Cracking WPA/WPA2 with Reaver

January 24th, 2012 by admin in Linux, Privilege Escalation, Wireless

The WiFi Protected Setup (WPS) protocol is vulnerable to a brute force attack that allows an attacker to recover an access point’s WPS pin, and subsequently the WPA/WPA2 passphrase, in just a matter of hours, using the open source tool called Reaver. Think your 32 character alpha-numeric password is uncrackable? If your wireless router is using WPS then your router may be spit back your password in plain-text to the attacker in less than 10 hrs. WPS allows users to enter an 8 digit PIN to connect to a secured network without having to enter a passphrase. When a user supplies the correct PIN the access point essentially gives the user the WPA/WPA2 PSK that is needed to connect to the network. Reaver will determine an access point’s PIN and then extract the PSK and give it to the attacker. When we tested Reaver in our labs we were able to recovery the WPA password in 1.5hrs and the longest run was 7.5hrs Reaver Test

4 Responses to ' Cracking WPA/WPA2 with Reaver '

Subscribe to comments with RSS or TrackBack to ' Cracking WPA/WPA2 with Reaver '.

  1. Jan Garaj said,

    on February 13th, 2012 at 4:18 am

    GUI on Reaver for infants is Inflator (thx Beini).

  2. Robert said,

    on April 29th, 2012 at 5:46 am

    Given that the Beini project is not currently under development I created a new 1.2.4 version that incorporates Reaver

  3. haq said,

    on August 30th, 2014 at 7:33 pm

    does the reaver speed will increase if i do the same as you did with a laptop has a GPU ( i mean graphic card like nvidia or amd)

  4. admin said,

    on September 21st, 2014 at 3:13 pm

    the speed is for the access point itself, it wont do a certain about without locking up or locking you out

Leave a reply