[SOLVED] Resuming reaver from specific pin and onwards
ok, i have figured out this issue of having reaver start from a certain pin in case system restarted or you lost the session file. please consider the steps below.
First plz let me explain a litle of how session file works so you can do it easily.
Reaver attacks on WPS supported routers and WPS pin consist of 8 digits.
This key is divided in 2 parts, 1 part consisting of 4 digits and other part of 3 digits, last digit is some random index number i think.
Anyway, This makes upto 11,000 key combinations which reaver brute forces one by one.
First reaver will break firt part (10,000 combinations) and then 2nd part (1000 combinations)
You can observe it while reaver is attacking,
56871103 (seperated as 5687-110-3)
56881105 (seperated as 5688-110-5)
56891102 (seperated as 5689-110-2)
------- assuming first part is broken which is 5689, now -----------
56891112 (seperated as 5689-111-2)
56891125 (seperated as 5689-112-5)
56891139 (seperated as 5689-113-9)
56891143 (seperated as 5689-114-3)
OK, NOW THE SESSION FILE AND PIN PART
Now, in case you had lost the session file, lets first look how session file is working.
session file is saved in folder /usr/local/etc/reaver as <bssid>.wpc
suppose the bssid we are working on was 8C:0C:A3:2B:19:D7
this session file will be saved in folder as folder /usr/local/etc/reaver as 8C0CA32B19D7.wpc
This session file consists of 11,000 keys in 2 parts
1. 4 Digits (until 9998, one on each line)
2. 3 Digits (until 998, one on each line)
To know the bssid, you can check it through airodump-ng
Remeber we have lost the session file, so first we will create the session file using another bssid.
1. start reaver attack using any random bssid and after 1 or two pin attempts, prezz Ctrl+Z to stop the process.
2. Now goto /usr/local/etc/reaver folder and there you will see the .wpc file with that random bssid you just attacked on.
3. Provided that you have noted the target bssid for which you had lost the session file, change the name of this wpc file to that bssid, e-g from 8C0CA32B19D7.wpc to 001122334455.wpc (assuming that my target bssid id I was working on before was 00:11:22:33:44:55)
4. Now open this wpc file in any text edtitor and you will see the keys written as i told above, but
5. In first line is the pin which reaver was cracking, let say you remembered it or you knew the average percentage reaver was completed. Let say 49%.
6. Now from that we can assume that there are 10,000 combinations first, and it was done 49% so ping might be somewhere around 4900.
7. Just change that pin in first line to 4900 or any closest according to the analysis.
8. 2nd and 3rd lines are saying 0 and 0 and rest are combinations.
9. Save the file.
10. start reaver with that exact target bssid which you were working on before.
11. Voila, say thanks to me in your heart because i can see that smile of winning on your face :P