Famous wireless hacker Samy Kamkar has suggested that we pay more attention to low-cost hacking/exploitation tools, and NodeMCU is one such tool, a $4 ESP8266 WiFi SOC based on LUA firmware. Thanks to the Spacehuhn project, we can use the NodeMCU ESP8266 to assemble a WiFi jammer (a more precise wireless network deauth attack tool) ourselves. When selecting a wireless client, you need to disconnect from your own wireless network first before you can perform the attack operation. During the attack, all WiFi networks will not function properly. Such devices are sufficient to disconnect your roommate, the wireless surveillance cameras in a mall, or the communication connections of your neighbor’s IoT devices.
The 802.11 WiFi protocol includes a deauthentication feature, which is used to disconnect users from the network. An attacker can use a forged source address from a wireless AP to send a deauthentication attack packet to the transmitter.
This protocol does not require encryption for the deauthentication attack framework, nor does it require session establishment. This vulnerability was proposed to be fixed in 802.11w-2009, but almost all manufacturers have set it to disabled by default.
Ten years ago, considering the powerful functionality, low-cost magnets, brighter LEDs, and button batteries were all very novel materials for wireless attacks. It was around this time that some people had the idea to package these components and throw them onto bridges and overpasses. Thus, the LED throwie was born, undoubtedly a very cool decoration, but for some, it was just a small-scale light pollution.
For a long time, military radio jammers were compact (about the size of a cannon shell or much smaller than a backpack) and relatively inexpensive. These jammers could disrupt wireless communications within a radius of hundreds of meters. Since then, the ESP8266 has been developed, and today there are microcomputers with WiFi support that are about the size of a postage stamp, and their cost is almost negligible.
Although not recommended, it is an interesting case that makes it possible to combine low costs and new technologies to create hacking tools. Ten years ago, such a small and cheap WiFi module was unimaginable!
Supported Devices:
You can flash the code onto any ESP8266 board. Depending on the module or development board, there may be differences in performance and stability. The low-spec 512kb version of ESP8266 does not support Apple products perfectly and has fewer features than other versions. In contrast, the NodeMCU ESP-12 board with 4mb flash memory and built-in USB interface is more suitable for these tasks.
Installation:
Uploading the .bin file is the simplest way to install and run.
https://github.com/spacehuhn/esp8266_deauther/releases
You can choose the following tools for uploading:
-
nodemcu-flasher [Windows only]
-
esptool-gui [Windows, MacOS]
-
esptool [Windows, MacOS, Linux]
The ESP8266 can be powered by an OTG cable, a power bank, or a pair of AA batteries. You can manage various functions by opening 192.168.4.1 in your browser.
Complete Demonstration Video
For more details, refer to ESP8266 Deauther.
*Reference: hackernoon, FreeBuf editor Iris translated, please indicate the source from FreeBuf.com
