Pixiewps vs Reaver
GitHub Stats
About Pixiewps
Pixiewps is a tool used to brute force offline the WPS PIN exploiting the low or non-existing entropy of some software implementations. This is known as the Pixie Dust attack, which exploits weak random number generation in the WPS protocol implementation of many routers. While Reaver performs online brute force (trying PINs against the router one by one), Pixiewps works offline - it captures the WPS exchange data and computes the PIN locally, typically recovering it in seconds rather than hours. The attack works because many router manufacturers use predictable values (like the router's own BSSID or timestamp) to seed the random number generator used in the WPS Diffie-Hellman key exchange. Pixiewps is typically used in conjunction with Reaver or Bully, which handle the network interaction while Pixiewps performs the offline computation.
About Reaver
Reaver implements a brute force attack against Wi-Fi Protected Setup (WPS) registrar PINs to recover WPA/WPA2 passphrases. WPS uses an 8-digit PIN where the last digit is a checksum and the first and second halves are validated separately, reducing the effective keyspace from 100 million to about 11,000 possibilities. Reaver systematically tries PIN combinations against the target access point, typically recovering the passphrase within 4-10 hours depending on the target. It includes features like automatic detection of WPS-enabled access points, session saving and restoring for interrupted attacks, and configurable timing and delay options to handle rate limiting and lockout mechanisms. Reaver is often used alongside Pixiewps for the more efficient Pixie Dust attack against vulnerable WPS implementations that leak enough information to recover the PIN offline in seconds.
Platform Support
Tags
Shared
Pixiewps only
Reaver only