1

00:00:01,190 --> 00:00:08,150

Okay now in the previous lecture we've seen how we can fix the association problem if river could not



2

00:00:08,150 --> 00:00:13,920

associate with the target and was just giving you the fail to associate problem in here.



3

00:00:14,000 --> 00:00:19,540

And we've seen how we can fix that by manually associate with the target.



4

00:00:19,790 --> 00:00:23,950

Now in many cases that said that'll be the end of the issues.



5

00:00:23,960 --> 00:00:28,310

So that was a completely separate issue that we solved.



6

00:00:28,310 --> 00:00:32,750

The problem is after we solved that issue we ran river.



7

00:00:32,750 --> 00:00:39,630

We bypassed that issue but we were kind of stuck at 0.00 percent and the river wasn't moving.



8

00:00:39,680 --> 00:00:41,870

It wasn't giving us any information.



9

00:00:41,900 --> 00:00:43,700

So we really didn't know what to do.



10

00:00:43,700 --> 00:00:46,500

So we're kind of stuck on what's the next step.



11

00:00:47,890 --> 00:00:53,350

So what I want to show you in this lecture is a way of debugging and knowing what's happening in the



12

00:00:53,350 --> 00:00:54,170

background.



13

00:00:54,460 --> 00:00:58,720

And we'll see how to bypass the issue that's actually happening.



14

00:00:58,720 --> 00:01:04,810

So first of all before I started trying solutions I want to know what's happening in the background



15

00:01:05,370 --> 00:01:06,320

and to do that.



16

00:01:06,430 --> 00:01:12,250

We're going to run the exact same command using the exact same sequence that we were doing before but



17

00:01:12,310 --> 00:01:18,320

I'm going to add one more argument to the command and that is Dash the the read.



18

00:01:18,730 --> 00:01:25,630

And what this does it basically tells River to produce verbose output which means that it will give



19

00:01:25,630 --> 00:01:30,380

us as much information as possible about what's happening in the background.



20

00:01:31,600 --> 00:01:36,760

Now we usually don't use this option because you'll see the screen will get filled with messages and



21

00:01:36,760 --> 00:01:38,820

it will be hard to track what's happening.



22

00:01:38,950 --> 00:01:44,380

But if you're getting stuck this is the only way for you to debug and know what's happening.



23

00:01:44,890 --> 00:01:51,540

So I'm going to hit enter for this and it's asking me if I want to continue I'm going to say no because



24

00:01:51,540 --> 00:01:55,700

I like to always start from scratch especially if I didn't make any progress.



25

00:01:56,190 --> 00:02:02,530

And before I do that I'll get my command ready here and I'm going to hit enter here you go back here



26

00:02:02,550 --> 00:02:06,330

hit enter to associate and let's see what's happening.



27

00:02:09,410 --> 00:02:14,560

So I'm going to let this run for a little bit and then I'm going to Control-C out of it obviously because



28

00:02:14,560 --> 00:02:16,840

we know this is actually not going to work.



29

00:02:17,110 --> 00:02:22,030

And once we once we stop we're going to analyze the output and see what's happening.



30

00:02:22,030 --> 00:02:24,710

But as you can see it with using a lot of output.



31

00:02:24,850 --> 00:02:26,820

And that's why we usually don't use it.



32

00:02:26,860 --> 00:02:27,910

Should we be worried.



33

00:02:27,970 --> 00:02:32,010

Because if things are going well we actually don't need to see these messages.



34

00:02:33,770 --> 00:02:34,010

OK.



35

00:02:34,020 --> 00:02:36,480

And I think this is enough for us to know what's happening.



36

00:02:36,620 --> 00:02:41,590

So I'm just going to Control-C here and I'm getting Control-C in here.



37

00:02:42,730 --> 00:02:49,640

I'm going to bring this down a little bit so we can focus on the top so we can see the start here.



38

00:02:49,830 --> 00:02:52,560

We can see that it associated here with no problem.



39

00:02:52,560 --> 00:03:03,680

So that's all good and we can see this is the first pin that it's getting so 000 5 5 6 7 3 now it's



40

00:03:03,690 --> 00:03:06,060

sending the requests.



41

00:03:06,060 --> 00:03:10,820

And as you can see it's getting a time out error.



42

00:03:10,890 --> 00:03:13,110

Now let's keep going and see what's happening.



43

00:03:16,520 --> 00:03:23,910

Now we can see after sending the snack packets we're getting a message saying WPX transaction failed



44

00:03:24,230 --> 00:03:29,060

and it's going to try the last pin so it doesn't know whether this point is valid or not.



45

00:03:29,210 --> 00:03:35,480

So it's just going to try the exact same PIN again looking back at what's happening.



46

00:03:35,590 --> 00:03:42,400

The same thing happens that it sends a WASC nag and then again the same thing happens the transaction



47

00:03:42,430 --> 00:03:50,350

fails goes back to trying the same exact pin go down and say the same thing happening and it's still



48

00:03:50,350 --> 00:03:53,800

trying the same pin now.



