Sep 23, 2012

Reaver: How many of us has successfully used it??

Hello, Back after a long time.

I guess many of us have heard and used reaver by now.

So, how many of us have used it successfully??

And what was the time taken for successful attempt??

The shortest for me was 2 hours and longest has taken about 11-12 hours.


  1. it worked, but it has taken 8 hours
    Netgear router

  2. I use it many times. If it starts working (I mean trying different WPS keys) it is almost 100% sure to crak the AP. As opposed to bruteforce where you never know if the password will be found. With Reaver it only takes patience. In my case the shortest time was about half an hour and the longest about 36 hours.

  3. Shortest about 5 hours, longest over 35. Easiest and with fewest re-tries of pins are the Netgear routers. Successful also with Cisco, Linksys, Actiontec and Arrus (spelling?).
    Two have me stumped, both vulnerable in wash or walsh but keeep locking up. Maybe a healthy dose of MDK3 is what the doctor might order for the two.

  4. the shortest time for me was about 1hr 20Min but I got real lucky with snagging the first half of the WPS key in about 15 min so it narrowed the time down a bit. are you all usein reaver or reaver pro with GUI ?

  5. in two recent tests
    1) around 8 hours from 0% to 100% (vs. sitecom)
    2) 2.40 hours but the thing "" strange "" positive my reaver has risen from 17% to 91% ALONE! ... then came to 100% (vs tp-link)

    the tests were successful and have been conducted in VM with alpha 036H

    1. Well, it isnt strage, because reaver first attacks for 4 digits, after first 4 digits are found, it goes to 91%.
      I guess the first four digits of your victim router was found on 17% so it started next round of three digits. :)

  6. many thanks for the quick explanation! :)

  7. is there any cell phone with which reaver can be used? (except the n900)

  8. I have tested it once against WPS enabled device, it took 3 hours to get the key [Dlink].
    I am trying it now against LOCKED AP [Asus], it's taking too much of time.

  9. I the AP locks, then try the -L argument, if that still doesn't work after 10 minutes then DDoS the Ap with MDK3.