Close
0%
0%

Wifi Hacking using ESP8266

Based on
NodeMCU ESP8266 Lua multi-mode WiFi hacking kit

Similar projects worth following
Build your own WiFi jammer with an ESP8266. You select the clients you want to disconnect from their network and start the attack. As long as the attack is running, the selected devices are unable to connect to their network. You can scan for networks, scan for client devices, and start different attacks. For more advanced version visit instructables.com/id/WiFi-Jammer-Using-ESP8266/

ESP8266 Deauther

Build your own WiFi jammer with an ESP8266.

Introduction


What it is

It’s a device which performs a deauth attack.
You select the clients you want to disconnect from their network and start the attack. As long as the attack is running, the selected devices are unable to connect to their network.

How it works

The 802.11 WiFi protocol contains a so called deauthentication frame. It is used to disconnect clients safely from a wireless network.

Because these packets are unencrypted, you just need the mac address of the WiFi router and of the client device which you want to disconnect from the network. You don’t need to be in the network or know the password, it’s enough to be in its range.

What an ESP8266 is

The ESP8266 is a very cheap micro controller with build in WiFi. It contains a powerfull 160 MHz processor and you can program it with the Arduino IDE. This makes it perfect for this project.

Disclaimer

Use it only for testing purposes on your own devices!

Please check the legal regulations in your country before using it. Jamming transmitters are illegal in most countries and this device can fall into the same category (even if it’s technically not the same).

My intention with this project is to draw attention to this issue. This attack shows how vulnerable the 802.11 WiFi standard is and that it has to be fixed.

Installation

The only thing you will need is a computer and an ESP8266 with at least 1Mb of flash memory.

I recommend you to buy a USB breakout/developer board, because they have 4Mb flash and are very simple to use. It doesn’t matter which board you use, as long as it has an ESP8266 on it.
(If you using an ESP-01 with just 512kb, you can comment out the mac vendor list in data.h.)

1 Install Arduino and open it.

2 Go to File > Preferences

3 Add http://arduino.esp8266.com/stable/package_esp8266com_index.json to the Additional Boards Manager URLs. (source: https://github.com/esp8266/Arduino)

4 Go to Tools > Board > Boards Manager

5 Type in esp8266

6 Select version 2.0.0 and click on Install (must be version 2.0.0!)

screenshot of arduino, selecting the right version

7 Go to File > Preferences

8 Open the folder path under More preferences can be edited directly in the file

9 Go to packages > esp8266 > hardware > esp8266 > 2.0.0 > tools > sdk > include

10 Open user_interface.h with a text editor

11 Scroll down and before #endif add following lines:

typedef void (*freedom_outside_cb_t)(uint8 status);
int wifi_register_send_pkt_freedom_cb(freedom_outside_cb_t cb);void wifi_unregister_send_pkt_freedom_cb(void);
int wifi_send_pkt_freedom(uint8 *buf, int len, bool sys_seq);

don't forget to save!

12 Go to the SDK_fix folder of this project

13 Copy ESP8266WiFi.cpp and ESP8266WiFi.h

14 Past these files here

packages > esp8266 > hardware > esp8266 > 2.0.0 > libraries > ESP8266WiFi > src

15 Open esp8266_deauther > esp8266_deauther.ino in Arduino

16 Select your ESP8266 board at Tools > Board and the right port at Tools > PortIf no port shows up you may have to reinstall the drivers.

17 Upload! Note: If you use a 512kb version of the ESP8266, you need to comment out a part of the mac vendor list in data.h. Your ESP8266 Deauther is now ready!

Checkout github.com and https://hackelectro.wordpress.com/ for more details.

octet-stream - 532.92 kB - 03/08/2017 at 22:29

Download

x-zip-compressed - 1.41 MB - 03/08/2017 at 22:27

Download

View all 2 files

  • 1 × NodeMCU ESP8266 IoT board In fact any ESP8266 with memory above 1 Mb will work.

  • FAQ-Updated

    Tejas Lotlikar03/08/2017 at 22:48 0 comments

    FAQ

    Could it auto-deauth all APs in the range?

    Yes, but I will not implement this 'feature' for ethical and legal reasons.

    Can it sniff handshakes?

    The ESP8266 has a promiscuous mode in which you can sniff packets, but handshake packets are dropped and there is no other way to get them with the functions provided by the SDK.Maybe someone will find a way around this barrier but I wasn't able to.

    espcomm_sync failed/espcomm_open when uploading

    The ESP upload tool can't communicate with the chip, make sure the right port is selected!You can also try out different USB ports and cables.If this doesn't solve it you may have to install USB drivers.Which drivers you need depends on the board, most boards use a cp2102, cp2104 or ch340.

    AP scan doesn't work

    There is a reported issue on this: switching the browser or open the website with another device.A

    Deauth attack won't work

    If you see 0 pkts/s on the website you have made a mistake. Check if you have followed the steps correctly and that the right SDK installed, it must be version 2.0.0!If it can send packets but your target don't loose its connection then the WiFi router uses 802.11w and it's protected against such attacks or they communicate via 5 GHz WiFi, which the ESP8266 doesn't support.

    If you have other questions or problems with the ESP8266 you can also check out the official community forum.

    License

    This project is licensed under the MIT License - see the license file present in for details

  • FAQ

    Tejas Lotlikar02/27/2017 at 19:00 0 comments

    Could it deauth multiple APs in the range?

    It definitely could! But I will not implement this 'feature' for ethical and legal reasons.

    Can it sniff handshakes?

    The ESP8266 has a promiscuous mode in which you can sniff nearly all packets, but handshake packets are dropped and there is no other way to get them with the functions provided by the SDK.
    Maybe someone will find a way around this barrier but I wasn't able to.

    espcomm_sync failed/espcomm_open when uploading

    The ESP upload tool can't communicate with the chip, make sure the right port is selected!
    You can also try out different USB ports and cables.
    If this doesn't solve it you may have to install USB drivers.
    Which drivers you need depends on the board, most boards use a cp2102, cp2104 or ch340.

    Deauth attack won't work

    If you see 0 pkts/s on the website you have made a mistake. Check if you have followed the the installation steps correctly and that the right SDK installed, it must be version 2.0.0!
    If it can send packets but your target don't loose its connection then the WiFi router uses 802.11w and it's protected against such attacks or they communicate via 5 GHz WiFi, which the ESP8266 doesn't support.

    If you have other questions or problems with the ESP8266 you can also check out the official community forum.

    License

    This project is licensed under the MIT License - see the license file file for details

View all 2 project logs

  • 1

    How to use it

    First start your ESP8266 by giving it power. You can do so by connecting it to power bank, or the USB adaptor.

    You can use your smartphone if you have a USB OTG cable. esp8266 deauther with a smartphone

  • 2

    Scan for WiFi networks and connect to pwned. The password is deauther.
    Once connected, you can open up your browser and go to 192.168.4.1.

    You can now scan for networks... webinterface AP scanner

  • 3

    scan for client devices...webinterface client scanner

View all 4 instructions

Enjoy this project?

Share      

Discussions

madhavanmaddy wrote 5 hours ago point

Cool project mate!!

  Are you sure? yes | no

Tejas Lotlikar wrote 03/08/2017 at 22:38 point

Good news for you all guys. Please flash the NodeMCU firmware with the firmware which is available for download above. This project will work only with the above firmware. Also the code and the steps are updated. please check it. I have submitted this project for microcontroller projects contest at instructables. please vote me for the same. URL: https://www.instructables.com/id/WiFi-Jammer-Using-ESP8266/

  Are you sure? yes | no

vcch wrote 03/05/2017 at 17:12 point

Status is 0 pkts/s...

  Are you sure? yes | no

Tejas Lotlikar wrote 03/05/2017 at 20:41 point

If you see 0 pkts/s on the website you have made a mistake. Check if you have followed the the installation steps correctly and that the right SDK installed, it must be version 2.0.0!
If it can send packets but your target don't loose its connection then the WiFi router uses 802.11w and it's protected against such attacks or they communicate via 5 GHz WiFi, which the ESP8266 doesn't support.
If you have other questions or problems with the ESP8266 you can also check out the official community forum.

  Are you sure? yes | no

vcch wrote 03/05/2017 at 20:45 point

WIth 2.0.0, it doesnt even find the APs on a wemos D1 mini.

  Are you sure? yes | no

vcch wrote 03/05/2017 at 17:09 point

On wemos D1, when i used esp libe 2.0.0 it does not find any network. If i use 2.3, it finds them, but deauth attack is not working - only fake ssids

  Are you sure? yes | no

Tejas Lotlikar wrote 03/05/2017 at 20:43 point

please update NodeMCU  firmware 

  Are you sure? yes | no

vcch wrote 03/05/2017 at 21:49 point

Yes I did it too. Just installed the lastest nodemcu firmware. When connected to the serial port i only get a message telling me AP pwned is started. then I can connect to it, but when I scan i get no network. If i use the 2.3 version of esp8266, i can find all the APs but the deauth is not working...

  Are you sure? yes | no

vcch wrote 03/05/2017 at 22:15 point

Same if i use nodemcu 1.0 board instead of wemos. 

  Are you sure? yes | no

vcch wrote 03/05/2017 at 22:16 point

Do you have a link to the firmware you used ? I should flash the same to make it work...

  Are you sure? yes | no

Tejas Lotlikar wrote 02/28/2017 at 19:02 point

first flash the Wemos d1 mini with latest nodemcu firmware. it should work perfect

  Are you sure? yes | no

Kevin van de'n Broek wrote 02/28/2017 at 07:31 point

Running this on me Wemos d1 mini makes it crash when scanning for network's,  sadly

  Are you sure? yes | no

Does this project spark your interest?

Become a member to follow this project and never miss any updates