Reaver

VERIFIED

WPS brute-force attack tool for WiFi networks

Wireless HackingOSS

Intermediate

Linux

Description

Reaver implements a brute-force attack against WiFi Protected Setup (WPS) registrar PINs to recover WPA/WPA2 passphrases. It exploits a design flaw in WPS that reduces the PIN keyspace from 10^8 to approximately 11,000 attempts, making WPS-enabled routers vulnerable.

Use Cases

Brute-force WPS PINs to recover WiFi passphrases
Test routers for WPS vulnerability exposure
Bypass WPA/WPA2 by targeting the WPS implementation

Attack Phases

01. RECON

02. SCAN

03. EXPLOIT

04. PERSIST

05. COVER

MITRE ATT&CK Techniques (1)

T1110.001Password Guessing(Credential Access)

Related Tools (2)

Aircrack-ng Wifite