Reaver is a tool used to crack WPS PINs on wireless networks. It is available for Kali Linux and can be installed with the following command: sudo apt-get install reaver
. After installation, you can start using Reaver to scan for access points and start cracking the PIN. To do this, you need to open a terminal window and type the following command: sudo reaver -i [interface] -b [BSSID] -vv
. Replace [interface] with the name of your wireless interface and [BSSID] with the BSSID of the access point you want to crack. Once the command is executed, Reaver will start scanning for access points and will attempt to crack the WPS PIN. You can monitor the progress of the scan by using the -vv
flag. Once the PIN is cracked, you can connect to the access point using the WPA2-PSK key.
In order to use Reaver to crack the WPS PIN of an access point, you first need to scan for available access points. To do this, open a terminal window in Kali Linux and type the following command: iwlist wlan0 scan
. This command will scan for all available access points in the area. Once the scan is complete, you will see a list of access points with their SSID, MAC address, and other information. Make sure to note the SSID of the access point you want to crack the WPS PIN for.
Once you have the SSID of the access point, you can use the airodump-ng
command to get more detailed information about the access point. To do this, type the following command in the terminal window: airodump-ng --bssid [MAC address] --channel [channel] wlan0
. Replace [MAC address] with the MAC address of the access point and [channel] with the channel of the access point. This command will give you more detailed information about the access point, including the WPS PIN.
Now that you have the WPS PIN of the access point, you can use Reaver to crack it. To do this, you need to start Reaver with the following command: reaver -i wlan0 -b [MAC address] -c [channel] -vv
. Replace [MAC address] with the MAC address of the access point and [channel] with the channel of the access point. This command will start Reaver and it will begin trying to crack the WPS PIN of the access point.
Now that Reaver is installed, it's time to start cracking the WPS PIN. To do this, open a terminal window and type the following command: reaver -i [interface] -b [BSSID] -vv
. Replace [interface]
with the name of your wireless interface, and [BSSID]
with the BSSID of the access point you want to crack. For example, if your wireless interface is wlan0
and the BSSID of the access point is 00:11:22:33:44:55
, the command would be reaver -i wlan0 -b 00:11:22:33:44:55 -vv
.
Once you have entered the command, Reaver will start scanning for the access point. It will take a few minutes for Reaver to find the access point and start the cracking process. Once it has found the access point, it will start trying to crack the WPS PIN. Depending on the security of the access point, this process can take anywhere from a few minutes to several hours. You can monitor the progress of the cracking process by checking the output of the terminal window.
reaver -i wlan0 -b 00:11:22:33:44:55 -vv
Once you have started Reaver, it will begin to try and crack the WPS PIN. Depending on the security of the network, this process can take anywhere from a few minutes to several hours. To monitor the progress of Reaver, you can use the watch
command. This will display the output of Reaver in real-time. To use the watch
command, type watch reaver -i [interface] -b [BSSID] -vv
into the terminal. This will display the progress of Reaver as it attempts to crack the PIN. Once Reaver has successfully cracked the PIN, it will display the WPA PSK key. You can then use this key to connect to the access point.
Once Reaver has successfully cracked the WPS PIN, you can connect to the access point. To do this, open a terminal window and type the following command:
sudo iwconfig wlan0 essid [ESSID] key s:[password]
Replace [ESSID] with the name of the access point and [password] with the password that Reaver has cracked. Once you have entered the command, you should be connected to the access point. You can verify this by typing the following command:
iwconfig
If you are connected, you should see the name of the access point in the output. You can also use the iwconfig command to view more detailed information about the connection.