Kali Linux Hacking Tutorials Hack WPA WPA2 WPS Reaver Kali Linux PDF

10/28/2015 Kali Linux Hacking Tutorials: Hack WPA/WPA2 WPS Reaver Kali Linux
 GENERAL  WIRELESS  PENETESTING  WEB HACKING  KALI LINUX  STARTERS GUIDE
Hack WPA/WPA2 WPS - Reaver - Kali Linux Kali Tutorials

3,624 likes
WPA/WPA-2
Like Page Use App
When it was known that a WEP network could be hacked by any kid with a laptop and a network
Be the first of your friends to like this
connection (using easy peasy tutorials like those on our blog), the security guys did succeed in
making a much more robust security measure WPA/WPA2.
Now hacking WPA/WPA2 is a very tedious job in most cases. A
dictionary attack may take days, and still might not succeed. Also,
good dictionaries are huge. An exhaustive bruteforce including all
the alphabets (uppercase lowercase) and numbers, may take years, SPONSORED
depending on password length. Rainbow tables are known to
speed things up, by completing a part of the guessing job
beforehand, but the output rainbow table that needs to be
downloaded from the net is disastrously large (can be 100s of GBs sometimes). And finally the
security folks were at peace. But it was not over yet, as the new WPA technology was not at all
easy for the users to configure. With this in mind, a new security measure was introduced to
compliment WPA. Wifi Protected Setup (WPS). Now basically it was meant to make WPA even
tougher to crack, and much easier to configure (push a button on router and device connects).
However, it had a hole, which is now well known, and tools like reaver can exploit it in a single
line statement. It still might take hours, but it is much better than the previous scenario in which
months of brute-forcing would yield no result.
Here's what wikipedia says about WPS-

Created by the Wi-Fi Alliance and introduced in 2006, the goal of the protocol is to allow home
users who know little of wireless security and may be intimidated by the available security
options to set up Wi-Fi Protected Access, as well as making it easy to add new devices to an
existing network without entering long passphrases. Prior to the standard, several competing
solutions were developed by different vendors to address the same need. A major security flaw
was revealed in December 2011 that affects wireless routers with the WPS feature, which most
recent models have enabled by default. The flaw allows a remote attacker to recover the WPS
PIN in a few hours with a brute-force attack and, with the WPS PIN, the network's WPA/WPA2
pre-shared key. Users have been urged to turn off the WPS feature, although this may not be
possible on some router models.
Working Of WPS
Now while most of the things are the same as in WPA, there is a new concept of using pins for
authentication. So basically, the client sends 8 digit pins to the access point, which verifies it and
then allows the client to connect. Now a pin has 8 digits, and only contains numbers, so its a
possible target for bruteforece. Under normal bruteforcing of WPA passwords, you have to
consider the fact that there may be number, alphabets, and sometimes symbols (and more than
POPULAR POSTS
8 letters). This make the task a billion billion times tougher. However, we can try thousands of
keys per second, which make it a tad bit easier. Now in WPS, there is a delay because we have to
wait for APs response, and we may only try a few keys per second (practically the best I've seen
Tutorial on Hacking With
on my PC is 1 key per 2 sec). Basically, 8 digits and 10 possibilities per digit (0-9) make it 10^8
Kali Linux
(interpret ^ as raised to the power of)seconds if we assume one key per second. Now that'll be
Hacking With Kali Linux Why Kali
years. So, where is this taking us? The answer is, there are flaws in this technology that can be
Linux? With Kali Linux, hacking
used against it. becomes much easier since you have all the tools
The 8th digit is a checksum of first 7 digits. 10^7 possibilities, i.e. one-tenth time. Two (more than 300 pre...
months, still a way to go.
Hack WPA/WPA2 WPS -
The pin number for verification goes in two halves, so we can independently verify the
Reaver - Kali Linux
first four and the last four digits. And believe me, its easy to guess 4 digits correct two
WPA/WPA2 When it was known
times, than to guess 8 correct digits at once. Basically, the first half would take 10^4
that a WEP network could be
guess and the second would take 10^3. hacked by any kid with a laptop and a network
Now the guesses would be 10^4 + 10^3 (not 10^4 *10 ^3). Now we need 11,000 guesses. connection (using easy peasy tuto...
http://www.kalitutorials.net/2014/04/hackwpawpa2wpsreaverkalilinux.html 1/17
Wifi Hacking - WEP - Kali

