Fastest/simplest/shortest/easiest way to check WiFi WPS enabled? Command line if possible - Different platforms

2

I would like to make a list of the simplest/fastest way to check if a WiFi network has WPS enabled. Until now, this is the compilation:

  1. Windows:
    • GUI: [Don't know]
    • Command line: [Don't know. There are commands for WiFi management in Windows Vista and above, but I think they don't deal with WPS]
  2. Linux:
    • GUI: [Don't know]
    • Command line:
      • wash (included in Reaver WPS) --> not working OK with several NICs.
      • EAPScan: "eapscan -i mon0 -b aa:bb:cc:dd:ee:ff -e MyWiFiAP --check-wps" (network by network, once each time :-( ).
  3. Android:
    • GUI:
      • Android Setup --> WiFi Networks --> Fantastic. Simple and working fine.
      • InSSIDer (not free since v4) --> Very good, too.
    • Command line:
      • wpa_cli --> Try to connect using "wps_reg xx:xx:xx:xx:xx:xx 12345678". A stupid method.

I will edit this post to add the best/acceptable results (if we find them ;-) ).

· Edit: Added new method for Linux CLI: EAPScan from EAPeak Suite.

Sopalajo de Arrierez

Posted 2014-02-07T11:00:00.717

Reputation: 5 328

Question was closed 2014-05-27T13:08:36.303

1

Andre Gasser's blog entry has a way to use wireshark to filter by WPS state: http://blog.andregasser.net/?p=243 Not sure if the approach would work under Windows, but might be another tool/way to do what you're looking to do.

– JSanchez – 2014-02-07T16:51:41.893

Indeed, this wireshark filter reveals that WPS is enabled: "wps.wifi_protected_setup_state == 2". I am not very experienced at bash scripts: would it be possible to make a simple program/script that captures live WiFi network traffic and shows (only once per ESSID/BSSID) the network name (ESSID/BSSID) of the corresponding packet?I don't know if this is what Wash (Reaver for Linux) does, but as long as we don't have better solutions, we could use it as a generic method. It could even work on Windows or Android. – Sopalajo de Arrierez – 2014-02-08T00:31:34.280

It should work in Windows or whichever platform Wireshark supports, as long as there's a driver to put the NIC into "promiscuous" mode. Wish I could help you with the bash script, but it has been a while. But if you're OK with it, I could make the comment into an answer. :-) – JSanchez – 2014-02-08T00:41:05.417

No problem for me. Maybe then someone more expertised will help us with the script for a live identification of WPS capable networks. A possible way could be the request of some parsing of data from airodump-ng (live capture or file dump). Or asking about the possibility of using EAPScan, even when it seems to work in a different way. – Sopalajo de Arrierez – 2014-02-08T01:14:41.773

Answers

1

Kali-Linux: wash -i mon0 or wash -i mon0 -C

Saman Qaydi

Posted 2014-02-07T11:00:00.717

Reputation: 11

1As mentioned in my initial post: "not working OK with several NICs". – Sopalajo de Arrierez – 2014-05-27T21:12:22.513

Asked: 2014-02-07T11:00:00.717

Viewed: 13 589 times

Active: 2014-05-27T12:46:02.417