قالب وردپرس درنا توس
Home / Tips and Tricks / How to scan, fake and attack Wi-Fi networks with the ESP8266-based WiFi Deauther «Zero Byte :: WonderHowTo

How to scan, fake and attack Wi-Fi networks with the ESP8266-based WiFi Deauther «Zero Byte :: WonderHowTo



The price of hacking Wi-Fi has dropped dramatically, and low-cost microcontrollers are increasingly turning into inexpensive, yet powerful hacking tools. One of the most popular is the ESP8266, an Arduino programmable chip on which the Wi-Fi Deauther project is based. On this cost-effective board, a hacker can create fake networks, clone real networks, or disable all wireless in a range from a smooth web interface.

The Rise of Microcontrollers as Offense WLAN Tools

Wi-Fi hackers usually rely on a few hardware components to perform the trick. First, you need a computer that can run any attack program you want to use. Second, you need a wireless network adapter with a chipset that supports the bad Wi-Fi you're trying. This could be expensive, as the cheapest combination of a Raspberry Pi and a wireless network adapter still starts at around $ 70.

For much less, microcontrollers are able to make many of the same attacks bigger and more expensive raspberry Pi can. Although a microcontroller is not capable of running a full operating system like Kali Linux, it is often easier to use due to the ease of programming. This is made even easier by the fact that these microcontrollers can be programmed into the popular Arduino IDE, so projects can be easily shared.

While Wi-Fi-enabled microcontrollers such as the ESP8266 do not officially support attacking Wi-Fi networks, the old SDK allows a hacker to manually create packets, emulating many types of useful packets. For this reason, the CS student and chicken in space Stefan "Space Chicken" Kremser created the Wi-Fi Deauther, a program for the ESP8266, which allows a series of impressive Wi-Fi attacks.

The ESP8266 Deauther Program

The most useful packages that the Wi-Fi Deauther can create are Deauthentication and Disable Packages. These special packages are often misused because they are not authenticated. This means that anyone in a network can send it to everyone else while pretending that the messages come from the router. When a device on the Wi-Fi network receives the packet, the connection is immediately disconnected from the network. The Wi-Fi-Deauther does this over and over again and spamming connected devices with "disconnect" messages. This results in a "congestion" effect on the network, as devices can not connect quickly enough to avoid instant rejection.

This is not the only trick the Deauther program has up its sleeve. It can also search for nearby access points and connected devices and clone any existing Wi-Fi network. It can also generate dozens of fake Wi-Fi networks with arbitrary names, monitor channels for device-to-device traffic, and do it all from a smart integrated web interface, similar to a Wi-Fi pineapple. [19659004] The Wi-Fi Deauther program can run on almost any ESP8266-based development board, including NodeMCU, D1 Mini, and others. These boards are cheap and can vary from $ 2 to $ 6 depending on the manufacturer. They allow anyone to start hacking Wi-Fi.

Although the cheapest boards are a good start, they lack a few things that make Deauther much more useful. The simplest and cheapest boards have no screen, no buttons or controls, and no indicators to know what's going on when you just look at the device. To control this you need to log in to the web interface or buy and connect the hardware yourself.

The ESP8266 Deauther Board

Fortunately, Spacehuhn has teamed with a board maker to create their own ESP8266-based development board for security projects. This version of the ESP8266 offers options that can be explored using a (somewhat fragile) selector that scrolls through the menu options of an OLED display. Any external antenna can be mounted on the board, has an RGB LED to indicate the mode in which the device is located and can be connected either directly to a LiPo battery or to a USB power source.

Image of Kody / Null Byte

After turning on the custom board, you can easily scroll through the options to the Manual operation of the board. This is a leg on the Raspberry Pi that tells you almost nothing when you connect it without a screen. With just one battery, you can power the Deauther board, select a target, and launch an attack without the need for a display or control device, as is often the case with devices like the Pi Zero W.

Case is. Due to low-cost reliability issues and the many hardware benefits offered by the official board, I recommend the official DSTIKE version to anyone who wants to try this project, which costs $ 12. There are some copycat versions on Amazon, but they usually cost more and could come from low-cost suppliers. Although this is possible with a cheap NodeMCU, you will need a second device to log in and control the device.

