Skip to main content

Rogue Device Spotlight: Reaver Pro II



Created by Reaver Systems, the Reaver Pro II is a WiFi penetration testing tool focused on networks with insecure WEP and WPA2 implementations. Requiring minimal configuration, and capable of being controlled entirely through a straightforward web interface, the Reaver Pro II is advertised as one of the easiest methods available to identify and breach vulnerable WiFi networks.
As the name implies, the Reaver Pro II makes extensive use of “reaver-wps”, an open source implementation of the WPS PIN brute forcing attack revealed in 2011 by Stefan Viehböck. The hardware is simply a branded version of the OpenWRT supported Alfa AP121U travel router; the same hardware used in previous versions of the Hak5 WiFi Pineapple.

Hardware Specifications

  • CPU: Atheros AR9331@400MHz
  • RAM:32 MB
  • ROM: 8 MBOS: OpenWRT
  • I/O: Ethernet, USB
  • Radios: Atheros AR9331 802.11 b/g/n

Notable Features

Like many other portable penetration testing devices, the Reaver Pro II is based on the popular OpenWRT distribution of Linux. Unfortunately, there is little support or documentation available for modifying the system software on the device. Whereas other OpenWRT devices are easily extendable with the addition of new software packages or even peripheral devices, the Reaver Pro II is essentially a “black box” product meant for fairly basic tasks. This lack of extensibility  can be a hinderance for more advanced operators, as it puts arbitrary limits on an otherwise extremely capable software and hardware combination.
The web interface on the Reaver Pro II is designed to be stylish and simple to operate by users of all skill levels; more like configuring a home router than operating a penetration testing device. Configuration and operation of the Reaver Pro II is indeed extremely easy, but much like the limits placed on the hardware and software, more advanced users may feel encumbered by an interface which clearly puts design aesthetics over flexibility.
 However, issues with the product’s software design and hardware capability are moot in light of the more pressing functionality issue: fewer and fewer networks are still vulnerable to the WPS brute forcing that the Reaver Pro II is primarily designed to perform. While the product’s WEP cracking functions will make short work of networks still running such an outdated encryption scheme, the number of variables involved in successfully performing a WPS PIN brute force attack make cracking into a WPS network much less likely (and much slower). The target network needs to have WPS enabled in the first place, and even then, improved protection routines in modern routers may block attempts to guess the PIN after only a few minutes.  Even under ideal conditions, the brute force attack employed by reaver can take over 8 hours to successfully recover the key, making this online attack about as easy to track as the sun on a cloudless day.

Also Read :- Wi‐Fi Protected Setup



 Conclusion
Between the automatic configuration and slick web interface, the Reaver Pro II is certainly one of the easiest to use penetration testing tools on the market. Almost anyone could pick up a Reaver Pro II and begin scanning for, and gaining access to, vulnerable networks. Priced at an attractive $75, the Reaver Pro II is a dream product for the average person who simply wants to crack their neighbour's WiFi or determine their own network’s security.
While the Reaver Pro II is admittedly the most polished implementation of reaver-wps available, a security appliance built around a single tool is simply not direct competition to more flexible penetration testing devices. Considering its relatively powerful hardware and the wide range of tools and exploits available to OpenWRT devices, the niche nature of the Reaver Pro II seems like something of a wasted opportunity.



NOTE: This is for educational purpose only we are not responsible for any type of inconvenience caused by reader. 

Comments

Popular posts from this blog

Social Engineering Toolkit (SET)

Social Engineering Toolkit  (SET) is an advanced,  multifunctional, and easy-to-use computer-assisted social engineering toolset, created by the founders of  TrustedSec (https://www.trustedsec.com/). It helps you prepare the most effective way to exploit client-side application vulnerabilities and makes a fascinating attempt to capture the target's confidential information (for example, e-mail passwords). Some of the most efficient and useful attack methods employed by SET include targeted phishing e-mails with a malicious file attachment, Java applet attacks, browser-based exploitation, gathering website credentials, creating infectious portable media (USB/ DVD/CD), mass-mailer attacks, and other similar multiattack web vectors. This combination of attack methods provides you with a powerful platform to utilize and select the most persuasive technique that could perform an advanced attack against the human element.

 To start SET, navigate to  Applications  |  Kali Linux  |  Expl…

Cracking Wifi Using :Fern(GUI)

Fern(GUI)

As a part of Kali linux , fern can be directly used from kali linux , i would be recommending the use of kali because while using other linux environments it could be a trouble because while using fern it automatically detects the path of aircrack-ng and python installed , while in other environments it is needed to set it manually...so follow the following steps :-->

1.) Download kali linux iso and make a bootable pendrive .....if you dont know how to make bootable pendrive  then follow the steps given in blog of trinity rescue kit

Kali linux iso (amd64) recommended -->here
Link to trinity rescue kit blog --> here


 2.)Open Kali linux Goto Applications-->Wireless Attack--> Fern

3.)Select Interface card wlan0

4.)Double click any where in GUI

5.)Select enable x-terms ...so that you can view that happening ...while through a automated program...

6.)Click on select network

7.)Choose the type of network that is WEP/WPA

8.)I would recommend to add dictonary file ..…

Deep Web - Part 1

What is deep web ?

Deep web Aka Invisible web Aka Hidden web are parts of the world wide web whose contents are not indexed by standard search engines.
LEVELS OF WORLD WIDE WEB :
SURFACE WEBBERGIE WEBDEEP WEBCHARTER WEBMARIANAS WEB SURFACE WEB :
The surface web also known as Visible web , Clearnet , Indexed web or Lightnet is that portion of the world wide web that is readily available to the general public and searchable with standard web search engines. Level of web where vast majority of internet users are connected to and which is accessible in any nation that does not block internet access.E.g: Social media sites like Facebook, informational websites like Wikipedia, general websites, etc

BERGIE WEB :

It is the part of world wide web that is not indexed by search-engines,which is directly accessible and no proxy required. E.g: Google locked results, recently web crawled old content, pirated media, pornography etc
DEEP WEB:
Deep web Aka Invisible web Aka Hidden web are parts of the wo…