Professional Documents
Culture Documents
Lab: Crack Wpa2 PSK Network With Reaver & Pixiewps: Scenario
Lab: Crack Wpa2 PSK Network With Reaver & Pixiewps: Scenario
PixieWPS
Scenario
Target – Belkin AP
Kill interfering processes. Do this repeteadly for all processes until airmon-ng check gives
“no interfering” output.
Airodump dumps the packets received on the monitor interface. We can choose whether
or not to write the packets to a file. A full tutorial on this will be coming in the near future.
Starting Capture
Executing Airodump actually turns the terminal to an updating terminal which shows all
information. Note the target BSSID, channel & ESSID. Press control+c to stop airodump.
From the above figure, we can get the MAC of our target. Make a note of this, then run
reaver.
Pixie Output
There you have the passphrase & the PIN. Thus this is a combined Offline – Online attack
which can be run against wireless access points during Wireless Penetration
tests. Interestingly, PixieWPS finds out a lot of other information like the model number
of the AP, manufacturer etc. So during tests, one can use this to search for common-
known vulnerabilities of the specific AP.
For best perfomance of the attack use Alfa Network AWUS036NH or similar model.