Linux Aircrack-ng suite
Alright, this post is written
assuming you have Kali Linux up
and running on your computer. If not, here is a
So that'll take 3 hours approximately. And that's all the combinations, and most probably the post on hacking with kali linu...
correct pin will not be the last combination, so you can expect to reach the result earlier.
However, the assumption is that bruteforcing will take place at a key per second. My personal Penetration Testing -
best is a key every 2 seconds, and yours might drop to as low as a key every 10 seconds. Hacking XP
Our approach to penetration testing
is going to be simple. I already
Start Download made a post about the ideal way to begin
Convert Any File to a PDF. Get the Free From Doc to Pdf App! penetration testing. But we ar...
Wifite : Hacking Wifi The

How to carry out the attack Easy Way : Kali Linux
Now it might have been tough to carry out this attack at some point in history, but now, its a Wifite While the aircrackng suite
breeze. If you have all the prerequisites, then hacking the network would be as easy as is a well known name in the
wireless hacking , the same can't be said about
reaver i <interfacename> b <BSSID of target> Wifite. Living in th...
And if you are already familiar with hacking WEP, then just go to your Kali Linux terminal and
Hack WPA/WPA-2 PSK
type the above command (replacing what needs to be replaced). Leave your machine as is, come
Capturing the Handshake
back 10 mins later, check the progress (must be 1% or something), and go take a nap. However,
WPA password hacking Okay, so
if you're a newbie, then tag along. hacking WPA2 PSK involves 2
main steps Getting a handshake (it contains the
Kali Linux hash of password, i.e. enc...
First off, you need to have Kali linux (or backtrack) up and running on your machine. Any other
Hack Facebook Account :
Linux distro might work, but you'll need to install Reaver on your own. Now if you don't have Kali
Stuff You Should Know
Linux installed, you might want to go to this page, which will get you started on hacking with Kali
Hack Facebook? Okay, so you got
Linux. (Reaver has a known issue : Sometimes it doesn't work with Virtual Machines, and you
lured into the idea of hacking a
might have to do a live boot using live CD or live USB of Kali Linux. See the last section of this Facebook account? I won't ask why. Everyone
post on = troubleshooting by scrolling down a bit) has their reasons. If you...
Information Gathering Denial Of Service Attacks :

Explained for Beginners
Now you need to find out the following about you target network-
and Dummies
Does it have WPS enabled. If not, then the attack will not work. Just like most other things
The BSSID of the network. associated with hacking, a denial of service
attack is not everyone's cup of tea. It, however,
Now to check whether the network has WPS enabled or not, you can either use wash or just use can be unders...
the good old airodump-ng. Wash is specifically meant to check whether a network has WPS
enabled or not, and thereby is much easier to use. Here are the steps- Evil Twin Tutorial
Prerequisites Kali Linux Prior
Set your wireless interface in monitor mode- experience with wireless hacking
You will also need to install a tool
airmonng start wlan0 (bridge utils) which doesn'...
Hacking Website with

