Selamat pagi semua forumer dari Malaysia Adik Gnome ada beberapa masalah yang perlu diselesaikan. Harap para-para pro kat sini boleh tolong adik Maafkan saya kerana saya tak berapa pandai guna BM, jadi izinkan saya guna English ok?? So recently i got myself a AWUS036H with RT8187L chip. I scanned for my area and there's few WEP routers and a number of WPA/WPA2 routers. Hence i tried to go easy first, doing WEP dulu. First try was easy, got it under 3mins. However i realize i cannot crack without client connected to the AP first. So if the AP is without client (0), how do i proceed to crack it?? Btw, i am using XIAOPAN 4.7.2, KALI LINUX, and ReaverPro, using them alternatively whenever 1 of them don work. Second problem, now this is a long 1. I want to crack a WPA2 WPS enabled AP, so like in the tutorial i used Reaver to execute. After obtaining handshake, the Reaver constantly retry the same PIN over and over, for more than 10times. So what could be the problem here? Please explain to me. (This is when i use XIAOPAN 4.7.2) Then i switch to KALI LINUX, using this command: (in sequence) airmon-ng airmon-ng stop wlan1 airodump-ng wlan1 wash -i wlan1 -c <CH> -C -s reaver -i wlan1 -b <BSSID> --fail-wait=360 and let it run, same thing, some couldn't authenticate for handshake, some keep retrying same PIN. For some, couldnt authenticate, so i have to Fake Authenticate with the AP MAC is it? So i switch to ReaverPro cause more UI friendly. I tried attacking some, retrying same PIN as well. But after some hours trying each AP by each, i finally found 1 that uses random PIN on second attack. =.= However i notice during the attack, reaver will still use the same PIN occasionally. eg: 12345670 12345670 12345678 11115678 11115678 11125678 smtg like this. Right now the attack is still running at home, and i am at office now. So hopefully you guys could explain some of these problems to me so i can correct my way of doing it. Thanks Terima Kasih!!! P/S: I scanned around my area and a lot of AP has the similar front MAC Add, B8:A3:86:BE, and router brand of DIR-615?? P/S2: I also get this command a lot when attacking 1 of the AP, "Detected AP rate limiting, waiting 60 seconds before re-checking." what does it mean??