Comments (23)
Dec 29 16:32:21 fedora kernel: [1446351.705655] reaver[27494]: segfault at 48
ip 0000000000411206 sp 00007fff3d4b5960 error 4 in reaver[400000+3d000]
Original comment by [email protected]
on 29 Dec 2011 at 3:33
from reaver-wps.
This is probably related to issue #6...what wireless card and driver are you
using?
Original comment by [email protected]
on 29 Dec 2011 at 3:39
from reaver-wps.
awus036h - rtl8187
Original comment by [email protected]
on 29 Dec 2011 at 3:42
from reaver-wps.
Can you provide a core dump or valgrind log?
Original comment by [email protected]
on 29 Dec 2011 at 3:45
- Changed state: Accepted
from reaver-wps.
Same issue with Atheros 9285 useing ath9k driver
Original comment by [email protected]
on 29 Dec 2011 at 3:52
from reaver-wps.
Just checked in some code that may be a fix for this. Can anyone check out the
latest SVN code and see if the bug still exists?
Original comment by [email protected]
on 29 Dec 2011 at 3:56
- Changed state: Started
from reaver-wps.
I am also have this issue using ALFA AWUS036H(rtl8187). I'm assuming it's
crashing because sometimes no output is displayed, indicating that the attempt
was unsuccessful.
Original comment by [email protected]
on 29 Dec 2011 at 3:59
from reaver-wps.
after one pIN in 1.1 ver
root@bt:/opt/wpa/reaver-1.1/src# reaver -i mon1 -b 00:1C:DF:99:EC:B4 -vv
Reaver v1.1 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner
<[email protected]>
[+] Waiting for beacon from 00:1C:DF:99:EC:B4
[+] Switching mon1 to channel 1
[+] Associated with 00:1C:DF:99:EC:B4 (ESSID: belkin54g)
[+] Trying pin 64816807
Segmentation fault
Original comment by [email protected]
on 29 Dec 2011 at 4:01
from reaver-wps.
valgrind --track-origins=yes ./reaver -i mon0 -b 00:1C:F0:C2:BF:27 -vv
==29147== Memcheck, a memory error detector
==29147== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==29147== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==29147== Command: ./reaver -i mon0 -b 00:1C:F0:C2:BF:27 -vv
==29147==
Reaver v1.1 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner
<[email protected]>
[+] Waiting for beacon from 00:1C:F0:C4:BF:26
[+] Switching mon0 to channel 10
[+] Associated with 00:1C:F0:C4:BF:26 (ESSID: Test)
==29147== Conditional jump or move depends on uninitialised value(s)
==29147== at 0x4071C5: get_wps_data_element (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x406C97: parse_wps_tag (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x406B69: parse_wps_parameters (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x403578: is_wps_locked (80211.c:133)
==29147== by 0x404BD7: crack (cracker.c:105)
==29147== by 0x402460: main (wpscrack.c:80)
==29147== Uninitialised value was created by a stack allocation
==29147== at 0x406B72: parse_wps_tag (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147==
==29147== Invalid read of size 4
==29147== at 0x410F52: wps_registrar_init (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x406077: initialize_wps_data (init.c:56)
==29147== by 0x404BE2: crack (cracker.c:117)
==29147== by 0x402460: main (wpscrack.c:80)
==29147== Address 0x4d1dfe4 is 0 bytes after a block of size 84 alloc'd
==29147== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==29147== by 0x40600E: initialize_wps_data (init.c:32)
==29147== by 0x404BE2: crack (cracker.c:117)
==29147== by 0x402460: main (wpscrack.c:80)
==29147==
==29147== Invalid read of size 8
==29147== at 0x40F38E: wps_init (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x406099: initialize_wps_data (init.c:68)
==29147== by 0x404BE2: crack (cracker.c:117)
==29147== by 0x402460: main (wpscrack.c:80)
==29147== Address 0x4d1df48 is 56 bytes inside a block of size 60 alloc'd
==29147== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==29147== by 0x405FE1: initialize_wps_data (init.c:24)
==29147== by 0x404BE2: crack (cracker.c:117)
==29147== by 0x402460: main (wpscrack.c:80)
==29147==
==29147== Invalid read of size 4
==29147== at 0x40F3C2: wps_init (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x406099: initialize_wps_data (init.c:68)
==29147== by 0x404BE2: crack (cracker.c:117)
==29147== by 0x402460: main (wpscrack.c:80)