Sqlmap in Kali Linux
A screenshot from the SQLmap
official website In the previous
tutorial, we hacked a website using nothing but a
simple browser on a Wind...
GOOGLE+ BADGE
Use wash (easy but sometimes unable to detect networks even when they have wps
enabled). If any network shows up there, it has WPS enabled.
wash i mon0
Shashwat Chaudhary
This will show all the networks with WPS enabled google.com/+ShashwatChaudhary1
1st year CSE @ IIIT Delhi
Follow
484 followers
This is an error which I haven't figured out yet. If you see it, then you'll have to do some howework, or move on to
airodump method. Update : wash i mon0 ignorefcs might solves the issue.
Use airodump-ng. It will show all networks around you. It tells which of them use
WPA. You'll have to assume they have WPS, and then move to next steps.
airodumpng mon0
None of them has WPS enabled, just saying.
BSSID of the network - Now irrespective of what you used, you should have a BSSID column in
the result that you get. Copy the BSSID of the network you want to hack. That's all the
information you need.
So by now you must have something like XX:XX:XX:XX:XX:XX, which is the BSSID of your target
network. Keep this copied, as you'll need it.
Reaver
Now finally we are going to use Reaver to get the password of the WPA/WPA2 network. Reaver
makes hacking very easy, and all you need to do is enter-
reaver i mon0 b XX:XX:XX:XX:XX:XX
Explanation = i - interface used. Remember creating a monitor interface mon0 using airmon-ng
start wlan0. This is what we are using. -b species the BSSID of the network that we found out
earlier.
This is all the information that Reaver need to get started. However, Reaver comes with many
advanced options, and some are recommended by me. Most importantly, you should use the -vv
option, which increases the verbosity of the tool. Basically, it writes everything thats going on to
the terminal. This helps you see whats happening, track the progress, and if needed, do some
troubleshooting. So final command should be-
reaver i mon0 b XX:XX:XX:XX:XX:XX vv
After some hours, you will see something like this. The pin in this case was intentionally
12345670, so it was hacked in 3 seconds.
Here is an extra section, which might prove useful (or more like consoling, to let you know you
are not the only one who is having troubles)
Known problems that are faced - Troubleshooting
1. As in the pic above, you saw the first line read "Switching wlan0 to channel 6". (Yours will be
mon0 instead of wlan0). Sometimes, it keeps switching interfaces forever.
2. Sometimes it never gets a beacon frame, and gets stuck in the waiting for beacon frame
stage.
3. Sometimes it never associates with the target AP.
4. Sometimes the response is too slow, or never comes, and a (0x02) or something error is
displayed.
In most cases, such errors suggest-
1. Something wrong with wireless card.

2. AP is very choosy, won't let you associate.
3. The AP does not use WPS.
4. You are very far from the AP.
Possible workarounds-
1. Sometimes, killing naughty processes helps. (see pictures below)

2. Move closer to target AP
3. Do a fakeauth using aireplay-ng (Check speeding up WEP hacking) and tell Reaver not to
bother as we are already associated using -A (just add -A at the end of your normal reaver
code)
4. If you are using Kali Linux in Vmware, try booting into Kali using USB. I don't know why, but
sometimes internal adapters work wonders, and can't be used from inside of a VM. In my
case, booting up from USB and using internal adapter increased the signal strength and
speeded up the bruteforce process. Update : It has nothing to do with internal adapter.
I have verified my observation with various hackers, and it is now a known problem
with Reaver. It does not work well inside Virtual machines. It is recommended that
you do a live boot.
processes causing problems
Kill 'em all
All that I have written above (the troubleshooting section) is based on personal experience, and
might not work. All the problems mentioned above, are well known on forums, and no 100%
working solution could be found anywhere (I do my homework before posting). If you are aware
of solution to any of these, do comment (anonymous comments are enabled)
Update: For some people the reason Reaver is not working is because the version of
Libpcap you are using is not compatible with the version of Kali you are using.
Share ! Suka 168 Tweet 11 11
85 comments:
Anonymous April 21, 2014 at 8:38 AM
Are there any another ways of wpa/wpa2 except reaver and aircrack?tx
Reply
Replies
SHASHWAT CHAUDHARY
March 13, 2015 at 12:17 AM
Wifite is there. It also uses Reaver only, except it types the commands
for you.
http://www.kalitutorials.net/2014/04/wifite-hacking-wifi-easy-way-
kali-linux.html
ALEX RODRIGUES August 12, 2015 at 8:49 PM
Friends , I'm from Brazil , very pleased . Would have a solution to

this? - WARNING: Detected AP rate limiting, waiting 60 seconds
ALEX RODRIGUES August 12, 2015 at 8:51 PM
Friends , I'm from Brazil , very pleased . Would have a solution for
this? - WARNING : Detected AP rate limiting , waiting 60 seconds .
Thanks for listening
Anonymous May 7, 2014 at 2:58 PM
has anybody else used fern?
Reply
Replies
SHASHWAT CHAUDHARY May 8, 2014 at 12:57 AM
The only notable thing about Fern is the GUI. It makes stuff easy for
beginners, but honestly, that's no way of becoming a hacker. GUI
should be avoided most of the time.
SHUBHAM TOMAR May 16, 2015 at 8:40 PM
Yes i used fern foe wep security it takes 30 minuts to break the WEP
password
Anonymous May 14, 2014 at 1:58 AM
To rid the FSC issue:

