|
1 | 1 | # esp8266_deauther |
2 | | -ESP8266 deauther |
| 2 | +WiFi deauther |
| 3 | +Build your own WiFi jammer for under $10 with an ESP8266. |
| 4 | + |
| 5 | +##### Introduction ##### |
| 6 | +#What it is: |
| 7 | + |
| 8 | +Basically it’s a device which performs a deauth attack. |
| 9 | +You select the clients you want to disconnect from their network and start the attack. As long as the attack is running, the |
| 10 | +selected clients are not able to connect to the network. |
| 11 | + |
| 12 | +# How it works: |
| 13 | + |
| 14 | +The 802.11 WiFi protocol contains a so called deauthentication frame. It is used to disconnect clients safely from a wireless |
| 15 | +network. |
| 16 | + |
| 17 | +For example your smartphone will send such a frame to its connected network when you turn the WiFi off. The router then knows that |
| 18 | +you are no longer a part of the network and stops sending you packets. |
| 19 | + |
| 20 | +When you just get out of the range of your WiFi network, the router wouldn’t notice it and would send you data and wait for your |
| 21 | +answer. After some time you get a timeout and the router kicks you off the network anyway. But for the sake of resources and to |
| 22 | +prevent errors, these packets were invented. |
| 23 | + |
| 24 | +Because they are unencrypted, you just need the mac address of the WiFi router and of the client device which you want to |
| 25 | +disconnect from the network. You don’t even have to be in the network or know the password, it’s enough to be in its range. |
| 26 | + |
| 27 | +# What an ESP8266 is: |
| 28 | + |
| 29 | +The ESP8266 a very cheap micro controller with build in WiFi. It contains a powerfull 160 MHz processor and you can program it |
| 30 | +with the Arduino IDE. This makes it perfect for this project. |
| 31 | + |
| 32 | +You can buy these chips for under $2 from China. But I recommend you to buy one of the USB breakout/developer boards. |
| 33 | +It doesn’t matter which board you use, as long as it has an ESP8266 on it. |
| 34 | + |
| 35 | +# How to protect yourself: |
| 36 | + |
| 37 | +With 802.11w-2009 WiFi got an update to encrypt management frames. |
| 38 | +So make sure your router is up to date and has management frame protection enabled. But be sure that your client device |
| 39 | +supports it too, both ends need to have it enabled! |
| 40 | + |
| 41 | +The only problem is that most devices don’t use it. I tested it with different WiFi networks and client devices now |
| 42 | +and it worked every time. It seems that even newer devices which support frame protection, don’t use it by default. |
| 43 | +Disclaimer |
| 44 | + |
| 45 | +Use it only for testing purposes on your own devices! |
| 46 | + |
| 47 | +Please check the legal regulations in your country before using it. Jamming transmitters are illegal in most countries |
| 48 | +and this device can fall into the same category (even if it’s technically not the same). |
| 49 | + |
| 50 | +My intention with this project is to draw attention to this issue. |
| 51 | +This attack shows how vulnerable the 802.11 WiFi standard is and that we need to fix it. |
| 52 | +A solution is already there, why don’t we use it? |
| 53 | + |
| 54 | +##### Tutorial ##### |
| 55 | + |
| 56 | +coming soon :) |
| 57 | + |
| 58 | +#### Sources and additional links #### |
| 59 | + |
| 60 | +deauth attack: https://en.wikipedia.org/wiki/Wi-Fi_deauthentication_attack |
| 61 | +deauth frame: https://mrncciew.com/2014/10/11/802-11-mgmt-deauth-disassociation-frames/ |
| 62 | +ESP8266: https://de.wikipedia.org/wiki/ESP8266 |
| 63 | +https://espressif.com/en/products/hardware/esp8266ex/overview |
| 64 | + |
| 65 | +packet injection with ESP8266: http://hackaday.com/2016/01/14/inject-packets-with-an-esp8266/ |
| 66 | +http://bbs.espressif.com/viewtopic.php?f=7&t=1357&p=10205&hilit=wifi_pkt_freedom#p10205 |
| 67 | +https://github.com/pulkin/esp8266-injection-example |
| 68 | + |
| 69 | +802.11w-2009: https://en.wikipedia.org/wiki/IEEE_802.11w-2009 |
0 commit comments