Bully WPS 1.0-22

Alternative to Reaver to penetrate and test WPS enabled networks

This resource is being watched by 238 members.
  1. Mr. Penguin

    Bully is a new implementation of the WPS brute force attack, written in C. It is conceptually identical to other programs, in that it exploits the (now well known) design flaw in the WPS specification. It has several advantages over the original reaver code. These include fewer dependencies, improved memory and cpu performance, correct handling of endianness, and a more robust set of options. It runs on Linux, and was specifically developed to run on embedded Linux systems (OpenWrt, etc) regardless of architecture.

    Bully provides several improvements in the detection and handling of anomalous scenarios. It has been tested against access points from numerous vendors, and with differing configurations, with much success.


    Bully requires libpcap and libssl. It uses WPS functionality written by Jouni Malinen; that source code is included in this repro for simplicity, as are libcrypto and several other sources that provide needed functionality.
    Because Bully stores randomized pins and session data in normal files, there is no need for any database functionality.


    Bully can be built and installed by running:
    ~/trunk$ cd src
    ~/trunk/src$ make
    ~/trunk/src$ sudo make install

    v1.0-22 : Update for APs that use Eap Failure instead of Wsc Nack

    v1.0-21 :
    Increased maximum packet timings

    linux-vdso.so.1 => (0x00007fffbba00000)
    libpcap.so.0.8 => /usr/lib/x86_64-linux-gnu/libpcap.so.0.8 (0x00007f02c2eb0000)
    libcrypto.so.1.0.0 => /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (0x00007f02c2ad0000)
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f02c2710000)
    libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f02c2508000)
    libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f02c22f0000)
    /lib64/ld-linux-x86-64.so.2 (0x00007f02c3100000)

    v1.0-20 :

    Fixed https://github.com/bdpurcell/bully/issues/25 download libpcap version 1.4.0 at http://www.tcpdump.org/release/libpcap-1.4.0.tar.gz and extract it ./configure --prefix=/usr && make sudo make install