZone
Re: Free Wi-Fi using Reaver and how to protect yourself
« Reply #2 on: March 09, 2014, 05:32:43 am »
I love the fact how reaver is an application built into kali and has to guess the last 4 digits in the pin. Keep in mind the last digit is a checksum and you have to bruteforce 7 digits

Reaver brute forces the first half of the pin and then the second half of the pin, meaning that the entire key space for the WPS pin number can be exhausted in 11,000 attempts. The speed at which Reaver can test pin numbers is entirely limited by the speed at which the AP can process WPS requests. Some APs are fast enough that one pin can be tested every second; others are slower and only allow one pin every ten seconds. Statistically, it will only take half of that time in order to guess the correct pin number.

So a WPS pin looks like this:

7635 7265

Raver needs to crack the first 4 digits 10^4 (10,000) and then 10^3 (1,000) as the last digit is a checksum and can be validated

But reaver is just a program in kali and you have to crack 4 digits because the router knows the other 4
[09:27] (+lenoch) iTpHo3NiX can even manipulate me to suck dick
[09:27] (+lenoch) oh no that's voluntary
[09:27] (+lenoch) sorry

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: Free Wi-Fi using Reaver and how to protect yourself
« Reply #3 on: March 09, 2014, 12:09:27 pm »
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline s1l3nc3

  • Serf
  • *
  • Posts: 33
  • Cookies: -11
    • View Profile
Re: Free Wi-Fi using Reaver and how to protect yourself
« Reply #4 on: March 19, 2014, 04:36:07 am »
01101000 01110101 01101110 01100111 01110010 01111001 00110110 00110010

Offline Ragehottie

  • Knight
  • **
  • Posts: 313
  • Cookies: -9
  • Hack to learn, not learn to hack.
    • View Profile
Re: Free Wi-Fi using Reaver and how to protect yourself
« Reply #5 on: March 24, 2014, 02:38:05 am »
First person to post about this  8) [8]
Blog: rexmckinnon.tumblr.com

Offline kenjoe41

  • Symphorophiliac Programmer
  • Administrator
  • Baron
  • *
  • Posts: 990
  • Cookies: 224
    • View Profile
Re: Free Wi-Fi using Reaver and how to protect yourself
« Reply #6 on: March 24, 2014, 12:06:22 pm »
If this is original, then the dude is trying his level best to contribute to the community n that deserves applaud.
only problem is that he didn't research what he was writing about it but seems to know what to write in the terminal.

kep being active OP, when writting about anything even if you know it please research about it n you will be suprised of any updates it has.
If you can't explain it to a 6 year old, you don't understand it yourself.
http://upload.alpha.evilzone.org/index.php?page=img&img=GwkGGneGR7Pl222zVGmNTjerkhkYNGtBuiYXkpyNv4ScOAWQu0-Y8[<NgGw/hsq]>EvbQrOrousk[/img]