Hi, attached port implements the pixie-dust attack against WPS keys. Yes, that attack is old, but vulnerable APs are still out there.
tested on i386 with reaver with athn(4) interface. cat pkg/DESCR Pixiewps is a tool written in C used to bruteforce offline the WPS PIN exploiting the low or non-existing entropy of some software implementations, the so-called "pixie-dust attack" discovered by Dominique Bongard in summer 2014. It is meant for educational purposes only. As opposed to the traditional online brute-force attack, implemented in tools like Reaver or Bully which aim to recover the pin in a few hours, this method can get the PIN in only a matter of seconds or minutes, depending on the target, if vulnerable. comments, concerns, tests or OKs welcome. cheers, Sebastian Pixiewps 1.4 [?] Mode: 3 (RTL819x) [*] Seed N1: 1368013235 (Wed May 8 11:40:35 2013 UTC) [*] Seed ES1: 1368013238 (Wed May 8 11:40:38 2013 UTC) [*] Seed ES2: 1368013238 (Wed May 8 11:40:38 2013 UTC) [*] PSK1: 326138cf082aad7bb7b48e9f912e398c [*] PSK2: dd86e6f4a2fced0080b3b66ffdcff6c8 [*] ES1: 50401527275f5eb53fdb296f519d419d [*] ES2: 50401527275f5eb53fdb296f519d419d [+] WPS pin: 46681348 [*] Time taken: 552 s 640 ms
pixiewps.tar.gz
Description: application/gzip