What you need

To get started with the Wi-Fi Deauther project, you need an ESP8266-based development board. The best way to track the project and get updates on the software is to purchase the original board design from Tindie. This project should work with the following cards designed by Spacehuhn:

All of these cards are unique and come with different hardware, but all are based on the ESP8266 and all work with the Wi-Fi Deauther program. In addition, the purchase supports the researchers behind the program and gives you access to advanced hardware features that make the board more useful without the need for a second device to control it.

There are [draft] Drawbacks to designs For less or even more available, they often do not use the same hardware or cheaper manufacturing techniques, resulting in frustrating errors that add up over time.

True and fake Deauther boards for comparison. Image of Spacehuhn's Github

If you have a budget and want to use a device without a screen, you can do this project inexpensively with one of the following maps. For more information on the types of boards that will work for this project, please visit the Spacefoot GitHub page.

There are several versions of NodeMCU, but only version 1.0 works well on a breadboard. The V3 is not so good for this project. Image of Spacehuhn's GitHub

Apart from the board, you need a computer or a smartphone with Wi-Fi to connect to the board-created network. You will need a microUSB power cable and a power source, such as a battery, to which you can connect the device. If you have a computer or smartphone to control the Deauther, with a micro USB cable and power source, and a network to test the Deauther for, you can get started.

Step 1: Get Your Board Ready

If you have the original board, it should be preinstalled with the latest Wi-Fi Deauther program. You should be able to turn on the card by plugging it into a USB power source and scrolling through the menu options with the screen and selector switch. However, be careful with the selector switch as it tends to solder off the board and requires some basic soldering skills to re-attach it.

Proceed to step 2 if you are using the original Deauther board. If not, you'll need to take a few steps to get started. First, download and install the Arduino IDE. When you have done that, you will need to click on the "Arduino" or "File" drop-down menu and then select "Preferences" from the displayed menu. Next, click the double-pane next to the field Additional Boards Manager URLs and paste each of the following URLs into a row. Once this is done, click "OK" to save and then "OK" again to close the menu.

  http://arduino.esp8266.com/stable/package_esp8266com_index.json
http://phpsecu.re/esp8266/package_deauther_index.json[19659031lovely719659031NowSimplyaddtheboardtotheyouusingthe Boards Manager . To do this, you must click on "Tools" and then point over the "Board" section to display the drop-down list of supported boards. Click on "Boards Manager" above to open the window where you can add more boards. 

When the Boards Manager window opens, type "esp8266" in the search bar. Select "arduino-esp8266-deauther" and "esp8266" and install them to add support for the card to the Arduino IDE.

Once this is done, you should be ready to program your board. Plug your ESP8266-based board into your computer. If you click on "Tools", the correct port should be selected automatically. If not, click on the "Board" option and select the correct port under Deauther Modules .

If you are using a faulty cable, the port may not be displayed. If you do not see anything after the other steps, try another cable. If you still do not see anything, there is a good chance that you will need to install a driver, which is common on cheap knockoff boards.

Now let's download the code to the ESP8266-based Deauther board. Clone the repository with the following command, and then move the esp8266_deauther folder to the Arduino folder.

  git clone https://github.com/spacehuhn/esp8266_deauther.git[19659031>WennderDownloadabgeschlossenistöffnenSieihndieDatei"esp8266_deautherino"mitArduinoausdemOrdner"Arduino"ÜberprüfenSieIhreUpload-EinstellungenumsicherzustellendassIhrBoardrichtigausgewähltistunddrückenSieUploadumdasProgrammandasESP8266-Gerätzusenden!

Schritt 2: Look for the Control Access Point [19659003] Once your Wi-Fi Deauther board is powered up you should not need a screen to interact with it. Although it's convenient to have a display to see what's going on, we can also rely on the web interface to control the ESP8266 device.

