Summary:
Sniff PMKID mode spams broadcast deauth packets from every AP it sees even when selecting any of the "passive" modes in the flipperzero menu.
Steps to reproduce:
Flipperzero running Unleashed Firmware 069e with version 0.6.6 of the wifi-marauder companion app.
ESP32 wifi dev board running the ESP32 Marauder firmware installed using FZEasyMarauderFlash
Nearby computer with wifi interface in monitor mode
(optional: phone attached to wifi network)
On the nearby computer, open a wireshark session on the wifi interface in monitor mode, and observe raw wifi traffic. Set the wireshark filter to "wlan.fc.type_subtype == 0x000c" to filter for deauth frames.
On the flipperzero, navigate to the wifi marauder app, select "sniff" for PKMID, then select "Passive".
EAPOL messages should start appearing on the flipperzero.
Deauth Broadcast Frames appear in wireshark.
Expected Behaviour:
Passive mode should not be expected to transmit any signals to other devices. It should be listen only. Sending deauth frames should be under the "Active" option.
Summary:
Sniff PMKID mode spams broadcast deauth packets from every AP it sees even when selecting any of the "passive" modes in the flipperzero menu.
Steps to reproduce: Flipperzero running Unleashed Firmware 069e with version 0.6.6 of the wifi-marauder companion app. ESP32 wifi dev board running the ESP32 Marauder firmware installed using FZEasyMarauderFlash Nearby computer with wifi interface in monitor mode (optional: phone attached to wifi network)
On the nearby computer, open a wireshark session on the wifi interface in monitor mode, and observe raw wifi traffic. Set the wireshark filter to "wlan.fc.type_subtype == 0x000c" to filter for deauth frames.
On the flipperzero, navigate to the wifi marauder app, select "sniff" for PKMID, then select "Passive".
EAPOL messages should start appearing on the flipperzero. Deauth Broadcast Frames appear in wireshark.
Expected Behaviour: Passive mode should not be expected to transmit any signals to other devices. It should be listen only. Sending deauth frames should be under the "Active" option.