==29147== Address 0x4d1df50 is 4 bytes after a block of size 60 alloc'd
==29147== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==29147== by 0x405FE1: initialize_wps_data (init.c:24)
==29147== by 0x404BE2: crack (cracker.c:117)
==29147== by 0x402460: main (wpscrack.c:80)
==29147==
[+] Trying pin 27176948
==29147== Invalid read of size 8
==29147== at 0x411368: wps_registrar_get_pin (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x4121C6: wps_get_dev_password (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x413E29: wps_registrar_get_msg (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x406718: send_msg (send.c:80)
==29147== by 0x405384: do_wps_exchange (exchange.c:66)
==29147== by 0x404CC6: crack (cracker.c:160)
==29147== by 0x402460: main (wpscrack.c:80)
==29147== Address 0x48 is not stack'd, malloc'd or (recently) free'd
==29147==
==29147==
==29147== Process terminating with default action of signal 11 (SIGSEGV)
==29147== Access not within mapped region at address 0x48
==29147== at 0x411368: wps_registrar_get_pin (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x4121C6: wps_get_dev_password (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x413E29: wps_registrar_get_msg (in
/opt/reaver/reaver-wps-read-only/src/reaver)
==29147== by 0x406718: send_msg (send.c:80)
==29147== by 0x405384: do_wps_exchange (exchange.c:66)
==29147== by 0x404CC6: crack (cracker.c:160)
==29147== by 0x402460: main (wpscrack.c:80)
==29147== If you believe this happened as a result of a stack
==29147== overflow in your program's main thread (unlikely but
==29147== possible), you can try to increase the size of the
==29147== main thread stack using the --main-stacksize= flag.
==29147== The main thread stack size used in this run was 8388608.
==29147==
==29147== HEAP SUMMARY:
==29147== in use at exit: 155,143 bytes in 11,025 blocks
==29147== total heap usage: 11,085 allocs, 60 frees, 157,789 bytes allocated
==29147==
==29147== LEAK SUMMARY:
==29147== definitely lost: 54,915 bytes in 11,007 blocks
==29147== indirectly lost: 10,322 bytes in 6 blocks
==29147== possibly lost: 0 bytes in 0 blocks
==29147== still reachable: 89,906 bytes in 12 blocks
==29147== suppressed: 0 bytes in 0 blocks
==29147== Rerun with --leak-check=full to see details of leaked memory
==29147==
==29147== For counts of detected and suppressed errors, rerun with: -v
==29147== ERROR SUMMARY: 18 errors from 5 contexts (suppressed: 2 from 2)
Segmentation fault (core dumped)
Original comment by [email protected]
on 29 Dec 2011 at 4:07
from reaver-wps.
Tried revision 12, problem still arising.
Original comment by [email protected]
on 29 Dec 2011 at 4:11
from reaver-wps.
Looks like there are some unhandled NULL pointer exceptions. Added null checks
to the latest check in, try now.
Original comment by [email protected]
on 29 Dec 2011 at 4:12
from reaver-wps.
Just tried revision 14. Sometimes it gives "[!] WARNING: Receive timeout
occurred" and sometimes it exits with nothing.
Original comment by [email protected]
on 29 Dec 2011 at 4:15
from reaver-wps.
just tried revision 14 tries 1 pin and segfaults
Original comment by [email protected]
on 29 Dec 2011 at 4:19
from reaver-wps.
[+] Trying pin 97035473
[!] WARNING: Last message not processed properly, reverting state to previous
message
[+] Trying pin 97035473
[!] WARNING: Last message not processed properly, reverting state to previous
message
[+] Trying pin 97035473
revision 15
Original comment by [email protected]
on 29 Dec 2011 at 4:34
from reaver-wps.
as of revision 16 the segfault is cleared..
i am trying with some SSID but what is get is...
[+] Waiting for beacon from 74:EA:3A:D5:E3:3A
[+] Switching mon0 to channel 1
[+] Associated with 74:EA:3A:D5:E3:3A (ESSID: Gecevi)
[+] Trying pin 71951249
[+] Trying pin 71951249
[+] Trying pin 71951249
[+] Trying pin 71951249
[+] Trying pin 71951249
[!] WARNING: Receive timeout occurred
[+] Trying pin 71951249
[!] WARNING: Receive timeout occurred
[+] 0.00% complete @ 0 seconds/attempt
[+] Trying pin 71951249
[!] WARNING: Receive timeout occurred
[+] Trying pin 71951249
[+] Trying pin 71951249
Original comment by [email protected]
on 30 Dec 2011 at 9:41
from reaver-wps.
but again nothing happens..
