It is a hacking tool that exploits weaknesses in the WPS protocol found in routers. This tool is used to recover the WPS PIN key faster than traditional attacks such as Brute Force. Pixiewps relies on analyzing data collected from the network, such as EAPOL (Authentication Protocol) and M1-M8 (WPS messages), to determine the WPS key without having to try all the possibilities.
Pixiewps is part of the penetration testing toolkit in Kali Linux, and is often used with other tools like Reaver or Bully to perform WPS attacks.
Practical example of using Pixiewps on Kali Linux distribution:
Requirements:
A computer running Kali Linux.
WiFi card supports Monitor Mode.
Wi-Fi network using WPS protocol (WPS must be enabled on the router).Steps:
Open Terminal:Open Terminal to start using the tool.
Enable Monitor Mode:Enable monitor mode on your Wi-Fi card using airmon-ng:
airmon-ng start wlan0⏺ (Replace wlan0 with the name of your wifi interface).
Scan nearby networks :- Use the airodump-ng tool to scan nearby networks:
airodump-ng wlan0mon⏺ (Replace wlan0mon with the interface name after enabling monitor mode.)
WPS data collection :Find the network you want to test and type in the BSSID (router MAC address) and Channel .
Use the wash tool to verify that WPS is enabled on the network:
wash -i wlan0mon
Using Pixiewps :After confirming that WPS is enabled, use a tool like Reaver or Bully to collect WPS data (e.g. M1-M8).
Once you've collected the data, use Pixiewps to analyze it:
pixiewps --eapol eapol.cap --pke pke.txt --pkr pkr.txt --e-hash1 e-hash1.txt --e-hash2 e-hash2.txt --authkey authkey.txt⏺ (Replace the file names with the files you have collected.)
Extract WPS key :If the network has vulnerabilities, Pixiewps will calculate and display the WPS key.