This file is indexed.

/usr/share/doc/reaver/README.REAVER is in reaver 1.4-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
REAVER USAGE

        Usually, the only required arguments to Reaver are the interface name and the BSSID of the target AP:

                # reaver -i mon0 -b 00:01:02:03:04:05

	It is suggested that you run Reaver in verbose mode in order to get more detailed information about
	the attack as it progresses:

		# reaver -i mon0 -b 00:01:02:03:04:05 -vv

        The channel and SSID (provided that the SSID is not cloaked) of the target AP will be automatically
        identified by Reaver, unless explicitly specified on the command line:

                # reaver -i mon0 -b 00:01:02:03:04:05 -c 11 -e linksys

        Since version 1.3, Reaver implements the small DH key optimization as suggested by Stefan which can
        speed up the attack speed:

                # reaver -i mon0 -b 00:01:02:03:04:05 --dh-small

        By default, if the AP switches channels, Reaver will also change its channel accordingly. However,
        this feature may be disabled by fixing the interface's channel:

                # reaver -i mon0 -b 00:01:02:03:04:05 --fixed

	When spoofing your MAC address, you must set the desired address to spoof using the ifconfig utility,
	and additionally tell Reaver what the spoofed address is:

		# reaver -i mon0 -b 00:01:02:03:04:05 --mac=AA:BB:CC:DD:EE:FF

	The default receive timeout period is 5 seconds. This timeout period can be set manually if necessary
        (minimum timeout period is 1 second):

                # reaver -i mon0 -b 00:01:02:03:04:05 -t 2

        The default delay period between pin attempts is 1 second. This value can be increased or decreased
        to any non-negative integer value. A value of zero means no delay:

                # reaver -i mon0 -b 00:01:02:03:04:05 -d 0

        Some APs will temporarily lock their WPS state, typically for five minutes or less, when "suspicious"
        activity is detected. By default when a locked state is detected, Reaver will check the state every
        315 seconds (5 minutes and 15 seconds) and not continue brute forcing pins until the WPS state is unlocked.
        This check can be increased or decreased to any non-negative integer value:

                # reaver -i mon0 -b 00:01:02:03:04:05 --lock-delay=250

        The default timeout period for receiving the M5 and M7 WPS response messages is .1 seconds. This
        timeout period can be set manually if necessary (max timeout period is 1 second):

                # reaver -i mon0 -b 00:01:02:03:04:05 -T .5

        Some poor WPS implementations will drop a connection on the floor when an invalid pin is supplied
        instead of responding with a NACK message as the specs dictate. To account for this, if an M5/M7 timeout
        is reached, it is treated the same as a NACK by default. However, if it is known that the target AP sends
        NACKS (most do), this feature can be disabled to ensure better reliability. This option is largely useless
        as Reaver will auto-detect if an AP properly responds with NACKs or not:

                # reaver -i mon0 -b 00:01:02:03:04:05 --nack

        While most APs don't care, sending an EAP FAIL message to close out a WPS session is sometimes necessary.
        By default this feature is disabled, but can be enabled for those APs that need it:

                # reaver -i mon0 -b 00:01:02:03:04:05 --eap-terminate

        When 10 consecutive unexpected WPS errors are encountered, a warning message will be displayed. Since this
        may be a sign that the AP is rate limiting pin attempts or simply being overloaded, a sleep can be put in
        place that will occur whenever these warning messages appear:

                # reaver -i mon0 -b 00:01:02:03:04:05 --fail-wait=360