/reaver -i mon0 -b 74:EA:3A:B9:E3:B0 -vv
Reaver v1.1 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner
<[email protected]>
[+] Waiting for beacon from 74:EA:3A:B9:E3:B0
[+] Switching mon0 to channel 11
[+] Associated with 74:EA:3A:B9:E3:B0 (ESSID: RADDY)
[+] Trying pin 04781530
[!] WARNING: Receive timeout occurred
[+] Trying pin 04781530
[!] WARNING: Receive timeout occurred
[+] Trying pin 04781530
[!] WARNING: Receive timeout occurred
[+] Trying pin 04781530
[!] WARNING: Receive timeout occurred
[+] Trying pin 04781530
[!] WARNING: Receive timeout occurred
[!] WARNING: Receive timeout occurred
[+] Trying pin 04781530
^C
Original comment by [email protected]
on 30 Dec 2011 at 9:44
from reaver-wps.
I am also getting the same output as comment 15 and 16.
Original comment by [email protected]
on 30 Dec 2011 at 9:51
from reaver-wps.
Actually the svn 16 again core dumped..
My first try was with Backtrack 5 on x64bit and it does not segfault but was
only trying same PIn..
However on x64 Fedora 16 svn 16
i got:
/reaver -i mon0 -b 70:71:BC:26:EE:C0 -vv
Reaver v1.1 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner
<[email protected]>
[+] Waiting for beacon from 70:71:BC:26:EE:C0
[+] Switching mon0 to channel 2
[+] Switching mon0 to channel 3
[+] Switching mon0 to channel 1
[+] Associated with 70:71:BC:26:EE:C0 (ESSID: fe5f4c)
[+] Trying pin 98850471
Segmentation fault (core dumped)
Original comment by [email protected]
on 30 Dec 2011 at 10:29
from reaver-wps.
DMESG:
[ 1862.958153] reaver[5202] general protection ip:40f3df sp:7fff32cc7ca0
error:0 in reaver[400000+3d000]
Original comment by [email protected]
on 30 Dec 2011 at 10:30
from reaver-wps.
after
debuginfo-install glibc-2.14.90-21.x86_64 libpcap-1.1.1-4.fc16.x86_64
(gdb) backtrace
#0 0x000000000040f3df in wps_init ()
#1 0x00000000004060a1 in initialize_wps_data () at init.c:72
#2 0x0000000000404be3 in crack () at cracker.c:117
#3 0x0000000000402461 in main (argc=6, argv=<optimized out>) at wpscrack.c:80
Original comment by [email protected]
on 30 Dec 2011 at 10:49
from reaver-wps.
[deleted comment]
from reaver-wps.
The latest code (r20) seems to have fixed these issues. Please check out the
lastet code and verify.
Original comment by [email protected]
on 30 Dec 2011 at 2:43
from reaver-wps.
Issues 5 & 6 are the same; more comments have been happening on issue #6, so
rolling this into #6.
Original comment by [email protected]
on 30 Dec 2011 at 4:23
- Changed state: Duplicate
from reaver-wps.
Related Issues (20)
- is my interface blocked? "Warning: received timeout occurred" HOT 2
- AP Rate Limiting - Reaver HOT 2
- Enter one-line summary HOT 2
- Reaver strange problem
- Reaver won't associate or eapol error
- Reaver doesn't work. HOT 1
- latest reaver 1.4-2 confirmed bug HOT 1
- WPS transaction failed (code: 0x02) Please Help! HOT 1
- any advice? HOT 2
- reaver vodafone station revolution
- reaver starts at 90% with any pin HOT 1
- Integration with Cloudcracker
- "make" issues. ubuntu 15.04 amd 64 with (apt-get dist-upgrade) HOT 1
- how to get wps pin if you know the password of wifi?? HOT 1
- My computer doesn't have the program needed to open the downloaded file???
- My computer doesn't have the program needed to open the downloaded file??? HOT 1
- PROBLEME WITH REAVER/BROADCOM4313
- wps pin not found
- Resend M-Messages if AP did not receive last one
- apt-get install libpcap-dev [Not installing the packages]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reaver-wps.