Reaver v1.4 – WPS Brute force attack against Wifi
Posted by deepquest on June 9, 2012 – 1:37 am
The WiFi Protected Setup protocol is vulnerable to a brute force attack that allows an attacker to recover an access point’s WPS pin, and subsequently the WPA/WPA2 passphrase, in just a matter of hours.
Usage is simple; just specify the target BSSID and the monitor mode interface to use:
# reaver -i mon0 -b 00:01:02:03:04:05
For those interested, there is also a commercial version available with more features and speed improvements. On average Reaver will recover the target AP’s plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase.
Post a reply
You must be logged in to post a comment.