samdenty / wi-pwn Goto Github PK

View Code? Open in Web Editor NEW

1.5K 82.0 312.0 60.39 MB

ESP8266 firmware for performing deauthentication attacks, with ease.

License: Other

C++ 6.85% C 86.46% HTML 2.05% JavaScript 2.62% Java 0.48% Ruby 0.01% SCSS 1.52%

wifi arduino attack esp8266 deauth hack probe beacon board material-design

wi-pwn's Introduction

Wi-PWN

Sponsor this project
ESP8266 firmware for performing deauthentication attacks, with ease.

Fast & responsive Material Design UI, with optional dark mode
Integrated Deauth Detector (with full customization)
WiFi client mode - Access Wi-PWN on a WiFi network
Info page with total packets sent, uptime, memory usage, check for updates...
Easy to use translation engine - want to translate it to your own language? Simply go over here and ask!

Introduction
Installation
- Flashing with NodeMCU-Flasher
- Compiling with Arduino
How to use it
FAQ
License
Sources and additional links

Introduction

What is Wi-PWN

Wi-PWN is a firmware that performs deauth attacks on cheap Arduino boards. The ESP8266 is a cheap micro controller with built-in Wi-Fi. It contains a powerful 160 MHz processor and it can be programmed using Arduino.

A deauthentication attack is often confused with Wi-Fi jamming, as they both block users from accessing Wi-Fi networks.

How it works

The 802.11 Wi-Fi protocol contains a so called deauthentication frame. It is used to disconnect clients safely from a wireless network.

Because these management packets are unencrypted, you just need the MAC address of the Wi-Fi router and of the client device which you want to disconnect from the network. You don’t need to be in the network or know the password, it’s enough to be in its range.

How to protect against it

With the 802.11w-2009 updated standards, management frames are encrypted by default.

802.11w is rarely used in the real world as both the router and the client device need to support this standard, otherwise they won't be able to connect to the routers.

Updating to the 802.11w standard is often expensive and difficult due to the vast devices of legacy devices not supporting the new standard. Because of the maintenance nightmare, over 95% of devices use the vulnerable 802.11 standard — even though newer devices support newer standards.

Installation

Requirements:

ESP8266 module (any board)
Micro-USB cable
Computer

I would recommend getting a USB breakout/developer board, mainly due to the 4Mb of flash and simplicity.

In order to upload the Wi-PWN firmware, you can use one of two methods. The first method is easier overall but using Arduino is better for debugging. YOU ONLY NEED TO DO ONE OF THE INSTALLATION METHODS!

Install the necessary drivers

There are two variants of UART converters that ESP8266 boards use:

CP210x	CH34x
Drivers	Drivers

Method 1: Flashing with NodeMCU-Flasher

Download the current release of Wi-PWN
Upload the .bin file using the nodemcu-flasher. Alternatively you can use the official esptool from espressif.
Connect your ESP8266 (making sure the drivers are installed) and open up the NodeMCU Flasher
Go to the Advanced tab and select the correct values for your board.
Navigate to the config tab and click the gear icon for the first entry.
Browse for the .bin file you just downloaded and click open.
Switch back to the Operation tab and click Flash(F).

Method 2: Compiling with Arduino

Download the source code of this project.
Install Arduino and open it.
Go to File > Preferences
Add http://arduino.esp8266.com/stable/package_esp8266com_index.json to the Additional Boards Manager URLs. (refer to https://github.com/esp8266/Arduino)
Go to Tools > Board > Boards Manager
Type in esp8266
Select version 2.0.0 and click on Install (must be version 2.0.0!)
Go to File > Preferences
Open the folder path under More preferences can be edited directly in the file
Go to packages > esp8266 > hardware > esp8266 > 2.0.0 > tools > sdk > include
Open user_interface.h with a text editor
Just before the last line #endif, add the following:

typedef void (*freedom_outside_cb_t)(uint8 status);
int wifi_register_send_pkt_freedom_cb(freedom_outside_cb_t cb);
void wifi_unregister_send_pkt_freedom_cb(void);
int wifi_send_pkt_freedom(uint8 *buf, int len, bool sys_seq);

