WPS Attack

WPS stands for "Wi-Fi Protected Setup," which is a network security standard used by wireless routers to make it easier for users to connect their devices to a Wi-Fi network. WPS allows users to connect their devices to a wireless network without the need to enter a password manually.

When using WPS, a user can simply press a button on the router, or enter a PIN code, and the router will automatically configure the device's wireless settings and connect it to the network. This makes it easier for users to connect devices to a wireless network without having to remember a complicated password.

How to Run a Brute-Force PIN attack?

WPS is only 8 digits pin so we can simply try possible pins to guess the correct one!

To see the available networks we can type

wash –interface [interface]

After choosing the AP that does not use PBC (Push Button Authentication) we need first to associate with the AP

aireplay-ng –fakeauth 30 -a [AP mac addr] -h [wifi inter addr] [interface]

To try possible pins we going to use a tool called reaver

reaver –bssid [AP mac addr] –channel [AP CH] –interface [interface] -vvv –no-associate

How to Run a Pixie-Dust attack?

The Pixie-Dust attack is a strategy that targets the vulnerability in WPS (Wi-Fi Protected Setup) to crack the PIN and gain access to a Wi-Fi network. This technique is used to exploit weak security settings, highlighting the importance of securing wireless networks with strong encryption and complex passwords.

Now, Pixie-Dust attack is part of Airegeddon, wifite ,... so you can check other pre build tools to run it.

PreviousWEP Cracking NextWPA Handshake Capture

Last updated 1 year ago