PixieWPS - An Offline WPS Brute-force Utility
PixieWPS is a tool written in C that you can use to bruteforce the WPS PIN.
It uses the so-called "pixie-dust attack" which works by exploiting the low or non-existing entropy of software implementations. Unlike traditional bruteforce attacks, this attack can get the PIN in only a matter of seconds or minutes, depending on the target.
This tool can also recover the WPA-PSK from a complete passive capture (M1 through M7) for some devices.
REQUIREMENTS
apt-get -y install build-essential
- Prior versions of 1.2 require libssl-dev
- Versions 1.4 and later make use of multi-threading and require libpthread
OpenSSL has also been re-introduced as optional to achieve better speeds.
Download:
Build:
Install:
SETUP
Download:
git clone https://github.com/wiire/pixiewpsor
wget https://github.com/wiire/pixiewps/archive/master.zip && unzip master.zip
Build:
cd pixiewps*/ makeOptionally, you can run make OPENSSL=1 to use faster OpenSSL SHA-256 functions.
Install:
sudo make install
USAGE
Usage: pixiewps <arguments> Required arguments: -e, --pke : Enrollee public key -r, --pkr : Registrar public key -s, --e-hash1 : Enrollee hash 1 -z, --e-hash2 : Enrollee hash 2 -a, --authkey : Authentication session key -n, --e-nonce : Enrollee nonce Optional arguments: -m, --r-nonce : Registrar nonce -b, --e-bssid : Enrollee BSSID -v, --verbosity : Verbosity level 1-3, 1 is quietest [3] -o, --output : Write output to file -j, --jobs : Number of parallel threads to use [Auto] -h : Display this usage screen --help : Verbose help and more usage examples -V, --version : Display version --mode N[,... N] : Mode selection, comma separated [Auto] --start [mm/]yyyy : Starting date (only mode 3) [+1 day] --end [mm/]yyyy : Ending date (only mode 3) [-1 day] -f, --force : Bruteforce full range (only mode 3) Miscellaneous arguments: -7, --m7-enc : Recover encrypted settings from M7 (only mode 3) -5, --m5-enc : Recover secret nonce from M5 (only mode 3)
You might also like:
Post a Comment