Go to the arduino/SDK_fix folder of this project
Copy ESP8266Wi-Fi.cpp and ESP8266Wi-Fi.h to C:\Users\%username%\AppData\Local\Arduino15\packages\esp8266\hardware\esp8266\2.0.0\libraries\ESP8266WiFi\src
Open arduino/Wi-PWN/Wi-PWN.ino in Arduino
Select your ESP8266 board at Tools > Board and the right port at Tools > Port If no port shows up you need to reinstall the drivers, search online for chip part number + 'driver Windows'
Depending on your board you may have to adjust the Tools > Board > Flash Frequency and the Tools > Board > Flash Size. I used the 80MHz Flash Frequency, and the 4M (1M SPIFFS) Flash Size
Upload! CTRL-U

Note: If you use a 512kb version of the ESP8266, you need to comment out a part of the mac vendor list in data.h

How to use

Connect your ESP8266 to a USB power source (you can power it with your phone using an OTG cable)
Scan for Wi-Fi networks on your device and connect to Wi-PWN (no password by default).
Once connected, open up your browser and go to http://192.168.4.1
Click on ACCEPT to accept the Terms & Conditions
Specify a SSID and password for Wi-PWN to use and click on CONTINUE
Reconnect to the new network using the SSID & Password you specified in the previous step.
Go back to your browser and the page should reload (open http://192.168.4.1 again if the page doesn't reload)
Click on the Scan button to scan for Wi-Fi networks

Note: You may have to reconnect to the Wi-Fi network.
Select the WiFi network(s) you want to perform the attack on. Once finished, click on the Attack button
Select the attack you wish to perform

FAQ

Only able to connect to Wi-Fi network on some devices

This happens due to a channel conflict. Simply navigate to 192.168.4.1/settings.html on a device that is able to connect to the Wi-Fi network and change the Channel number from 1 to any number up to 14.

`espcomm_sync failed` / `espcomm_open` when uploading

The ESP upload tool can't communicate with the chip.

Reconnect the chip using a different USB port and cable.
Install the USB drivers (cp2102 or ch340).
Make sure the right COM port is selected.

SSID's wont load? (No clear button)

Try resetting the SSID list by visiting 192.168.4.1/clearSSID.json while connected to your ESP. If this doesnt solve your problem, ask for help in the official discord.

Deauth attack won't work

If you see 0 pkts/s on the website, then you've made a mistake. Check that you have followed the installation steps correctly and that the right SDK installed, it must be version 2.0.0! If it can send packets but your target doesn't lose its connection, then the Wi-Fi router either uses 802.11w and it's protected against such attacks, or it communicates on the 5GHz band, which the ESP8266 doesn't support because of its 2.4GHz antenna.

If you have other questions or problems with the ESP8266 you can also check out the official community forum.

wi-pwn's People

Contributors

Stargazers

Watchers

Forkers

seco brahmanggi rizupz teler vaginessa ericktedeschi awesome-pentest-gadgets archervfx nimajamin puppycodes adnanh tiagommourao laborjag ffanez tehdolan-duck matsukii cracdev dietmar-franken drmacsoft pranavlathigara dpinse 15124585561 yashraj0077 ashishverma2614 harayz hitmanzero kingdevnl pingzehao encumber xuhaoa admingyu xzerasx thebeachmaster pappletec johnson070 sputnicyes tekk lxkxc cateunion miyorineko periloso ccollins77 lzx3355669 austinclarke2021 sockb4t aglaianwoman spongeb0b724 puppywang labelexe moneytech unclerus m4r3kcracks xsaddata pythonone hwhohwh starch4ser b1gw00d cicemon212 unoffices panahbiru sergssv keshav2136 peytondodd michukcz dejandex98 sectorus denniscaudell needfulthings refael613 piggwest rdavydov hamdi-charef ohdmire dhhorak d10n1x methos2016 lauziming mohdomerhussain davinhanif onloocker muddimedia hoangtrongvu krusty45 bitmake armen199325 dragonkiss lxh1205509119 happyguy22 aptem1st macman1234 prokhorovtweets terrisgo mmcybersecurity ro9ueadmin imorteza nvck2002 romikavinda hax-br jmlapido person11111

wi-pwn's Issues

Can u update tutorial? :)

