Comments (34)
I can confirm. I just created a duplicate of this issue without seeing this one.
Original comment by [email protected]
on 30 Dec 2011 at 4:11
from reaver-wps.
Some netgears will lock WPS registrar attempts after X failed attempts (seems
to vary). This locked state is reported in the AP's beacon packets as part of
the WPS information element. If reaver sees that the AP is reporting that it
has locked itself, it will give you this warning and wait 315 seconds before
re-trying.
You can reduce the sleep period using --lock-delay or disable it altogether
with --ignore-locks.
Original comment by [email protected]
on 30 Dec 2011 at 4:16
from reaver-wps.
The problem is though that Reaver isn't detecting when the router has removed
the rate limiting. This is evident in the fact that it works fine if you
restart the attack.
Original comment by [email protected]
on 30 Dec 2011 at 4:33
from reaver-wps.
Understood. :) Until a fix is out though, you should be able to use those
options to work around the issue.
Original comment by [email protected]
on 30 Dec 2011 at 4:43
from reaver-wps.
Sorry, I thought you didn't understand. :P
Original comment by [email protected]
on 30 Dec 2011 at 4:46
from reaver-wps.
Using "--ignore-locks" gives me:
[+] 0.27% complete @ 3 seconds/attempt
[+] Trying pin 97905882
[!] WARNING: Receive timeout occurred
[+] Trying pin 97905882
......
[!] WARNING: Receive timeout occurred
[+] 0.27% complete @ 4 seconds/attempt
[+] Trying pin 97905882
[!] WARNING: Receive timeout occurred
[!] WARNING: 10 failed connections in a row
This means the router in fact locks WPS registrar attempts for some time but by
extending the sleep period to 601 secods with "--lock-delay 601" I get that:
...
[+] 0.24% complete @ 2 seconds/attempt
[+] Trying pin 10062999
[+] Trying pin 59722991
[+] Trying pin 46372994
[+] Trying pin 36452996
[!] WARNING: Detected AP rate limiting, waiting 601 seconds before re-trying
[!] WARNING: Detected AP rate limiting, waiting 601 seconds before re-trying
600 seconds should be more that enough time to wait, shouldn't it ?
I am still able to just restart the attack successfully (sometimes I have to
wait like one minute until it works again).
Original comment by [email protected]
on 30 Dec 2011 at 4:54
from reaver-wps.
I don't think that extending the sleep period right now will help since reaver
isn't seeing the switch back to an unlocked state.
Original comment by [email protected]
on 30 Dec 2011 at 5:00
from reaver-wps.
I just wanted to say that if reaver was able to see the switch back 600 seconds
should be enough; now it is clear what exactly the problem is, I suppose :)
Original comment by [email protected]
on 30 Dec 2011 at 5:05
from reaver-wps.
Same issue here... i wonder what 's the meaning of this attack if the target
router is locking you out.. after 4-5 tries i have the same issue.. :(((
Original comment by [email protected]
on 31 Dec 2011 at 9:59
from reaver-wps.
Same thing here, also with a Netgear router. Reaver stops at 0.25% and waits
infinitely.
Ubuntu 10.04 64-bit iwlagn driver.
Original comment by [email protected]
on 31 Dec 2011 at 10:45
from reaver-wps.
i forgot to say i use backtrack 5 gnome 32
Original comment by [email protected]
on 31 Dec 2011 at 1:30
from reaver-wps.
Netgears are known to implement lockouts. Some only lock you out for 5 minutes,
some may lock you out longer, or even indefinitely. I'll try and track down the
issue with Reaver not detecting a unlocked AP when I get back from holiday.
Original comment by [email protected]
on 31 Dec 2011 at 1:33
from reaver-wps.
I had the same problem, it would lock me out for 5 minutes but it never would
resume after the 315 second interval. I used the -L flag so it disables the
lock delay as suggested above and now it works great. Granted it will keep
trying the same key with the WARNING: Receive timeout occurred, but will
continue when the router lifts the 5 minute ban. This is probably a good way to
get perma banned on some routers, but it seems to be a working solution for
this one.
Original comment by [email protected]
on 1 Jan 2012 at 6:13
from reaver-wps.
This workaround actually worked for me after waiting long enough, too. Looks
like I canceled the attack too soon the first time I tested that.
Original comment by [email protected]
on 1 Jan 2012 at 8:45
from reaver-wps.