49

00:03:54,150 --> 00:03:57,370

Looking at this let's look at the help.



50

00:03:57,450 --> 00:04:02,180

So let's do river dash dash help



51

00:04:05,130 --> 00:04:09,010

so show us all the options that we can use with the river.



52

00:04:09,740 --> 00:04:16,120

And if you look in here you'll see we have an option of capital and or dash dash no knocks.



53

00:04:16,300 --> 00:04:24,020

And what this does it tells River not to send NACC messages when out of order packets are received.



54

00:04:24,200 --> 00:04:30,560

Now looking at the output here at the way that river keeps receiving these packets and then it's repeating



55

00:04:30,560 --> 00:04:34,450

the same thing because it's sent in the WSC now.



56

00:04:34,880 --> 00:04:40,970

We can't try to tell the river not to send the snark and just keep trying and see if this actually fixes



57

00:04:40,970 --> 00:04:47,940

the problem because it looks like it's the WASC nak packet's that's causing rebirth to get stuck in



58

00:04:47,950 --> 00:04:48,700

this loop.



59

00:04:50,360 --> 00:04:56,840

So I'm going to run the exact same command again and this time we're either in one more argument and



60

00:04:56,840 --> 00:05:00,870

we're saying no no x.



61

00:05:01,090 --> 00:05:06,260

Ok so I'm going to hit enter again I'm going to say no to start from scratch and I'm going to prepare



62

00:05:06,260 --> 00:05:07,800

my command here.



63

00:05:07,910 --> 00:05:12,150

So Antar Antar and let's see what happens.



64

00:05:16,850 --> 00:05:21,440

Now reverse try and this spin which is 0 0 0 0 5 6 7 8.



65

00:05:21,860 --> 00:05:23,780

Let's see if the next pin is going to be different.



66

00:05:23,780 --> 00:05:28,310

Now I already know the spin is different than the first one because I noticed the first one but let's



67

00:05:28,310 --> 00:05:28,920

see.



68

00:05:29,150 --> 00:05:31,730

And boom your next pin is different now.



69

00:05:31,760 --> 00:05:37,310

0 1 2 3 5 6 7 8 and again.



70

00:05:37,330 --> 00:05:38,780

And you pin.



71

00:05:38,830 --> 00:05:44,790

So we're doing 1 1 1 5 670 and perfect So so far.



72

00:05:44,850 --> 00:05:50,310

River has tried four pins and it's actually making progress so we're not stuck at where we were where



73

00:05:50,520 --> 00:05:58,080

we managed to bypass the zero x 2 ends your x 3 issues and now we can just let weever work and brute



74

00:05:58,080 --> 00:06:00,540

force the password for me.



75

00:06:00,540 --> 00:06:06,690

Now it detected a period delimiting which is another issue that I'm going to cover later but for now



76

00:06:06,990 --> 00:06:12,540

we managed to bypass the Zura x 2 and 0 x 3 issue.



77

00:06:13,050 --> 00:06:20,700

So the take home lesson from this lecture is you can do with the minus v v v to debug and see exactly



78

00:06:20,700 --> 00:06:22,380

what's happening in the background.



79

00:06:22,590 --> 00:06:28,320

You can do dash dash help to see the options and we see how we can use the known acts to bypass the



80

00:06:28,320 --> 00:06:32,340

0 x 2 0 x 3 issues.



81

00:06:32,340 --> 00:06:37,560

Now I want to note that each of these issues now with the router I have right now is a very stubborn



82

00:06:37,560 --> 00:06:38,030

one.



83

00:06:38,310 --> 00:06:44,160

So probably you might not face all of these issues that I'm covering now in a router for example you



84

00:06:44,160 --> 00:06:49,560

might face the issue that I covered previously about the association but everything will run smoothly



85

00:06:49,560 --> 00:06:50,460

after that.



86

00:06:50,700 --> 00:06:53,600

Or maybe you could associate with no problem.



87

00:06:53,610 --> 00:06:59,400

You won't need to manually associate but you'll get stuck after that and you'll have to run v.v see



88

00:06:59,400 --> 00:07:02,690

what's happening and then maybe use no knocks like I showed you.



89

00:07:03,210 --> 00:07:09,300

Or maybe you won't face any of these issues and you might jump straight to the rate limiting issue that



90

00:07:09,300 --> 00:07:10,360

we're getting right now.



91

00:07:10,460 --> 00:07:12,690

I said I'm going to cover later.



92

00:07:12,690 --> 00:07:18,860

So each of these issues I'm putting them in a different lecture because you might only face one of them.



93

00:07:19,290 --> 00:07:24,210

And obviously there might be the case where you face two or three of them like I'm showing you right



94

00:07:24,210 --> 00:07:24,770

now.



95

00:07:25,050 --> 00:07:28,250

But the idea is you might actually only face one of these.



96

00:07:28,440 --> 00:07:33,750

And I want you to understand how to bypass each one of these issues individually instead of just giving



97

00:07:33,750 --> 00:07:38,880

you along River command that will bypass or that will try to bypass most issues.