`Arduino:1.8.4 (Windows 10), Płytka:"NodeMCU 1.0 (ESP-12E Module), 80 MHz, Serial, 115200, 4M (3M SPIFFS)"

Wi-PWN:41: error: 'SSD1306' does not name a type

SSD1306 display(0x3c, 5, 4); //GPIO 5 = D1, GPIO 4 = D2

C:\Users\Adiif1\Documents\Arduino\Wi-PWN-master\arduino\Wi-PWN\Wi-PWN.ino: In function 'void drawInterface()':

Wi-PWN:118: error: 'display' was not declared in this scope

 display.clear();

 ^

C:\Users\Adiif1\Documents\Arduino\Wi-PWN-master\arduino\Wi-PWN\Wi-PWN.ino: In function 'void setup()':

Wi-PWN:700: error: 'display' was not declared in this scope

display.init();

Wi-PWN:709: error: 'ArialMT_Plain_16' was not declared in this scope

display.setFont(ArialMT_Plain_16);

Wi-PWN:711: error: 'ArialMT_Plain_24' was not declared in this scope

display.setFont(ArialMT_Plain_24);

Wi-PWN:713: error: 'ArialMT_Plain_10' was not declared in this scope

display.setFont(ArialMT_Plain_10);

C:\Users\Adiif1\Documents\Arduino\Wi-PWN-master\arduino\Wi-PWN\Wi-PWN.ino: In function 'void loop()':

Wi-PWN:873: error: 'display' was not declared in this scope

   display.clear();

   ^

exit status 1
'SSD1306' does not name a type

Ten raport powinien zawierać więcej informacji jeśli w
File -> Preferencje zostanie włączona opcja "Pokaż
szczegółowe informacje podczas kompilacji"
`

Version 1.3.2

After Starting the Deauth attack on a network the board becomes unreachable.
The bar where is says Scan, Uers, Attack, Settings and such, becomes red, as do the buttons, and then 192.168.4.1 times out and nothing can be done until I reconnect to the WiPwn.
Also says "Reconnect to Wi-Fi network" underneath that top Bar (Scan, Users, etc..)

Do I have to keep the Name Wi-Pwn and same password, or does changing it have no effect?

buttons/shortcuts on top

In the web interface and app, the buttons for scan, users, attack, settings isn't showing (see screenshots).

Clone button not working

As the title says. When I press clone, nothing happens.

Question

How is the WiFi client feature supposed to work?

App crashes instantly

The app crashes on startup on my S7 edge

No documentation on what the attacks do

Is there any documentation on what the attacks actually do?
For example, I do not know what the users tab does and how can it be used, is it just for information of connected users or if I can actually perform some action using it.

Wifi Deauther OLED V3 Board is not Compatible

I did the testing
PWN_9.0 or with PWN_8.0 with Wifi Deauther OLED V3 Board but not Compatible
OLED does not appear any images and Wifi SSID does not appear

Do I have to Compile & install with Arduino manually and what should be changed in its source code ?

Update

If I select and upload the newest .bin file it will not load the /update page

Deauth detector not working

When I start "Detector" it just restarts ESP and nothing happens. My chip is CP2102 and it's doing the same on CH340G.

Board OLED Error E19 and E95

I have done several test times on multiple boards:

For existing OLED boards, especially Wifi Deauther Oled V3 Board will experience errors during storage after making changes to the Settings menu, both E95 and E19 error errors.
For Non OLED board, error does not occur.

Support form

Some special characters get erased when typing in a password

#,& are two of the character that get erased when i save my settings.
An example: Noob#1234 and when i save all i have left is Noob.
Version 9.0 of Wi-PWN

Chinese firmware, Who can teach me, thank you!

