Creating a lot of fake access points
Technically it does not create any access points, but if you list the available access points with your phone or computer you will see a really a lot of them all with a random name and no encryption. The ESP8266 does it with sending beacon frames, similarly to the ones routers are using to advertise their wifi network. The original blogpost I was using is here: http://ruralhacker.blogspot.it/2016/01/esp8266-jamming.html and the code is here: https://github.com/kripthor/WiFiBeaconJam It was working for me flawlessly.Disconnecting everyone from the wifi
There is a known attack against wifi networks: it is pretty easy to forge a deauth packet in the name of the access point and send it to the clients, and they will drop the connection (and usually try to reconnect). I was using this code from github: https://github.com/RandDruid/esp8266-deauth but it took me a while to make it work.The problem is, that the developers of ESP8266 do not really want us to send these type of packages with the module. They (accidentally) added the functionality in SDK v1.3.0 but they removed it in v1.5.0. So we have to use v1.3.0. To do this with the Arduino IDE I did the followings:
- I used a freshly downloaded Arduino 1.6.5
- Then I added the staging version of esp8266 to Board Manager (more info: https://github.com/esp8266/Arduino)
- I installed the ESP8266 boards version 2.1.0-rc2 from the Board Manager. The version is really important, because they use the SDK v1.3.0.
- Then I edited the user-interface.h, because although the functionality is presented in the binaries of the SDK, it is not included in the header files. The user-interface.h was under ~/.arduino15/packages/esp8266/hardware/esp8266/2.0.0-rc2/tools/sdk/include/user_interface.h (I'm using Ubuntu).
I simply added the following lines to the end of the file (before the #endif):
typedef void (*freedom_outside_cb_t)(uint8 status);
int wifi_register_send_pkt_freedom_cb(freedom_outside_cb_t cb);
void wifi_unregister_send_pkt_freedom_cb(void);
int wifi_send_pkt_freedom(uint8 *buf, int len, bool sys_seq);
I have also tried to run the improved version using 2 ESP8266 module (https://github.com/RandDruid/esp8266-deauth2), but I couldn't make it work so far.
Hi,
ReplyDeleteSorry I'm very new with programming.
How to see it works?
I cannot see anything on serial monitor.
Hello,
Deletewhich one do you mean?
The first (fake access points) can be checked if you search for wifi with your phone or computer. You should see a lot of random wifi networks displayed.
For the second one (disconnecting everyone from the wifi) just simply connect to the wifi with your phone and it should be disconnected.
I can't make it working. Compiled and updated the user interface h. However seems not to deauth clients unless from time to time they loose a packet or quickly disconnect once. But it is not reliable at least for me but followed instructions
ReplyDeleteArduino: 1.8.2 (Windows 10), Board: "Generic ESP8266 Module, Serial, 80 MHz, 40MHz, DIO, 115200, 512K (64K SPIFFS), ck, Disabled, None"
ReplyDeletesketch\APScan.cpp: In member function 'bool APScan::start()':
APScan.cpp:15: error: 'i' was not declared in this scope
_ap.set(WiFi.BSSID(i)[0], WiFi.BSSID(i)[1], WiFi.BSSID(i)[2], WiFi.BSSID(i)[3], WiFi.BSSID(i)[4], WiFi.BSSID(i)[5]);
^
sketch\APScan.cpp: At global scope:
APScan.cpp:76: error: expected unqualified-id before 'if'
if (debug) Serial.println("scan done");
^
APScan.cpp:77: error: expected unqualified-id before 'return'
return true;
^
APScan.cpp:78: error: expected declaration before '}' token
}
^
exit status 1
'i' was not declared in this scope
This report would have more information with
"Show verbose output during compilation"
option enabled in File -> Preferences.
this is my problem, what can i do?