This method uses three tools: airmon-zc to set the card in monitor mode, airodump-ng to capture packets, and reaver. All three tools need to be installed together. In the Wifislax distribution, these tools have been combined into one tool called PixieScript, which allows the automatic execution of PixieWPS without typing commands or installing anything. The tool gathers information through Reaver, which then generates possibilities for the targeted routers using PixieWPS. The pin is tested to access the real password. This process only takes a few seconds to obtain the password for routers affected by this vulnerability. As of the writing of this post, several routers are vulnerable to this exploit, as shown in the image. Additional routers may be added to the exploit after each tool update.
In this video, the tool is demonstrated on Wifislax, showcasing how to obtain the password in just a few seconds.
This content is authored by Mohammad Bendris