How to compile the Chinese firmware, who can teach me, thank you!

Generated virtual hot spots do not support Chinese

The SSID doesn't apply the first time you enter

The first time I connect to esp, when I enter the SSID and Password, the device resets but it doesn't change the SSID and you have to enter it another time and then it works
This happens most of the time but very rarely it works the first time

Network Does Not Show Up

I was trying to use the other popular NodeMCU deauther by spacehunn, when I encountered the frustrating and unsolvable problem that the network was not appearing.

So, I've tried this program and am sorry to say it has the same effect. No network is appearing in my network lists.

My configuration:
NodeMCU: https://www.amazon.com/gp/product/B010O1G1ES/ref=oh_aui_detailpage_o00_s00?ie=UTF8&psc=1

NodeMCU Flasher method

Baud: 230400
Flash Size: 512kb
Flash Speed: 40MHz
SPI Mode: DIO

This Program: V9.0

Currently, I have the module plugged into the USB of my laptop. The BLUE LED is blinking about once per second, steadily. The RED LED is off.

Any help would be greatly appreciated!!! Thanks!

Random TX Power for beacon attack

Hi.

It's possible to add random tx power for beacon attack like in spacehuhn project?
Thats the only code i find for it

if (settings.getRandomTX() && (beacon.active || probe.active)) setOutputPower(random(21)); else setOutputPower(20.5f);

Could someone help with code and where to add it for arduino file?
Just add random tx power by default for beacon attack

attackInfo.json becoming corrupt

This issue leads to Attack page becoming unusable,

attackInfo.json:

{"aps":[],"clients":["FF:FF:FF:FF:FF:FF - BROADCAST"],"attacks":[{"name":"Deauth","status":"No network(s)","running":0},{"name":"Beacon","status":"ready","running":0},{"name":"Probe-Request","status":"ready","running":0}],"ssid":[["network.SECURE                  ",0]
,["network.SECURE                 ",0]
,["network.SECURE                ",0]
,["network.SECURE               ",0]
,["network.SECURE              ",0]
,["network.SECURE             ",0]
,["network.SECURE            ",0]
,["network.SECURE           ",0]
,["network.SECURE          ",0]
,["network.SECURE         ",0]
,["network.SECURE        ",0]
,["network.SECURE       ",0]
,["network.SECURE      ",0]
,["network.SECURE     ",0]
,["network.SECURE    ",0]
,["network.SECURE   ",0]
,["network.SECURE  ",0]
,["network.SECURE ",0]
,["â€‹network.SECURE      ",0]
,["â€‹network.SECURE      ",0]
,["â€‹network.SECURE     ",0]
,["â€‹network.SECURE     ",0]
,["â€‹network.SECURE    ",0]
,["â€‹network.SECURE    ",0]
,["â€‹network.SECURE   ",0]
,["â€‹network.SECURE   ",0]
,["â€‹network.SECURE  ",0]
,["â€‹network.SECURE  ",0]
,["â€‹network.SECURE ",0]
,["â€‹network.SECURE �",0]
,["â€‹network.SECURE",0]
,["â€‹network.SECURE",0]
,["â€‹network.SECURE",0]
,["â€‹network.SECURE",0]
,["â€‹network.SECURE",0]
,["â€‹network.SECURE",0]
,[".network.SECURE     ",0]
,[".network.SECURE     ",0]
,[".network.SECURE     ",0]
,[".network.SECURE    ",0]
,[".network.SECURE    ",0]
,[".network.SECURE    ",0]
,[".network.SECURE   ",0]
,[".network.SECURE   ",0]
,[".network.SECURE   ",0]
,[".network.SECURE  ",0]
,[".network.SECURE  ",0]
,[".network.SECURE  ",0]],"randomMode":0}```

Serial output:

getting attacks JSON (237)...done
getting sysinfo json

done
000000000000000000000000000000000000000000000000getting attacks JSON (1576)...done
000000000000000000000000000000000000000000000000getting attacks JSON (1576)...done
000000000000000000000000000000000000000000000000getting attacks JSON (1576)...done
000000000000000000000000000000000000000000000000getting attacks JSON (1576)...done
000000000000000000000000000000000000000000000000getting attacks JSON (1576)...done
000000000000000000000000000000000000000000000000getting attacks JSON (1576)...done
getting sysinfo json

done
000000000000000000000000000000000000000000000000getting attacks JSON (1576)...done
000000000000000000000000000000000000000000000000getting attacks JSON (1576)...done

done
getting sysinfo json

Wifi AP Password Protected

After flashing the wifi ap is protected using a password.

