BackTrack - Cracking a WPA password with reaver

Wi-Fi Protected Setup (WPS) was introdused to allow home users with little or no knowelage of wirelss security to set up a wireless network encrypted with WPA or WPA2 as well as making it easy to add new devices to an existing network without entering long passwords/passphrases.

In this example I will be using BackTrack 5 R1 Gnome 32 bit.

You can either boot off the DVD or install it. The creating of a bootable DVD and installing BackTrack is beyond the scope of this tutorial. 

I'm assuming you have two network connections one for internet access and one with your wireless adapter that we will be using in this test. In my case I'm using both a wired and wireless adapter.
Open up a terminal and run the following commands

apt-get update
apt-get install reaver

Next we need to find out what interface is assigned to your wireless card using the following command.


In my case wlan0
Next we need to put the wireless card in to monitor mode.

airmon-ng start wlan0

The monitor interface created is mon0
Next we need to find the BSSID of our test router we want to crack

airodump-ng wlan0

In my case 00:11:22:33:44:55
Next we launch reaver

reaver -i mon0 -b 00:11:22:33:44:55 -vv

Now sit back and wait, grab a cup or two of coffee, and let reaver do its thing. Reaver will now try a series of PINs on the router in a brute force attack, one after another. This will take a while. In my case it took just over 2 hours.


  1. Quick question: Do you have links for this software? Also, I assume that it will boot off of a USB just as easily as it will a DVD.

    Out of curiosity, for a bare-bones machine that you'd use for small tasks such as this, what would you recommend?

  2. Hi JOutlaw,
    I think there's more than one question there, I'll rant about that later, anyway to answer your questions:

    BackTrack is available here:

    and the sourcecode for reaver is here if you would like to install it yourself.

    BackTrack 5R1 is based on Ubuntu 10.04 so its requirements will suffice. Not knowing who will be reading this and not wanting to get a whole host of "I cant get backtrack to work on my netbook/laptop/desktop/server/spaceship" type questions I'm not going to say "it will work with this type of latop". However I have had it working on a number of mini laptops/ netbooks from Samsung, DELL, IBM and Lenovo and have not had any issues. I think the lowest spec laptop was, 750Mhz CPU and 1GB of RAM. BackTrack can be run off a DVD or USB Stick. Take a look at unetbootin for details on that or the backtrack faq. Remember that Ubuntu's hardware requirements are a lot lower that those of other operating systems such as Windows. As far as wireless goes I prefer Alfa usb adapters ( your mileage may vary though. Be sure to check the forums on the BackTrack website for more details. If you would like to discuss more we can talk off line ?

  3. Excellent Working Dear Friend Nice Information Share all over the world.olympic station cyclesGod Bless You..olympic park cycles

  4. Gps helps us to get the exact location thank you very much for this softwares Techubi

  5. Thanks so much for this information. I have to let you know I concur on several of the points you make here and others may require some further review, but I can see your viewpoint. Totally free App To Hide Pictures -PC - Don't Hang Close to Browsing, Study About Cellular Desktops On this webpage free file password protection

  6. I am actually delighted to glance at this website posts which consists of lots of valuable data, thanks for providing these kinds of data. This post: How To Password Protect Folder


Post a Comment

Popular posts from this blog

How To Reset A Forgotten root Password On A Linux Virtual Machine on XenServer

FreeNAS - Transmission and Windows Remote Client