Bug reproduced, work in progress.
Original comment by [email protected]
on 3 Jan 2012 at 4:53
- Changed state: Started
from reaver-wps.
Bug was that old packets were being buffered during the sleep and then
processed after waking up. Thus, old packets (marked as locked) were
interpreted as new packets. Should be fixed now.
Original comment by [email protected]
on 3 Jan 2012 at 6:40
from reaver-wps.
Fixed, thank you!
It probably doesn't belong here but after the timeout it looks like the
speed-calculation is incorrect as I am still attacking at the same speed.
[+] 0.22% complete @ 2012-01-03 20:19:30 (3 seconds/attempt)
[+] 0.26% complete @ 2012-01-03 20:19:45 (3 seconds/attempt)
[!] WARNING: Detected AP rate limiting, waiting 315 seconds before re-trying
[+] 0.31% complete @ 2012-01-03 20:25:15 (12 seconds/attempt)
[+] 0.35% complete @ 2012-01-03 20:25:29 (11 seconds/attempt)
[+] 0.40% complete @ 2012-01-03 20:25:44 (10 seconds/attempt)
Original comment by [email protected]
on 3 Jan 2012 at 7:31
from reaver-wps.
Awesome, glad that fixed it.
The seconds/attempt is an average based on the entire time that Reaver has been
running. So since you had to sleep for 5 minutes due to the lockout, your
average seconds/attempt obviously went up too.
Original comment by [email protected]
on 3 Jan 2012 at 7:40
- Changed state: Fixed
from reaver-wps.
Excellent work, thanks cheff for the quick fix.
Original comment by [email protected]
on 4 Jan 2012 at 11:29
from reaver-wps.
[deleted comment]
from reaver-wps.
I believe I have the same issue as test_ran. It will constantly tell me
Detected AP rate limiting until I cancel it and reload. Then it goes smoothly
for about 10 minutes then back again.
Router: Netgear WNDR3400
[+] 7.11% complete @ 2012-01-10 19:31:43 (3 seconds/attempt)
[!] WARNING: Detected AP rate limiting, waiting 315 seconds before re-trying
[!] WARNING: Detected AP rate limiting, waiting 315 seconds before re-trying
[!] WARNING: Detected AP rate limiting, waiting 315 seconds before re-trying
[!] WARNING: Detected AP rate limiting, waiting 315 seconds before re-trying
[!] WARNING: Detected AP rate limiting, waiting 315 seconds before re-trying
[!] WARNING: Detected AP rate limiting, waiting 315 seconds before re-trying
^C
[+] Session saved.
root@bt:~# reaver -i mon0 -b **:**:**:**:**:** -vv -c 1
Reaver v1.3 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner
<[email protected]>
[+] Switching mon0 to channel 1
[?] Restore previous session? [n/Y] y
[+] Restored previous session
[+] Waiting for beacon from **:**:**:**:**:**
[+] Switching mon0 to channel 1
[+] Associated with **:**:**:**:**:** (ESSID: *****)
[+] Trying pin 47071520
[+] Trying pin 42821526
[+] Trying pin 78151529
Please help.
Original comment by [email protected]
on 11 Jan 2012 at 12:53
from reaver-wps.
Use the latest code from subversion.
Original comment by [email protected]
on 11 Jan 2012 at 12:59
from reaver-wps.
Lets say I don't exactly know my way around linux.... Sorry.
Original comment by [email protected]
on 11 Jan 2012 at 1:03
from reaver-wps.
Ah, ok, no worries. :)
You'll need to install subversion on your Linux machine if it is not already
installed. You should be able to do this with your distro's package manager
pretty easily ('apt-get install subversion' on debian/ubuntu for example).
Then you can check out the latest subversion code with:
$ svn checkout http://reaver-wps.googlecode.com/svn/trunk/ reaver-latest
There is more info available here:
http://code.google.com/p/reaver-wps/source/checkout
Original comment by [email protected]
on 11 Jan 2012 at 1:09
from reaver-wps.
Thanks! Apparently I already have subversion. I viewed the first link and
wasn't sure what to do there so I downloaded reaver.db. Then visited the second
link and ran the command in Terminal. Is there anything else I need to do? I
really appreciate the hand holding. I will learn this if it kills me!