WPS crack !

Hi. can you add WPS crack ?
thanks

Hangs the browser after turning off the device

ESP8266
Android SDK API 19, 25
Google Chrome ver 63.0
Not tested on another browser.
Nothing a customized in the firmware.
Firmware was loaded from Arduino IDE.

For example:
Turn on the device, select SSID, enable testing of the attack with deauth.
After that, do not close the tab from the web page and the shutdown device (disconnect from a power).
It's done! You are lovely, Google Chrome will be frozen.

Connection Resetting

The connection is resetting for several files like /js/functions.js and /main.css, leaving the page partially rendered as shown below.

None of the UI elements respond.

Tested in FireFox Quantum 58.0.2, Chrome (Android) 63.0 and the latest version of the Android Wi-Pwn App.

Remote control using FTP

It could be perfect to contol device using remotely using config files by FTP.

Wi-PWN attacks list of networks for 10 minutes.

After it device connects to SSID with internet access by setted up password.

It loads TXT file on FTP server and writes there ID of itself and lists found target SSID:

===============================================
Wi-PWN Butovo 1 flat 13

Pasukova: skip
MkNet_24333: skip
HomeTel: skip
Vasya: skip
Veronika: not found for 3 days
RosTelecom_333f: skip

===============================================

You can change skip to attack to tell device to attack marked SSIDs and all clients connected to them.

After accessing to TXT on FTP server device continues to attack its targets.

Custom SSID Beacon Not Working?

When I click the add button to add a ssid, it doesnt add a ssid?

GPIO CAN NOT OPERATE

Czech language:
GPIO výstupy NELZE OVLÁDAT. Používám NodeMCU v3 a pokud dám HIGH nic se neděje. Podíváte se na to prosím. Děkuji.

GOOGLE TRANSLATE:
GPIO Outputs CAN NOT OPERATE. I use NodeMCU v3 and if I give HIGH nothing happens. Look, please. Thank you.

E5 clear client list.

When I'm looking at the users portion of the app/webpage I'm told I need to clear the client list (E5) how do i do this?

Wifi connection to slave AP for remote administration

It could be very good to teach device to connect to some access point using it's WPA2 password in DHCP-client mode. Than I can forward Wi-PWN 80 port to Internet and have remote access to it.

Crash on scanning for networks via wifi - display interface works fine.

I have compiled from the latest release branch. The only code changes are to correctly setup the display. Dstike v2.5 board.

Exception (28):
epc1=0x4000bdc8 epc2=0x00000000 epc3=0x00000000 excvaddr=0x00000000 depc=0x00000000

