Aircrack-ng forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

Aircrack-ng 1.7 release

Sorry Guest, you are banned from posting and sending personal messages on this forum.
This ban is not set to expire.
Pages: 1 [2] 3 4 5   Go Down

Author Topic: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash  (Read 123165 times)

Atmadja

  • Guest
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #15 on: March 02, 2015, 10:35:28 am »

I've resolved the problem by deleting the wpc file and create a new one with "1190" at the first line.
I think the problem was that the wpc file was corrupted during the memory problem.

Hope it will help someone in my case  :)
Logged

musket33

  • Full Member
  • ***
  • Offline Offline
  • Posts: 148
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #16 on: March 06, 2015, 01:14:13 pm »

Sorry for not answering but we only just saw your comments. In truth we woud have been of little help as we have never seen this problem before. We found your rewrite of the wpc file interesting.

MTeams
Logged

musket33

  • Full Member
  • ***
  • Offline Offline
  • Posts: 148
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #17 on: March 06, 2015, 01:27:15 pm »

To Pedropt,

     Reference setting a specific mac address - as you have noted that this problem can exist, we are looking into adding this ability into the script. We will advise here when completed.
 
MTeams
Logged

musket33

  • Full Member
  • ***
  • Offline Offline
  • Posts: 148
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #18 on: April 04, 2015, 01:07:46 pm »

As working pixie-dust programs are becoming available MTeams suggest referencing the pixie dust threads in kali-linux forums. As VMR-MDK009x2 can force some routers to respond to reaver,  running a pixie-dust attack in the background could obtain the WPS pin in less hen three minutes. This pin could then be loaded into the VMR-MDK009x2 script this reducing cracking time considerably.

 
Logged

pedropt

  • Jr. Member
  • **
  • Offline Offline
  • Posts: 73
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #19 on: April 04, 2015, 02:28:23 pm »

your script is good in the attack mode  one AP i was trying to crack manually  , but i couldn`t because that specific AP needed to be restarted , i used your script , i could not get the wps but your script was able to freeze the AP , i know that because i did not saw the AP online after 1 hour of banging it with mdk .
Logged

musket33

  • Full Member
  • ***
  • Offline Offline
  • Posts: 148
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #20 on: April 07, 2015, 10:38:11 am »

To pedropt

    VMR-MDK009x2 is designed to be used against routers that show a locked state but give up some pins and then when hit with mdk3 allow another round of pin harvesting.

    We are currently rewriting to allow the assignment of a specfic mac address and include pixiedust into the routines.


    You might also look at ReVdK3r2.sh. See kali-linux forums for the download. There may be a latter version. As we are not the authors we are unsure of the latest version.


MTeams
Logged

musket33

  • Full Member
  • ***
  • Offline Offline
  • Posts: 148
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #21 on: April 29, 2015, 02:15:28 am »

  Musket Teams have voted to released their Pixie Dust Data Sequence Analyzer PDDSA-01.sh for general use. This script was originally written to work with VMR-MDK009x2.sh, a WPS locked intrusion script. But it can work with any text file output from modded reaver programs showing both PKE and PKR.

  PDDSA-01.sh simply reads any data output in text format from a modded reaver program, looks for valid Pixie Dust Sequences and extracts the pin using pixiewps. No cut and paste. You can check all the sequences in the file or just one. After the first valid sequence is found the program can cycle thru all the other sequences as required.

  If you are not using VMR-MDK009x2 then simply use the command line:

    reaver -i mon0 -a -f -c 1 -b 55:44:33:22:11:00 -vv | tee /root/VARMAC_LOGS/targetAP         

  The reaver command line side can be altered as required however the -vv must remain or
 data will not be written.

  There is a help file in the download.

PDDSA-01.sh and PDDSA-02.sh are withdrawn

PDDSA-05.sh which supports brute forcing a wps pin when using pixiewps1.1 by wiire is available at
http://www.datafilehost.com/d/8986ce13


MTEAMS
« Last Edit: May 10, 2015, 10:00:08 am by musket33 »
Logged

musket33

  • Full Member
  • ***
  • Offline Offline
  • Posts: 148
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #22 on: April 29, 2015, 11:59:28 pm »

To pedropt

   MTeams has been sidetracked with Pixie Dust however we are again turning our attention to the mac address matter you have raised. And are looking for some input from you.

   When VMR-MDK009x2.sh runs it sets up three(3) monitors  mon0, mon1 and mon2 for use by mdk3. Would you prefer:

Currently all three(3) are assigned random mac addresses

We can allow other choices;

1.  mon0 has the abiliy to have a mac address assigned while mon1 and mon2 are random
2.  mon0 mon1 and mon2 are assigned a single mac address by the user
3.  mon0 mon1 mon2 are assigned individual mac addresess by the user.


Keep in mind that mon1 and mon2 are only used by mdk3 during the DEAUTH process. While mon0 is used by wash, reaver and mdk3.