#wash -i wlan0 --ignore-fcs
Reply
Replies
SHASHWAT CHAUDHARY May 15, 2014 at 12:54 AM
Thanks, I'll update the post.
ok .but how to hack WPA/WPA2 with psk ??
Reply
Is possible to hack a wpa2 network with a random alphanumerical 15 characters password? I think
this kind of psw does not exist in any dictionary..
Reply
Anonymous June 16, 2014 at 1:25 PM
Hi there, i m trying to do it on my college wifi, although network supports wps but on giving the reaver
command as you said, it reverts me a kind of note "failed to retrieve a MAC address ".
Also i m not able to successfully getting a WPA handshake with the command "aireplay-ng --deauth 1 -
a mon0". Plz can u solve these problems
Reply
Replies
Anonymous June 17, 2014 at 10:48 AM
when i type the command to see all networks as "airodump-ng

mon0", after selecting a particular bssid when i hit command
"airodump-ng -w (name of essid) --bssid (bssid of the network) mon0
-c (number of the channel)" it reverts me same window but at the
right upper corner it always swiches channel from one to another or
some times fixed to particular, it shows like "fixed channel mon0:-1",
plz solve this problem!
So I've done everything without problems but after checking the

terminal Reaver says that there is approximately 207 hours and 36
minutes remaining. Is that normal?
SUDHARSAN VISWA June 18, 2014 at 11:02 AM
i used crunch to create a word list for brute force,but for only numerical word list it tooks 100's of
gb,how can a get word list for less than 10 gb
Reply
thank you
Reply
i google it and i got this

"crunch 8 8 0123456789 | aircrack-ng -a 2 /home/tc/INFINITUMCBA277-02.cap -e INFINITUMCBA277 -
b 58:98:35:CB:A2:77 -w -"
Reply
Replies
SHASHWAT CHAUDHARY June 19, 2014 at 8:30 AM
Looks good enough.

I think it'll work just fine.
Can you tell me how to boot kali linux from CD? Currently i am using in virtual box.
Reply
Replies
Try Live USB instead. http://docs.kali.org/installation/kali-linux-live-

usb-install
ARINDAM MARL-E March 31, 2015 at 6:23 AM
got a power iso..and then use the tool option where u can fing Creat
bootable pendrive.Then select the iso file ...then after the complete,
restart the pc from pendrive..All done..Select the boot method.thats
st
WELL WISHER June 23, 2014 at 1:00 PM
Can any one tell me about how can we change the channel of any network which is appearing on
airodump terminal. As sometimes my mon0 is fixed to channel 1 so may be i can receive a network on
1 which previously coming on channel 6 or 7 whatever
Reply
Replies
ifconfig wlan0 channel 6

ifconfig won0 channel 6
airodump-ng mon0 -c 6
That should be enough.
WELL WISHER June 23, 2014 at 1:06 PM
Please Shashwat, can u provide me a good wordlist, because i have one wordlist which is about 22 MB
of .txt file but i have tried it on a network with fern, finally result came out, 'the list does not contain
the password'. So please give a link of wordlist which u think that would be enough break the pass.
Reply
how to get a SSID of a hidden network
Reply
Replies
Use aireplay-ng to carry out a de-authentication attack on a client.

After that when the client reconnects you'll get the SSID.
thank you shashwat
Reply
Anonymous July 13, 2014 at 2:52 PM
hi, can i ask few question.
first is i try cracking wpa2 pass, i almost finish cracking and at the last step need to use this command
"aircrack-ng -w wordlist.txt --bssid 00:11... wordlist-01.cap"
but it says that my wordlist can't be found. so how i want to check this wordlist or how can i make it.
second is i try to use this command
"wash -i [your interface] [My is wlan0] -c CHANNEL_NUM -C -s"
but it only replay
''[!] Found packet with bad FCS, skipping...''
and never stop. can help me please.

hope to get this info ASAP.
Reply
Replies
SHASHWAT CHAUDHARY July 15, 2014 at 2:16 AM
You have to download the wordlist from the internet.

Try --ignore-fcs, it might solve the bad FCS issue.
HJGJK HJGHJ July 15, 2014 at 4:32 PM
I get the 0x03 and the 0x04 error all the time "WPS transaction failed, re-trying last pin". I had tried
with different networks but is always the same . One of them says "WARNING: Detected AP rate
limiting, waiting 60 seconds before re-checking, but that is all it does. What can I do? :'(
Reply
HJGJK HJGHJ July 15, 2014 at 4:59 PM
I get the 0x03 and the 0x04 error all the same ("WPS transaction failed, re-trying last pin"). I have tried
with different networks, but is always the same. One of them says: "WARNING: Detected AP rate
limiting, waiting 60 seconds before re-checking", but that is all it does. What can I do? :'(
Reply
MATTHEW BARNARD July 28, 2014 at 4:57 PM
Thanks! I dual booted and it solved the problem :D
Reply
SHASHWAT CHAUDHARY July 28, 2014 at 8:00 PM
Glad it worked.
Reply
TOBBYHUSH December 18, 2014 at 11:00 PM
Since I have only 150GB for Kali installation, I use Reaver all the time. Is one of the best tools I used. It
doesn't consume disk space or hardware resources. Is just what everyone who's testing want.
One thing I do and could help someone, is to make Reaver start from a specified number. If you know
the WPS default first numbers and you may think that WPS wasn't changed, you can Google to find
the first 1, 2, 4 numbers... Then, you give all the information to Reaver you would put normaly, and, in
the attribute -P put the first numbers you may know. Execute the command and stop it a few seconds
later by pressing CTRL+C. Don't be scared if you saw that the WPS PIN sent is 4 numbers long. Now,
you should run again the same command but erasing -P this time. Now, program will think that it
checked the previous PINs and will take less time. Or more, if the password is not default... But if you
have no patience, you could try it out. I.e., if you give to the app 4 first numbers, the scan will take only
1:30h with 999 tries.
This is also a way to avoid the manual edit of './usr/local/etc/reaver/*.wpc'.
Sorry for my poor English lvl, I did not sleep and I'm even worse. :c
Reply
Replies
SHASHWAT CHAUDHARY
December 21, 2014 at 7:51 AM
Thank you for sharing this with us. Your English is fine by the way.
MUBASHIR January 23, 2015 at 11:01 AM
hi when we trying 2 or 3 pins in kali linux using reaver its getting error occur just like that ( WARNING:
Detected AP rate limiting, waiting 60 seconds before re-checking)
Reply
SATYARTH PRATEEK February 1, 2015 at 8:36 AM
I keep on getting this -
WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Switching mon0 to channel 11
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Received identity request
[+] Sending identity response
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Nothing done, nothing to save.
[+] 0.00% complete @ 2015-02-01 11:32:53 (0 seconds/pin)
[+] Max time remaining at this rate: (undetermined) (11000 pins left to try)
[+] Trying pin 12345670
Why is it trying the same pin again and again..??
Reply
Replies
MOEIN BAZARGAN February 21, 2015 at 3:12 AM
I have the same problem!
SHASHWAT CHAUDHARY
February 21, 2015 at 11:52 PM
Maybe you're too far from the AP (signal strength?). Maybe you need
a better wireless adapter (are you using laptop's internal card?).
Maybe the AP does not have WPS enabled (does the AP appear in
wash?)
MOEIN BAZARGAN February 22, 2015 at 9:07 AM
Yes it does!
I'm using laptop's internal wireless adapter.
I think I should use an external adapter becuase sometimes ARP
injection (WEP) doesn't work too
SHASHWAT CHAUDHARY
February 24, 2015 at 11:37 PM
Yes you should use external adapter. The internal ones do a good job
in receiving messages from AP but they aren't so good at (and are
not designed to) inject packets into the AP (i.e. they aren't as good in
transmitting packets as they are in recieving them).
48D44572-AD42-11E4-ACF5-6FA66024793B February 5, 2015 at 6:22 AM
Prateek, I wasn't able to do much either until yesterday.