Original comment by [email protected]
on 11 Jan 2012 at 1:18
from reaver-wps.
If you ran the 'svn checkout' command, it should have created a directory for
you. That directory should be named whatever the last argument was to the svn
checkout command (reaver-latest, reaver-wps-read-only, whatever it is that you
called it).
Inside that directory you should have the src and docs directories. The src
directory contains all of the latest code, so just cd to the src directory and
build it:
$ ./configure
$ make
$ sudo make install
If you don't already have them, you will need to install the libsqlite3-dev and
libpcap-dev packages first (if ./configure command above complains about these
missing libraries, then you don't have them on your system):
$ sudo apt-get install libsqlie3-dev libpcap-dev
Original comment by [email protected]
on 11 Jan 2012 at 1:24
from reaver-wps.
Okay, I did all that and it went fine. Then I get this on the last command:
(sudo make install)
# sudo make install
if [ ! -d /usr/local/etc/reaver ]; then mkdir /usr/local/etc/reaver; fi
cp reaver.db /usr/local/etc/reaver/reaver.db
chmod -R a+rw /usr/local/etc/reaver
if [ -e walsh ]; then cp walsh /usr/local/bin/walsh; fi
if [ -e reaver ]; then cp reaver /usr/local/bin/reaver; fi
cp: cannot create regular file `/usr/local/bin/reaver': Text file busy
make: *** [install] Error 1
Original comment by [email protected]
on 11 Jan 2012 at 1:38
from reaver-wps.
I figured that issue out. I needed to stop reaver first.... So I ran it again
after I stopped it and I get this:
# sudo make install
if [ ! -d /usr/local/etc/reaver ]; then mkdir /usr/local/etc/reaver; fi
cp reaver.db /usr/local/etc/reaver/reaver.db
chmod -R a+rw /usr/local/etc/reaver
if [ -e walsh ]; then cp walsh /usr/local/bin/walsh; fi
if [ -e reaver ]; then cp reaver /usr/local/bin/reaver; fi
Original comment by [email protected]
on 11 Jan 2012 at 1:45
from reaver-wps.
Should be installed and ready to go!
Original comment by [email protected]
on 11 Jan 2012 at 1:47
from reaver-wps.
Awesome! Thank so so much for your patience. This is the new output. Is this
normal?
[+] Trying pin 46375674
[+] Sending EAPOL START request
[+] Sending identity response
[+] Sending M2 message
[+] Sending M4 message
[+] Sending WSC NACK
[+] Trying pin 62135672
Original comment by [email protected]
on 11 Jan 2012 at 1:50
from reaver-wps.
Yes, the latest code prints out more detailed information about which WPS
packets it is sending. It looks like the attack is going along fine. :)
Original comment by [email protected]
on 11 Jan 2012 at 1:55
from reaver-wps.
You are my hero. Thanks again!
Original comment by [email protected]
on 11 Jan 2012 at 1:56
from reaver-wps.
How do you update reaver in backtrack5? is the a command to do it easy?
Original comment by [email protected]
on 13 Jan 2012 at 11:43
from reaver-wps.
Cheff,
i follow you what you say and complete installed, but still no go, keeping try
on same number. i try about 3 hr, just complete 0.17%
Original comment by [email protected]
on 20 Oct 2012 at 3:11
from reaver-wps.
Related Issues (20)
- is my interface blocked? "Warning: received timeout occurred" HOT 2
- AP Rate Limiting - Reaver HOT 2
- Enter one-line summary HOT 2
- Reaver strange problem
- Reaver won't associate or eapol error
- Reaver doesn't work. HOT 1
- latest reaver 1.4-2 confirmed bug HOT 1
- WPS transaction failed (code: 0x02) Please Help! HOT 1
- any advice? HOT 2
- reaver vodafone station revolution
- reaver starts at 90% with any pin HOT 1
- Integration with Cloudcracker
- "make" issues. ubuntu 15.04 amd 64 with (apt-get dist-upgrade) HOT 1
- how to get wps pin if you know the password of wifi?? HOT 1
- My computer doesn't have the program needed to open the downloaded file???
- My computer doesn't have the program needed to open the downloaded file??? HOT 1
- PROBLEME WITH REAVER/BROADCOM4313
- wps pin not found
- Resend M-Messages if AP did not receive last one
- apt-get install libpcap-dev [Not installing the packages]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reaver-wps.