MTeams
   
Logged

musket33

  • Full Member
  • ***
  • Offline Offline
  • Posts: 148
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #23 on: May 10, 2015, 09:53:20 am »

  Musket Teams have released their lab version of Pixie Dust Data Sequence Analyzer PDDSA-06.sh for general use. This script requires the installation of pixiedust1.1 by wiire and has been updated to allow for the more advanced features of version 1.1 such as brute forcing the WPS Pin

   Script supports the latest pixiedust modded reaver program from from t6_x and datahead and soxrok2212 as of 11 May 15. Older modded reaver programs are not supported. See kali-linux forums for latest.


You can download at

http://www.datafilehost.com/d/a30c5b3d

or the attachment below.

MTeams
« Last Edit: May 11, 2015, 11:42:30 am by musket33 »
Logged

musket33

  • Full Member
  • ***
  • Offline Offline
  • Posts: 148
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #24 on: May 13, 2015, 12:24:28 am »

To Pedropt:

     We have duplicated your findings respect to mac address spoofing and the collection of WPS Pins with reaver. Well done and thank you!!!

     For WPS Locked routers that are susceptible to VMR-MDK009x2.sh - pin harvesting immediately commenced when we spoofed the mac adddress of a connected client.

      We will send you a beta version called VMR-MDK009x5.sh to you if you wish. Write us thru kali-linux. See mmusket33.

       However if you have updated to the newer airmon-ng do not bother. Due to limits imposed by the newer version the program will not function. It may be a while before we load the newer version of aircrack-ng onto another computer and find a way around the newer version of airmon-ngs' limitations.

MTeams
« Last Edit: May 13, 2015, 12:27:54 am by musket33 »
Logged

silense

  • Guest
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #25 on: June 15, 2015, 01:12:17 am »

try -p 1357@@@@
Logged

musket33

  • Full Member
  • ***
  • Offline Offline
  • Posts: 148
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #26 on: August 01, 2015, 03:42:50 am »

To pedropt

    Our latest VMR-MDK script has been released. Included are your suggestions concerning MAC addresses. See beginning of this thread for download address and thanks again for your input.

MTeams
Logged

Matt

  • Guest
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #27 on: August 24, 2015, 09:15:43 am »

I followed the instructions in the help files, but make doesnt seem to build anything says the program doesnt exist. Am I doing something wrong here?
Quote
oot@acorn:~# cd /root/mdk3-v6/
root@acorn:~/mdk3-v6# make
make -C osdep
make[1]: Entering directory '/root/mdk3-v6/osdep'
Building for Linux
make[2]: Entering directory '/root/mdk3-v6/osdep'
make[2]: '.os.Linux' is up to date.
make[2]: Leaving directory '/root/mdk3-v6/osdep'
make[1]: Leaving directory '/root/mdk3-v6/osdep'
root@acorn:~/mdk3-v6# make install
make -C osdep install
make[1]: Entering directory '/root/mdk3-v6/osdep'
Building for Linux
make[2]: Entering directory '/root/mdk3-v6/osdep'
make[2]: '.os.Linux' is up to date.
make[2]: Leaving directory '/root/mdk3-v6/osdep'
make[1]: Leaving directory '/root/mdk3-v6/osdep'
install -D -m 0755 mdk3 //usr/local/sbin/mdk3
root@acorn:~/mdk3-v6# chmod 755 /root/mdk3-v6/*
root@acorn:~/mdk3-v6# /root/mdk3-v6/mdk3
bash: /root/mdk3-v6/mdk3: No such file or directory
root@acorn:~/mdk3-v6# mdk3
bash: /usr/local/sbin/mdk3: No such file or directory

And yes there is a file within /user/local/sbin/mdk5 as well
Logged

misterx

  • Aircrack-ng Author
  • Administrator
  • Hero Member
  • *****
  • Offline Offline
  • Posts: 1955
  • Aircrack-ng Author
    • Aircrack-ng
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #28 on: August 24, 2015, 06:08:07 pm »

Have you tried just typing mdk3 as root (and not the full path)?
Logged

SilentMatt

  • Newbie
  • *
  • Offline Offline
  • Posts: 1
Re: Cracking WPS Locked Routers using aireplay-ng,mdk3,reaver and wash
« Reply #29 on: August 24, 2015, 10:27:20 pm »

Have you tried just typing mdk3 as root (and not the full path)?
Yes, I've tried every which way to launch it. I've tried to do this via kali 1.1.0a and 2.0.   Kali 1.1.0a was a fresh install too.

Quote
root@acorn:~# mdk3
bash: /usr/local/sbin/mdk3: No such file or directory
root@acorn:~# cd /usr/local/sbin/
root@acorn:/usr/local/sbin# ls -la
total 376
drwxrwsr-x  2 root staff   4096 Aug 24 05:08 .
drwxrwsr-x 10 root staff   4096 Aug 12 01:18 ..
-rwxr-xr-x  1 root staff 374518 Aug 24 05:08 mdk3
Logged
Pages: 1 [2] 3 4 5   Go Up