Issue Netgear Router with Bully = First half finished sucessfully without any result

Discussion in 'Xiaopan Support' started by shrinivas, 3 Nov 2013.

  1. shrinivas

    shrinivas Active Member

    4 May 2013
    Likes Received:
    guys from many days i have been trying crack wpa wep and wpa2 wps enabled networks .

    1) i have tried cracking a network ("netgear ") router by bully .. it gives error " first half finished sucessfully without any result " any solution for this ??

    other routers blocks out wps while using bully .. any solution for this ??

    2) i have tried to crack wifi networks with reaaver ("wps enabled ,locked " no " ) but this gives two errors transaction code (0x03) and (ox02) i have googled it found no solution .. i have tried reaver -i mon0 -b xx:xx:xx:xx:xx:xx =fail-wait=360 and reaver -i mon0 -bxx:xx:xx:xx:xx:xx -S -L -A -vv .. first option is too slow completed 7 + % in 2 and half hours ...

    3) while trying to crcak wep which is hidden i know the essid ... this was the net work i had cracked earlier ... but problem is network is mac address filtered now ... i know the mac adress of client ... even if i change mac adress... router detects my origina mac !!! ... even same in case of reaver to .. mac is not getting spnoofed

    note : i am using intel wifi card n1000 in built running wifislax kalilinux
    any help guys :)
  2. Brujah

    Brujah Active Member

    1 Nov 2013
    Likes Received:
    Sorry if I am mis reading any part of this post, let me know if I got something wrong.
    1) Netgear routers can be very picky when working on WPS crack. The first error you listed above could be caused by the router ignoring the correct PIN because it detected the attack. The way around this, and WPS lockouts is to throttle the attack better. This will slow the attack down, however it can not be avoided. With reaver use the -t argument to increase the delay between PIN attempts.
    2) To avoid the 0x02 and 0x03 errors use the -d switch.
    3) In order for reaver to use the new MAC you need to issue it the --mac switch, --mac=(new Mac add), after properly spoofing your address
  3. kevsamiga

    kevsamiga Well-Known Member

    15 Sep 2013
    Likes Received:
    This advice is given backwards...

    It's -t parameters to avoid the errors and -d to set the delay between pin attempts.

    Netgear's in my exp. usually need a delay of 10 seconds between pin attempts -d 10, or it will trip the WPS lockout.

    They won't trip forever however, or that would constitute a DoS attack on the router (where no one could log in with the correct pin)

    However some netgear's can get stuck with a locked pin, and need a good kick up the arse with MDK3 to reset the pin status by
    swamping the AP with clients and crashing the router to reset the WPS lock status (use with caution). MAC address is easily spoofed.

    Too much info already. Toodle-pip... :)
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.

    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K