Kevin Beaver's Security Blog

Reaver Pro: a simple tool for cracking WPA on a LOT of wireless networks

If wireless security testing is on your radar, you need to get Reaver Pro. As I outlined in this Hacking For Dummies, 4th edition chapter, Reaver Pro is a great tool for cracking the WPA pre-shared key on all those consumer-grade wireless APs/routers that everyone installs in the enterprise.

The latest version of Reaver Pro is very simple to use. No live CDs or VMs to boot. You simply connect the device into your test system’s Ethernet port, connect the power adapter, browse to 10.9.8.1, login, and you’re ready to roll. Here is a quick video overview and here is a screenshot showing its interface:

Terry Dunlap with Tactical Network Solutions (the company that created and sells Reaver Pro) has a great team of sharp guys…and they’ve been very responsive when prompted with my mostly dumb questions.

If anything let Reaver Pro be a reminder of two things:

1. WPA is a proven wireless security control that’s only as good as the weakest link on your network
2. Consumer grade wireless APs and routers don’t have a place in a business setting – although on practically every network I see.

It seems to me that with the advent of WPA, WPA2, and enterprise-grade wireless security controls that people have let their guard down a bit with wireless security.

Don’t be that guy.

As I like to say, you can’t secure what you don’t acknowledge! WPS is enabled by default in most situations. It’s broken. Even if you have the option to throttle PIN requests, you need to find WPS and disable it (even on your home wireless). The convenience factor it provides is just not worth the risk of someone gaining full access to your wireless (and likely wired) network.