WiFi Hacking: WPS Breaking With Wifite
Welcome back, Visitor. Remember our last post? We were attacking a WPS protected WiFi with the tools pixiewps and reaver. It was fast, but you had to do a lot of copy and paste during that attack. Well, here’s a even faster way: We will use Reaver alone to shot ALL WPS enabled (and attackable) WiFi in your range!
Wifite: Automatically Hack A WiFi
Our experiment is simple and straight forward: Move in position. Make sure you are close to the Access Points you want to hack. In our WiFi Hacking experiment we had 25 AP’s in a range. I wasn’t patient. Whenever i saw “WPS Transaction Failure”, i was giving it a break (hit CTRL-C) and “c”continued to the next WPS Wifi. That way i scanned like 25 WiFis in about five Minutes!
By the way: Wifite is popular. It even made it’s way into the New York Times: Wifite in NYT
The syntax is:
wifite --all --pixie
Then you just have to sit and wait. Or hit CTRL-C is you are impatient like me.
Some WPS WiFi’s are not attackable
You will encounter WPS protected WiFi’s which are not vulnerable to WPS Pixie/Wifite. You can identify these easily, here is an sample for our WiFi Hacking:
[0:00:00] initializing WPS Pixie attack on ANN-WLAN (A0:E4:CB:XX:XX:XX) [0:00:04] WPS Pixie attack: attempting to crack and fetch psk... [0:00:05] WPS Pixie attack failed - WPS pin not found
These ones are immune to this attack. I will show in a later article how to attack that type of WPS protected WiFi as well. By the way: If you want to stay up-to-date, subscribe my Newsletter:
WiFi Hacking: Wifite Successful
Finally, Wifite will find WPS protected WiFi’s which are attackable. Here’s a sample:
[0:00:00] initializing WPS Pixie attack on KDG-XXXX (5C:35:3B:XX:XX:XX) [0:00:02] WPS Pixie attack: attempting to crack and fetch psk... [0:00:05] WPS Pixie attack: [+] PIN found: 47385580 [+] WPA key found: XufYmsf9YCEs
Hacked in 5 Seconds! And wow. That was a complicated PSK. But the AP’s Pin was attackable by PixieWPS.
Some WPS protected WiFi’s you cannot hack. For several reasons:
- The Access Point has some WPS protection system:
- WPS will be locked after X tries with failed PIN (reseting only with a reboot of AP)
- WPS will be locked after X tries with failed PIN (resets after X minutes for new tries)
- WPS is disabled in Access Point
Urgent: For hacking AP’s most efficient, you need the right equipment. Check out our Hardware Page for the very best WiFi Hacking Adapters and Devices: