Reaver implements a brute force attack against Wifi Protected Setup
(WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as
described in Brute forcing Wi-Fi Protected Setup When poor design meets
poor implementation. by Stefan Viehboeck. Reaver has been designed to
be a robust and practical attack against Wi-Fi Protected Setup (WPS)
registrar PINs in order to recover WPA/WPA2 passphrases and has been
tested against a wide variety of access points and WPS implementations.
Depending on the target's Access Point (AP), to recover the plain text
WPA/WPA2 passphrase the average amount of time for the transitional
online brute force method is between 4-10 hours. In practice, it will
generally take half this time to guess the correct WPS pin and recover
the passphrase. When using the offline attack, if the AP is vulnerable,
it may take only a matter of seconds to minutes.
feedback and OK already some time ago sthen@, gonzalo@
