Required tools:
- Kali as VM or you can make a bootable USB of KALI - If you prefer the former, you would need to invest in a wireless network card with an Atheros chipset. I personally use Alpha AWUS036NHA but I’ve heard TP-LINK TL – WN722N VERSION 1 (only) works fine too.
- A WPS enabled router
Procedure:
Step 1: Enable Monitor mode on your network Card
There are two ways to do this:
Method 1:-
iwconfig,
ifconfig (interface) down,
iwconfig (interface) mode monitor
ifconfig {interface) up
Method 2:-
Use Airmon-ng
Airmon-ng start [Interface] // To start monitor mode
Note: Interface name changes from wlan0 to wlan0m
on which we you need to use in further steps.
Note: Interface name changes from wlan0 to wlan0m
on which we you need to use in further steps.
Airmon-ng stop [interface] //
To stop monitor mode
Step 2:Use a tool called WASH to look for WPS
enabled routers
Once you are in monitor mode. We will use
a tool called wash
to look for WPS enabled
routers near us. Here is the command: wash I {interf
ace}. Note: This is the interface which is in monitor
mode. If you used method 1, the name wouldn’t
change but if you used method 2 (airmon-ng) the
name of the interface would change for example:
wlan0 to wlan0mon
So now we see a list of nearby routers which
WPS enabled on the routers.
WPS enabled on the routers.
Step3: Attack the router using a tool
called REAVER
Now we attack this router using a tool called reaver
which uses the brute force method to guess the WPS
PIN. We carefully select one of the routers. In my
case I used the first one. Note down the BSSID,
channel number of that particular router because
that would be utilized in the reaver command.
So here is the command.
which uses the brute force method to guess the WPS
PIN. We carefully select one of the routers. In my
case I used the first one. Note down the BSSID,
channel number of that particular router because
that would be utilized in the reaver command.
So here is the command.
reaver -- bssid [BSSID of the particular
router]channel [ Channel that router is working on] i
[your wireless interface in monitor mode] --
vv [double verbosity to display non important
output] As you can see in the screenshot above that
the tool now starts trying different pins till it guesses
the right pin.
router]channel [ Channel that router is working on] i
[your wireless interface in monitor mode] --
vv [double verbosity to display non important
output] As you can see in the screenshot above that
the tool now starts trying different pins till it guesses
the right pin.
If you have any questions related to this do not hesitate to email me at theashish2015@gmail.com .
No comments:
Post a Comment