Overview

PSKracker is a collection of WPA/WPA2/WPS default algorithms/password generators/pingens written in C.

Requirements

C compiler

Setup

Download

git clone https://github.com/soxrok2212/pskracker

Build

cd pskracker
make

Install

sudo make install

Usage

Usage: pskracker <arguments>

Required Arguments:
	
	-t, --target	: Target model number

Optional Arguments:
	-b, --bssid	: BSSID of target
	-W, --wps	: Output possible WPS pin(s) only
	-G, --guest	: Output possible guest WPA key(s) only
	-s, --serial	: Serial number
	-f, --force	: Force full output
	-h, --help	: Display help/usage

Usage Example

pskracker -t <target> -s <serial number> -b <bssid>

• More detailed usage examples and supported models can be found on the wiki.

Targeted Example

$ pskracker -t nvg599
  ...
  aaae7uas5wrj
  aaae7v3qrvbu
  ...

$ pskracker -t dpc3941 -b 112233445566
  PSK: 5756C3915966657704

Supported OS

PSKracker should compile on macOS, Windows (with cygwin), and any Linux system.
It has been tested on macOS High Sierra 10.13.6, Windows 10, Ubuntu 16.04, Ubuntu 18.04 and ArchLinux. Embedded systems are not supported, though may still work. PSKracker is intended to be run on true pentesting environments (Desktop/Workstation/Laptop). Some psk generators (not bruteforce) are still suitable for embedded systems, but I will not provide support due to the nature of the tool.

Some 32-bit systems (Raspberry Pi with Raspbian) do not support 128-bit integers that are currently used for the Arris NVG589 algorithm, and therefore are not supported by PSKracker at this time. You may have luck with a 64-bit OS running on a recent revision, but this has not been tested.

Acknowledgements

Thank you to rofl0r, wiire and datahead for my first C endeavors!
Thank you to AAnarchYY for research dedication and motivation.

Disclaimer

This project is intended for testing and securing your own networks or networks you have permission to audit. This is not intended to be used maliciously.

In publishing these documents and source code, I (and other developers/contributors) take no responsibility for your actions. What you do with everything in this repository, as well as any information online, is your responsibility. Use this repo wisely. In light of anything I may have failed to mention regarding laws to any country or civilized region, this does not grant the excuse to include the developers or contributors in any way in your legal statements or prosecutor. Thank you.

References

Xfinity Home Security Network Algorithm

• CVE-2017-9476
• Bastille DEFCON 25 Whitepaper

ATT NVG589 and NVG599 Algorithm

• Hashcat Forum (mrfancypants)

Belkin

• CVE-2012-4366
• nvram.c from GPL source code center