ctx: cont
sp: 3fff4ce0 end: 3fff4fe0 offset: 01a0

stack>>>
3fff4e80: 3fff3cd0 3fff340c 3fff4ea0 402174d4
3fff4e90: 3fff3cd0 3fff340c 3fff4f50 402131be
3fff4ea0: 3fff6778 0000000f 00000000 3fffbeb8
3fff4eb0: 0000003f 0000003f 3fffaef8 0000001f
3fff4ec0: 00000006 00000008 402152d0 3fff3fc0
3fff4ed0: 3fffac40 0000000f 00000000 3fffac20
3fff4ee0: 0000000f 00000000 3fffac00 0000000f
3fff4ef0: 00000001 3fffa648 0000000f 00000003
3fff4f00: 00000000 0000005f 0000005f 4021103b
3fff4f10: 3fff3448 3fff3ce8 3fff4f30 00000001
3fff4f20: 00000000 00000006 000003e8 4020f6ac
3fff4f30: 00000000 3fffa668 0000000e 3fff3fb0
3fff4f40: 3fffdc20 000003e9 3fff340c 40212145
3fff4f50: 3ffe9930 00000000 000003e8 0002a073
3fff4f60: 3fff342c 3fffa668 3fff6a58 3fff3fb0
3fff4f70: 3fffdc20 00000000 3fff0cc8 402101fe
3fff4f80: 402016ae 00000640 3fff3eec 40216c3c
3fff4f90: 402885b2 4028996b 3fff3ce8 402100be
3fff4fa0: 00000000 00000000 00000016 40101d0d
3fff4fb0: 402152f1 00000000 00000000 3fff3fb0
3fff4fc0: 3fffdc20 00000000 3fff3fa9 40215319
3fff4fd0: 00000000 00000000 3fff3fc0 40100114
<<<stack<<<

ets Jan 8 2013,rst cause:2, boot mode:(1,6)

ets Jan 8 2013,rst cause:4, boot mode:(1,6)

wdt reset

Wifi works but No webpage on 192.168.4.1

ESP8266 cp2102
NodeMCU 0.9.6 build 20150704 powered by Lua 5.1.4

Hello like in title there's open wifi which i can connect but I cant open 192.168.4.1 webpage.
It is pinging back.
I did scan wifi devices and ports and It appears to be on 192.168.4.1 but no open ports (80 is missing)

Add to wiki how to restore ESP8266 to factory state

Hi samdd :)
You should add this this to wiki because i had trouble when set up bad password for wifi and then can't login to my jammer. Just use esp_tool.py erase_flash and then reflash :)

Whitelist

Is it possible to implement a whitelist for mac adresses?

Somebody wrote already a sourcecode for his own esp8266 deauther: RandDruid/esp8266-deauth#6

Battery charge indication

Can you add a battery charge indication to the Control Panel?

ssid and password is not saved

Support for Web app

Is it possible to make Chrome Web app?

Not spamming beacons

It is not creating mass beacons just 2 or 3 after a minute of waiting. It worked with the spacehuhn version

Update Over WIFI

http://esp8266.github.io/Arduino/versions/2.0.0/doc/ota_updates/ota_updates.html#web-browser

If you can add this option it will be super awesome.I tested this on my nodemcu with some other project installed.i went the ota update webpage selected your .bin file after 3 seconds your project was installed.Even i uploaded different project before it didnt mixed just clean wi-pwn installed without wires and computer.

Encrypted clones aren't encrypted

Hi there,

I'm using the last release on an esp8266 1.0 and everything is working perfectly except when i try to clone an AP and setup the clones to be using encryption it add them in the list and create them but all of them show as open network :/ Same bug when i use deauther8266 from spacehuhn so maybe there is no fix yet :)

Why aren't there compiled Chinese firmware?

Mobile interface issue (360x640 px)

On the Galaxy S7 there is an Issue with the "Bubbles" showing the signal strength, they are pointing to the false direction on this certain screen size.

>360 =  http://prntscr.com/h5dzc7 (OK)
=360 =  http://prntscr.com/h5e1a2 (ISSUE)
<360 =  http://prntscr.com/h5e1nl (OK)

Why is this thing trying to call out constantly

Why is afwall+ blocking this app from calling out on port 80 so much?

Curious enough to ask but to lazy to figure it out on my own.

Font issue

On macOS and version 8, I don't see Roboto Medium, instead I see this

Did a translating to Polish :)

Done :)

Polish.zip

ESP32 Support

Is there any plans for supporting the ESP32?
It is significantly faster and it has been getting pretty popular lately.

When new stable release ?

Like in topic

I want a Chinese firmware.

Can't connect to Wi-PWN

As soon as I set a SSID name and a password, I can't connect to the new SSID with the correct password. I'm using the latest version of the code and the app. Also, I erased the complete flash 2x and re-flashed the ESP with the software 3x but still the same problem.