These chips are amazing as they can join with the ability to be used in many Wi-Fi modes or even become your own Wi-Fi network. If you are looking at a smartphone or a computer, a Wi-Fi network called "pwned" should be displayed nearby. This is a network created by our Deauther board.

To access it, connect to the Wi-Fi network and enter the password "deauther" to log in. You can then navigate to the default IP address 192.168.4.1 in a browser window, or simply enter deauth.me to access the web interface that the Deauther board creates.

Now you agree with the hint that asks you to do nothing bad with this project. If you agree, you will have access to the control interface for the device.

Step 3: Scanning the Area

Let's first examine the area around us. The first page you are on is the "Scan" page, where the results are broken up into a few easy-to-understand categories. First, there are access points. This will give you a list of all devices that advertise for a Wi-Fi network within range.

Further down the list, you'll find information about devices connected to a network and the network they're connected to , You can select the Add button to save a specific device or network in your destination list. Here we choose "Spot 2.4 Ghz" as the network we want to target.

If you have selected a network You can go to the SSIDs menu by clicking the menu link in the top left corner of the screen Click on the screen.

Step 4: Select Destination Networks

You will be presented in the "SSIDs" section You will be able to clone networks, create fake networks or just roll them all.

The top box is for specifying each fake network we want to create. This includes the SSID or network name, regardless of whether the network uses WPA security or not, and how many networks you want to create.

] If you previously selected an access point, you can click Clone Selected APs to create clones of the destination network. There is also a module to generate random SSIDs, including several that contain only the lines to " Never Gonna Give You Up"

. In the screenshot below, we've cloned the network many times, making it hard to find the right network.

Step 5: Start an Attack

Now let's review the attacks we witnessed in the "Attacks." Menu. Here we can see three main types of attacks.

To start the Deauthentication Attack, ensure that you are in a location where only networks are within range for that you have permission to attack. When done, click on the "Start" button next to the attack "Deauth". If you believe the Wi-Fi devices in your area have been properly punished, click "Stop" to stop the attack.

The original Wi-Fi Deauther card also offers the possibility to add an external antenna. In this way it is possible to extend or change the range of the device by adding a directional antenna .

Step 6: Adjust settings

Now we've investigated the main attacks You can also configure the map from the Settings tab at the top left of the screen. Clicking on this will bring up a menu page where you can change, for example, the name of the network used to communicate with the card, the password and the channel on which the device sends its network.

You can also find an option to create a "hidden" network that may be connected to the network seems more secret. In fact, every device you connect to a hidden network calls the name of the network each time the Wi-Fi is turned on, which makes your phone easier to find. You know that the sender does not send its network name, so it's yours Device, always ask if it is located nearby.

You can customize the settings as you like, but do not disable Wi-Fi Portal and the serial connection at the same time. When you do this, you have no way to communicate with the board. So make sure you have at least one enabled option so you can access it again.

Once you've updated your password and the name of your Wi-Fi command The Wi-Fi network lets you use the Wi-Fi Deauther anywhere, from any device. If you made changes to the menu or other settings, press "Save" and "Reload" to apply the changes you have made.

Microcontrollers Are Cheap, Efficient Cyber ​​Weapons

The Raspberry Pi is revolutionary in that it gives anyone who can afford a $ 35 board access to powerful hacker tools. With the Wi-Fi Deauther board, the limits of what's possible with cost-effective Wi-Fi hardware has been extended even further than previously.

While microcontrollers do not provide a full operating system that works like a raspberry Pi, the powerful attacks that they are capable of alone make them more than worthwhile. While the Wi-Fi Deauther board can not capture the numerous WPA handshakes it creates near networks, it's an ideal companion to picking up WPA handshakes in Kali to crack later.

I hope you enjoyed this guide to the Wi-Fi Deauther project! If you have questions about this tutorial on the Wi-Fi Deauther board, leave a comment and contact me on Twitter @KodyKinzie .

Don & # 39; t Miss: Capturing WPA Passwords Through Targeted Attacks Against Fluxion Attack Users

Cover Picture and Screenshots of Kody / Null Bytes (unless stated otherwise)

Source link