Building reaver on Fedora 21

A package called reaver-wps can be used to exploit a design flaw in WPS that allows someone to crack an otherwise industrial strength WPA2 wifi network in as little as minutes, but usually no longer than a few hours. Currently there is no rpm for Fedora, but it is easy to compile and install.

A properly configured WPA2 network with a strong shared key is capable of resisting all but the most skilled and extraordinarily well-resourced efforts to crack it. But having WPS enabled gives up all the benefits of WPA’s advanced design in favor of an ill-conceived mechanism to make setting up wireless security “user friendly”.

Two features of WPS make it particularly laughable as a security standard: (1) Access is based on an 8 digit PIN; (2) WPS will confirm to anyone connecting when the first four digits of that PIN have been accurately guessed, providing a “checkpoint” from which a much reduced number of variables can then be managed (4 digits yielding only 10,000 possible combinations). A good tutorial for using reaver to exploit this vulnerability can be found here

It is highly recommended that WPS be disabled on all wireless access points. If once it has been disabled the device is ever factory reset, it should be disabled again.

Building and installing reaver-wps on Fedora 21 requires the following dependencies: sqlite, sqlite-devel, libpcap, libpcap-devel.

Once you’ve installed those prerequisites you then have to download the latest reaver-wps source, unarchive, build and install.

tar xzf reaver-1.4.tar.gz
cd reaver-1.4
./configure --prefix=/usr/local
make
sudo make install
This entry was posted in System Administration on by .

About phil

My name is Phil Lembo. In my day job I’m an enterprise IT architect for a leading distribution and services company. The rest of my time I try to maintain a semi-normal family life in the suburbs of Raleigh, NC. E-mail me at philipATlembobrothersDOTcom. The opinions expressed here are entirely my own and not those of my employers, past, present or future (except where I quote others, who will need to accept responsibility for their own rants).