Thread: [request] reaver for n900 - wps pin brute force hack
View Single Post
meShell's Avatar
meShell is offline meShell
2011-12-31 , 20:03
Posts: 60 | Thanked: 104 times | Joined on Dec 2009
#6
Setup n900 and run compiled reaver binary


You need to be root for most actions, installations and running the applications airmon-ng and reaver.


You need to install this package on your n900:

Libpcap0.8 0.9.8-5+0m5

http://maemo.org/packages/package_in...8/0.9.8-5+0m5/

Direct Download:

http://repository.maemo.org/pool/mae...+0m5_armel.deb


on n900 shell (as root):

Code:
sudo gainroot

wget http://repository.maemo.org/pool/maemo5.0/free/libp/libpcap/libpcap0.8_0.9.8-5+0m5_armel.deb

dpkg -i libpcap0.8_0.9.8-5+0m5_armel.deb

Then transfer Reaver-Binaries and database to your n900, copy reaver to the right location and do a testrun:

/opt/reaver/etc/reaver.db
/opt/reaver/bin/reaver
/opt/reaver/bin/walsh

symlinc to:
/usr/local/bin
/usr/local/etc/reaver

Setup:

Code:
mkdir -p /usr/local/etc/reaver
mkdir /opt/reaver
mkdir /opt/reaver/bin
mkdir /opt/reaver/etc

# copy the files as mentioned above !

ln -s /opt/reaver/etc/reaver.db /usr/local/etc/reaver/reaver.db
ln -s /opt/reaver/bin/reaver /usr/bin/reaver
ln -s /opt/reaver/bin/walsh /usr/bin/walsh

chmod -R a+rw /opt/reaver/etc/reaver.db
chmod +x /usr/local/bin/reaver
chmod +x /usr/local/bin/walsh

OPTIONAL - change MAC so xou can easily identify your actions in your AccessPoints Logs

Code:
ifconfig wlan0 down
macchanger wlan0 --mac=00:11:22:33:44:55
ifconfig wlan0 up


reaver -i mon0 -b 00:01:02:03:04:05 -vv


From the README-file:

Code:
USAGE

	Usually, the only required arguments to Reaver are the interface name and the BSSID of the target AP:

		# reaver -i mon0 -b 00:01:02:03:04:05

	The channel and SSID (provided that the SSID is not cloaked) of the target AP will be automatically 
	identified by Reaver, unless explicitly specified on the command line:

		# reaver -i mon0 -b 00:01:02:03:04:05 -c 11 -e linksys


Bleeding-edge wl1251 driver for Maemo Fremantle

Monitor mode on all channels: yes

http://david.gnedt.eu/blog/wl1251/

README:
http://david.gnedt.eu/wl1251/README



Aircrack-ng

Install Aircrack-ng on your n900.

Run airmon-ng to create a monitoring interface:

If you want to cahneg your MAC-Address you need to change it BEFORE creating the mon0 interface!

Code:
ifconfig wlan0 down
macchanger wlan0 --mac=00:11:22:33:44:55
ifconfig wlan0 up


airmon-ng start wlan0

ifconfig

Now you should have an entry with "mon0".


Airodump-ng

To verify if it is working as expected run:

Code:
airodump-ng mon0
It should go through wifi channels and after some time display a list of BSSIDs.

Stop it by pressing ctrl + c.

Now you can run reaver (change example mac with bssid from you AP):

Code:
reaver -i mon0 -b 00:01:02:03:04:05 -vv



It should look like this:




OPTIONAL - Set WLAN0 to Monitoring-Mode

Code:
ifconfig wlan0 down

iwconfig wlan0 mode Monitor

ifconfig wlan0 up

iwconfig

there you should see

wlan0 IEEE 802.11bg Mode:Monitor
Last edited by meShell; 2012-01-10 at 10:50.
 

The Following 10 Users Say Thank You to meShell For This Useful Post: