wifite icon indicating copy to clipboard operation
wifite copied to clipboard

Published 20 hours ago verified publisher icon derv82

incorrect WPS assesment

Open etranger7 opened this issue 11 years ago • 10 comments

When I scan available networks it lists a lot of networks as WPS enabled although they are not. I did the same scan with the current stable release of Wifite and Wash they correctly identified the WPS enabled networks.

I'm running BT5r3. I hope this helps and please let me know if I omitted any important information.

etranger7 avatar Jan 10 '14 19:01 etranger7

Are you saying that the standard Wifite in BT5R3 produces incorrect WPS results, but the stable version from Github assesses correctly?

If so, this is likely just a bug in whatever version BT5R3 uses; I highly recommend you upgrade to Kali.

hatRiot avatar May 23 '14 17:05 hatRiot

I don't believe Kali has started using this repository yet.

ghost avatar May 23 '14 22:05 ghost

I've updated the google code project page to strongly suggest using this repo. Hopefully Kali gets the latest versions or we might need to implement an auto-update feature.

derv82 avatar May 27 '14 04:05 derv82

@derv82 There would just need to be a version update to the GC one that implements the new update location. That way those stuck on the GC version line could just run wifite --update twice and get to the latest here.

We should also submit a bug to Kali to get it updated.

ghost avatar May 27 '14 16:05 ghost

Correct v86 still false positive detect wps capable ap devices there are not in reality... looks like only v85 is version working correctly atm...

drathir avatar Oct 01 '14 17:10 drathir

#19 and #36 talk about the same thing but have opposing information as to what version works.

leggewie avatar Aug 28 '15 04:08 leggewie

if good remember the v85 was possitive detect not wps available and wps available, not sure about false positive wps available, but v86 was showing available in devices even not supporting wps... also if good remember to corectly detect the signal must be not very weak bc in that case could show no wps even if device have it enebled... Wishes gl with figure out where is a problem...

drathir avatar Aug 28 '15 21:08 drathir

There is a problem with the command used when searching for WPS-capable networks. The command is:

# [wifite.py:1814] 
cmd = [program_name, '-f', cap_file]

which does not tell wash to ignore checksum errors. The correct command should be:

cmd = [program_name, '-f', cap_file, '--ignore-fcs']

or

cmd = [program_name, '-f', cap_file, '-C']

ghost avatar Jul 18 '17 20:07 ghost

@dverlik is this tested with the latest commits or are you using wifite in Kali (which is outdated?), because wash scanning is working at thw moment.. remember, wifite in Kali is outdated.. Please report back! :)

kimocoder avatar Jul 18 '17 21:07 kimocoder

@kimocoder I've cloned this repo yesterday and run into problems with WPS detection (every network was shown as non-WPS). I've run wash -f wifite-01.cap on the temp file being created by wifite while scanning, and without the -C option wash just returns a bunch of lines about FCS errors. Now with the correct command I was able to detect WPS networks, but then happened the next problem I am now thinking to patch: the new version of reaver (1.4) does not automatically retrieve the WPA password via pixiewps 1.2. Moreover, pixiewps 1.2 has a new output format which is not parsed by wifite (like, for example, the line with WPS pin was WPS PIN: 'some digits' and now is like that: WPS pin: some digits).

ghost avatar Jul 19 '17 11:07 ghost