Xiaopan OS is a small Tiny Core Linux based operating system specific for wireless penetration testing, it comes with the XFE desktop environment, a very lightweight graphical front end, the distribution can run as a live CD, from a USB thumbdrive with Unetbootin or used inside a virtual machine. Numerous wireless card controllers are supported, including Atheros and Broadcom, the most widely used chipsets. As a result of the distribution being based on Tiny Core Linux all of the .tcz precompiled packages available for Tiny Core can be installed in Xiopan using the TCL Appbrowser, non hacking utilities like games, media player, CD burner, VoIP software and Truecrypt can all be optionally added to Xiopan OS.
To crack WPA/WPA2 encryption keys a tool called Reaver-wps is used , the software attacks a router Wifi Protected Setup registrar PINs, this feature comes in many routers for easy set up and it has a hard coded Personal Identification Number tied to the device, by exploiting this Reaver can find out the WPA/WPA2 password, dictionary lists in multiple languages can be downloaded from Xiopan forums.
After first scanning for the target wireless access point and gathering information like SSID, encryption mode and channel you can launch Reaver brute force attack, the screen will show you real time cracking in progress, it can take up to ten hours to find out the wireless password, or much less depending on how complex encryption and password are, factors for hacking success will involve if your wireless network card supports injection and distance to the attacked Wifi access point, some routers are more vulnerable to injection than others. You can protect your network against brute force attacks with Mac filtering, however the distribution includes other hacking tools like Inflator, Mindiwep, Aircrack-ng and Feeding Bottle, Mac spoofing is possible.
This Linux live CD is first class penetration testing tool to audit wireless access points security and replaces Beini, a very similar distribution no longer active. Xiaopan is easy to use for beginners thanks to its graphical interface, much lighter than Backtrack, the main problem you can come across with this distribution is that your wireless network card might not be recognised, if that happens it can help troubleshooting looking at what drivers are being loaded inside the tce and cde folders and knowing your network card chipset.
If you want to protect against Reaver attacks you should disable Wifi Protected Setup in your router, unfortunately many of them do not allow you to do this manually, the other option is to use an open source router firmware like DD-WRT, it does not support WPS and Reaver can do nothing against it.