I got a decent wireless card and after that I was able to associate via aireplay-ng -1 and as soon as that
happened I ran reaver. Now I am dealing with the wps lock, but I am taking my time. Patience is a
virtue ;)
Reply
Anonymous March 27, 2015 at 9:29 AM
How can i install wine in 64 bit kali linux?????
Reply
midnightmadness March 29, 2015 at 12:25 AM
every time I try either wash or airodump-ng it comes up saying that it fails to open mon0 for
capturing. Do I need to use a wifi adapter or use alive version of kali linux from USB?
Reply
What if Wps is not active on the router??
Reply
Replies
Anonymous April 8, 2015 at 12:47 PM
Then you cannot hack it. WPS must be enabled in order to attack the
AP via pin attempts.
Try to attack it with a wordlist instead. The author of this article

mentioned it above.
Is there a way to hacking wireless network in which wps disabled?

It was activated before, but now is Off
Reply
I have made a modification in reaver to automatize the process for the pixie dust attack, here is the
github (https://github.com/t6x/reaver-wps-fork-t6x), here is the discussion topic
(https://forums.kali.org/showthread.php?25123-Reaver-modfication-for-Pixie-Dust-Attack)
Reply
Hi, reaver in my pc is slow, 10 second/pin

how do i speed up?
Reply
hello i followed this tut but is it okeey is me terminal keep saying:

[+] 0.00% complete @ 2015-04-30 21:36:28 (0 seconds/pin)
[+] Max time remaining at this rate: (undetermined) (11000 pins left to try)
im running kali on me crappy netbook should i use me dekt5op with Virtual box instead?
thanks for the help
Reply
MUSHTAQ KHAN May 7, 2015 at 9:58 PM
[#] Drone Hijacking With Maldrone — Drone Malware
http://beinghaxor.blogspot.com/2015/05/drone-hijacking-with-maldrone-drone.html
Reply
MUSHTAQ KHAN May 7, 2015 at 9:58 PM
[#] Traffic Lights Hacking
http://beinghaxor.blogspot.com/2015/05/traffic-lights-hacking.html
Reply
Anonymous May 16, 2015 at 6:49 PM
AP rate limiting detected...

any solution to this problem?
Reply
wash -i mon0 -C.

Reaver com comandos -L -E -A -T 2 -d 2 e outros comandos resultam.
Para desbloquear WPS?
Reply
RAM KEERTHANA May 25, 2015 at 10:04 AM
Is there any free online book or pdf for kali linux hacker beginner?
Reply
ANTHON MØLGAARD STEINESS 1K June 2, 2015 at 7:02 AM
Hello, i am facing a lot of errors when i'm usin kali linux, actually i can't do anything because it comes
with errors every time i try cracking wpa og creating Payloads.
When using reaver i ger this error code: 0x04 i am typing in this
reaver -i mon0 -b "BSSID" -d "delayed time" -S -N -vv
where -S should increase cracking speed and -N should stop the nacking
I have tried with -d 5/10/15/20/25/30 and also tried with and without -S i have tried with and without -
N i have tried -c that specifies the channel.
But it keeps saying WPS transaction failed error code: 0x04
Why is that?
And when i try out this specific command

reaver -i mon0 -A -b 00:30:4F:XX:XX:XX - c 6 -d 10 -vv --no-nacks --win7
It comes up with the error [!] WARNING: Receive timeout occurred
Why is that, and how does i fix these reaver problems i am facing?
I have researched on google for 2 days now, and no one has the answer i am looking for.
Also when i use the wash command the RSSI = 0 on all the networks that i can find.
I think this is the main problem for why reaver doesn't work
And just another thing, when i try using the setoolkit, when i have pressed 1 - 10 and try pressing 1 for
social engineering tool it says something about ratte_module not defined. if someone has a link to fix
that, i would be soooo happy :-)
Reply
Replies
ANTHON MØLGAARD STEINESS 1K

June 2, 2015 at 7:08 AM
I think the error code 0x04 occures when recieving M1 Message and
sending out M2. The -N should stop this (i have read), but it doesn't. i
wil copy the outcome in the terminal and post it here later.
I have followed everything but when I start the reaver I am getting "WPS transaction failed (code:
0x03), re-trying last pin" I am using an external wlan.
Reply
Replies
Did you check with wash if WPS is enabled? Maybe they are using
rate limiting measures.
HEMANT KOHLI July 14, 2015 at 11:29 PM
try using reaver with -N or --no-nacks option
DR. AWKWARD June 4, 2015 at 4:13 PM
When I use reaver to attack it stops when it outputs waiting for a beacon. If I don't specify which
channel the network is it will just flip through the channels over and over. Any advice?
Reply
Replies
SHASHWAT CHAUDHARY June 4, 2015 at 6:56 PM
Fix a channel on your wlan0 and mon0 interface. The beacon frame
issue resolved itself in my case (one day it was there, then it was not).
I suspect it might have something to do with signal strength.
Does Reaver still works? or has most companies already patched their WPS so that this method
doesn't work anymore? If it works which external wireless card would work? Thank you.
Reply
i need help with external adapters for my vm for my mac 10.10 do you know any i could get
Reply
please help i cant find a adapter that will work with my computer
Reply
wifite not working man..

after so long waiting of 8 mins it says 0/1 wpa attacks failed...
is there something i can do?
Reply
this error ("detecting ap limit rate") keeps comming after 10 pin test what to do about it any solution
and it dosn't
go for a whole day
Reply
when do we have to use wordlist in the tutorial ??
Reply
Anonymous July 5, 2015 at 7:32 AM
Is it possible to try to find out the password of a wifi network that you're connected to ? Because I am
just trying to test my own connection.Thanks
Reply
Replies
Anonymous August 12, 2015 at 7:07 AM
go into your windows network settings and "Forget This Network"

then proceed with the tutorial
If network-manager is being used in ubuntu you get error "SIOCSIFFLAGS: Name not unique on
network" first stop network-manager.
/etc/init.d/network-manager stop
Reply
Dose it need an internet connection to hack wifi
Reply
Please help me. im using tplink tl-wn722n according to recommended wireless adapter.. But unable to
work with reaver again... What i have to to.. The problm is ap rate limit of 60 sec.. And in pixiewps
unable to crack wps. It just stoped automatically without trying any pin..
Reply
i connected with wifi .How i get wps pin of this wifi.So that i get password al the time easily when
password will change.
Reply
I bet every last one of you geeks has long hair, a heavy metal t-shirt and a complexion that has never
seen the sun. Grep a life!
Reply
oops! I have a problem,when i enter "reaver -i mon0 -b xx:xx:xx:xx:xx -vv" this command writes over
and over and nothing will happen,please help me!
[+] Trying pin 12345670
Reply
Replies
TALHA BALAJ October 18, 2015 at 8:15 PM
same here
Is there anybody here?
Reply
Any ideas on what to do when you get wps pin but wpa psk is '' (empty brackets)?
What other tools or techniques could be used to obtain wpa psk?
Reply
SCOTT August 31, 2015 at 12:52 PM
Once you get pin do you just enter it in place of the password key when logging in ?
Reply
Replies
DUSTIN AGEE October 20, 2015 at 8:02 PM
#headslap
Anonymous October 2, 2015 at 10:16 AM
what to do with wps pin as i know the wps pin of wifi?? how to hack password??
Reply
XSUKAX October 16, 2015 at 5:12 AM
Just Try This Bash Script ;)
https://www.youtube.com/watch?v=IxHR-_p5JrY
Reply
TALHA BALAJ October 18, 2015 at 8:13 PM
i just wanna know this way will work on the LIVE BOOTED KALI LINUX 1.1 OR 2.0 . I have both
Reply
Enter your comment...
Comment as: Alif Akbar Arifin (Google) Sign out

