The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,427 other followers

Reaver 1.4 (and wash) on Mac OS X 10.9 Mavericks

Posted by jpluimers on 2014/04/19

Reaver-WPS is an excellent tool to test the security of your WPA/WPA2 secured network against the WPS vulnerability.

Getting Reaver 1.4 (which contains wash to scan WiFi networks) to compile out of the box on OS X Mavericks (which is 10.9; why can’t they keep a successive version number in the product name?) didn’t work.

So I downloaded the adapted source pack from one of the comments in Issue 245 – reaver-wps – Support for Mac OS X? – Brute force attack against Wifi Protected Setup – Google Project Hosting (as the diff still not has been applied to the codebase)..

wash will detect most, but not all networks. I’ve net yet tried WireShark, wpscan and wspy yet (they re supposed to get all of them).

To speed up the checking process I tried on install aircrack-ng to associate a Mac with the target network. Compiling aircrack-ng on a Mac from source didn’t work at all. But after installing MacPorts, I could get the MacPorts version of aircrack-ng to work. The bad news: I could not get aircrack-ng to associate to the network.

So these were the commands I used:    

First to list the WiFi networks on en0 (the WiFi network adapter using either default or scan options):

sudo wash -i en0
sudo wash --s -i en0

It will give you a list of WiFi networks with this information for each network:

BSSID                  Channel       RSSI       WPS Version       WPS Locked        ESSID
---------------------------------------------------------------------------------------------------------------

The BSSID is the Mac address of the WiFi access point which – together with the ESSSID – you use with reaver like this:

sudo reaver -i en0 -b 84:1B:5E:39:B9:F8 -e "YourWiFiESSID" -v

The double quotes are only needed if the ESSID contains spaces.

Reaver 1.4 only needs -v; Reaver 1.3 sometimes needs -vv to generate more output.

Note that if you forget to execute reaver with sudo, you get an error message like “Failed to compile packet filter”.

–jeroen (who forgot to hit the “Publish” button on 20140419T2145)

via: A day with Tape: Cracking WPA using the WPS vulnerability with reaver v1.3.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

 
%d bloggers like this: