Reaver is a Linux based software which brute-force the WPS pins on the router which has wps / Push Button enabled and it comes preloaded with Kali Linux OS. Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as described in this paper
What is WPS or Push Button?
WPS/Push Button option comes with many routers/modems in which while connecting to a network you can avoid entering a password and can simply connect to your network by pressing a button inside your modem/router.
What You Will Need To Perform This Attack?
- WPS ( Push Button ) Enabled WIFI Network in Range
- Wireless Adapter
- Kali Linux OS
Start Your Kali Linux OS and open a terminal
1. Turn On your monitor interface by typing the below command
airmon-ng start wlan0
2. Check if there is any wps enabled wifi in your range.
To check the WPS enabled network we will use wash command so type the below command and it will list all those networks which have wps enabled.
wash -i mon0 -C
Now this will display all those networks which have WPS enabled so chose any network which has strong signals and after copy its BSSID
3. Start Cracking by typing the below command
reaver -i mon0 -b BSSID -vv
Here in this command ” reaver -i mon0 -b BSSID -vv ” in BSSID paste the BSSID number which you want to crack and which you copied in past from above step and wait for about hours because this needs much time even 3-5 hours depending upon the pin code of the router which reaver will brute force and if the pin matches it will crack the password for you and will display the password.
How You can protect yourself from this attack?
Well in my opinion for security reasons just disable the WPS option or if you really want to enable it then create hard and end custom pin as many routers come with a default pin code which reaver can easily crack.