Publish Preview Notify me

Kali Linux Hacking Tutorials Hack WPA WPA2 WPS Reaver Kali Linux PDF

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Kali Linux Hacking Tutorials Hack WPA WPA2 WPS Reaver Kali Linux PDF

Diunggah oleh

Hak Cipta:

Format Tersedia

10/28/2015 Kali Linux Hacking Tutorials: Hack WPA/WPA2 WPS ­ Reaver ­ Kali Linux

 GENERAL  WIRELESS  PENETESTING  WEB HACKING  KALI LINUX  STARTERS GUIDE

Hack WPA/WPA2 WPS - Reaver - Kali Linux Kali Tutorials

Here's what wikipedia says about WPS-

Wifi Hacking - WEP - Kali

Wifite : Hacking Wifi The

Information Gathering Denial Of Service Attacks :

Hacking Website with

1st year CSE @ IIIT Delhi

None of them has WPS enabled, just saying.

In most cases, such errors suggest-

1. Something wrong with wireless card.

1. Sometimes, killing naughty processes helps. (see pictures below)

processes causing problems

Kill 'em all

Share ! Suka 168 Tweet 11 11

Anonymous April 21, 2014 at 8:38 AM

ALEX RODRIGUES August 12, 2015 at 8:49 PM

Friends , I'm from Brazil , very pleased . Would have a solution to

ALEX RODRIGUES August 12, 2015 at 8:51 PM

Thanks for listening

Anonymous May 7, 2014 at 2:58 PM

has anybody else used fern?

SHASHWAT CHAUDHARY May 8, 2014 at 12:57 AM

SHUBHAM TOMAR May 16, 2015 at 8:40 PM

Anonymous May 14, 2014 at 1:58 AM

To rid the FSC issue:

SHASHWAT CHAUDHARY May 15, 2014 at 12:54 AM

Thanks, I'll update the post.

ok .but how to hack WPA/WPA2 with psk ??

Anonymous May 20, 2014 at 9:41 AM

Anonymous June 16, 2014 at 1:25 PM

Anonymous June 17, 2014 at 10:48 AM

when i type the command to see all networks as "airodump-ng

Anonymous June 17, 2014 at 4:47 PM

So I've done everything without problems but after checking the

SUDHARSAN VISWA June 18, 2014 at 11:02 AM

SUDHARSAN VISWA June 19, 2014 at 7:17 AM

SUDHARSAN VISWA June 19, 2014 at 7:26 AM

i google it and i got this

SHASHWAT CHAUDHARY June 19, 2014 at 8:30 AM

Looks good enough.

Anonymous June 23, 2014 at 1:23 AM

SHASHWAT CHAUDHARY June 23, 2014 at 3:04 AM

Try Live USB instead. http://docs.kali.org/installation/kali-linux-live-

ARINDAM MARL-E March 31, 2015 at 6:23 AM

WELL WISHER June 23, 2014 at 1:00 PM

SHASHWAT CHAUDHARY June 24, 2014 at 2:54 AM

ifconfig wlan0 channel 6

WELL WISHER June 23, 2014 at 1:06 PM

SUDHARSAN VISWA June 28, 2014 at 12:17 AM

how to get a SSID of a hidden network

SHASHWAT CHAUDHARY June 28, 2014 at 4:57 AM

Use aireplay-ng to carry out a de-authentication attack on a client.

SUDHARSAN VISWA June 28, 2014 at 9:18 AM

thank you shashwat

Anonymous July 13, 2014 at 2:52 PM

hi, can i ask few question.

"aircrack-ng -w wordlist.txt --bssid 00:11... wordlist-01.cap"

second is i try to use this command

"wash -i [your interface] [My is wlan0] -c CHANNEL_NUM -C -s"

but it only replay

''[!] Found packet with bad FCS, skipping...''

10/28/2015 Kali Linux Hacking Tutorials: Hack WPA/WPA2 WPS Reaver Kali Linux