TODO List

[N0vaPixel]

Hi ! I've created this issue because i don't want to make a new one for each projects i have. So feel free to leave your questions, ideas and feedbacks. Thanks :)

ToDo:

Improve JSON builder.

Done

• Dynamic ledPin switching. (No restart needed) (done) d4e3f9c2dfc075f7751b8492ccb34d90277952a0
• For the AP, add the abillity to change the bssid. (done) 3ae0a1096120657225c0c3af0c8cbe767a63f6a1
• Select / deselect all functionality (For AP / Client list) (done) 4c069a53bdd08474fd661ece386ea8fb01d15c31
• Hide own AP and scan for hidden ones (done) #61 #70
• Change the channel of the AP (done) #70
• Add a restart button in the web interface (soft reset) (done) #79
• Use built-in LED to see if an attack is running (done) #79
• Can see which AP a client is associated with (done)

Will not be added

• Enhance the deauth attack with two ways method. ☠️

[spacehuhn]

What do you mean by "enhance deauth attack"? And can you set it to sleep when it's in AP mode? I thought about that too but never tested it.

[N0vaPixel]

1_ @spacehuhn Currently the esp_8266_deauther deauth only in "one way". It spoof ap and send deauth & disassociation to client. To ensure his effeciency in all cases, it would be nice to add the others way. Them there are 4 types/flavor of "deauth/disassociation " packet:

Type 1: Send deauth from AP to client Type 2: Send deauth from client to AP Type 3: Send disassociation from AP to client Type 4: Send disassociation from client to AP

You will be able to choose whose ones you want to use. This is how famous tools like "mdk3" works. http://svn.mdk3.aircrack-ng.org/mdk3/docs/Documentation_incomplete.html

Easy to implement i'll do it later. I just need to modify the buildDeauth method to receive more parameters.

2_ For the sleep mode, i'll see if it actualy work in an experimental way. Why not reduce the tick of the loop function when no attack is running and no action has been made by the user since few minutes

[ghost]

Yep it would be good to reduce the tickspeed cause the other way won't work: you'd have to set ch_pd to low but then the esp is shut down so you would have to manually set ch_pd high

[N0vaPixel]

@H1ghTech Great idea. But i'm wondering if i power off the esp8266 module how the user can power on it without a physical access to the board

[spacehuhn]

ok so first: at the moment Type 1 and Type 3 is already in use and I wouln't not implement the other 2 because then it would be super easy for router to track you and block the attack.

about the sleep mode... correct me if I'm wrong but what I tested so far is that it doesn't matter what you do it will draw around 80mA. You can only reduce that by setting it into one of the sleep modes, for that you need to be able to wake it up, which I think is not possible without user interaction and at this point it's easier to just unplug the device if you don't use it.

[N0vaPixel]

I didn't heard about AP that actively detect a spoofed packet, since many of the FAI AP don't let her customers implement scripts. A skilled network admin can detect and track you as a skilled guy victim of a deauth attack. Even more, a network admin is able to detect any deauth packets "in the air", affecting her clients or his AP. I don't planned to force the use of the other way, they will be disabled by default. But can be enabled by user depending on the situation and his needs. Providing are more customizable tools.

Yes, i'm talking about sleep mode. What about implemeting in the end of loop() a function that calculate the sleep time. The sleep time will increase if no action has been made. It'll reach a maximum time arround 5-10sec. So the first reconnection will take more time. The goal is to increase his lifetime when you use it with a external battery, and you put it in hidden location.

[spacehuhn]

It's not about the spoofed packets, it's about the number of packets. When you send them to the router it has to react to them and if you spam these packets (what the ESP does) the router will slow down or, if implemented, detect it as dos attack.

But the other way around only the clients you want to disconnect are affected and so you minimize the chance of beeing detected. Of course there are routers which monitor all packets, but these are expensive high end systems which are mostly used for big buildings. 99% of the home routers don't have that.

[N0vaPixel]

@spacehuhn Yes you right, thanks for your feedback

[spacehuhn]

no problem and thanks for your work! 👍 I probably won't have time to work on this for the next weeks but let me know if you need any help :)

[N0vaPixel]

@spacehuhn I'll keep you up-to-date if i encounter problems 👍 Love this project ❤️

[joneroy]

@N0vaPixel

built-in LED not working when attack is running i'm using testing branch

[ghost]

@joneroy got the same problem

[joneroy]

@H1ghTech #87

[N0vaPixel]

What about an information web page, containing ESP AP mac, clients connected to ESP AP ect... ?

[anudeepND]

You have all those info on web interface.

[N0vaPixel]

Oh by saying "AP" i mean the esp AP

[spacehuhn]

Hey @N0vaPixel I added you as collaborator, you're doing a great job and I'm very thankfull for your help, as attation on this project grows and grows! 👍
You can push directly into the testing branch, just don't merge it into the master before I looked over it. You can also close some of the useless issues that are posted everyday.

[N0vaPixel]

A pleasure to collaborate with you, thanks @spacehuhn 👍 I'll contact you if i think that the testing branch is stable and can be merged

[N0vaPixel]

Update : Now you can see which AP a client is associated with. Report if you encounter any bug. Thanks :)

[spacehuhn]

Hey @N0vaPixel do you think we can make a new release? I couldn't find a new bug so far. I know there are not many changes, but the js compatibility is probably a big issue for many people and now that it's fixed (thx for that btw!) I think a version 1.1 would be appropriate.

EDIT: there are actually a lot of changes - just for the blinky LED it's worth it 👍

[spacehuhn]

I'm sorry if I am a bit to fast with the merging, I just wanna get this done: https://github.com/spacehuhn/esp8266_deauther/pull/113

Thank you again for your work 👍 and I hope we see less issues due to this release :)

[N0vaPixel]

Hi @spacehuhn No problem, i'm not watching github because i'm very bust this week-end. A new release is a good thing, i didn't noticed any kind of bug. I plan to commit the mac changer feature next week. But before i need to fix some bugs

EDIT: I think mac changer may be the last feature that we can add in the settings web page, the esp tends to run out of memory 😢

[tpmodding]

saw this yesterday, dont know if its usefull for you guys http://hackaday.com/2017/03/10/save-esp8266-ram-with-progmem/

[spacehuhn]

@tpmodding I used the progmem for all the html files and the mac vendor list. Just have a look at the data.h ;)

[tpmodding]

i'm just learning c...i'm new in this coding thing... :D this is to high for me :P

[spacehuhn]

EDIT: I think mac changer may be the last feature that we can add in the settings web page, the esp tends to run out of memory 😢

You mean because the html file gets to big? We could split the JS part into a seperate file.

[N0vaPixel]

Nice idea ! I have splitted the JS part, we will see if it helps. Also, url are now more sexy ❤️ (/attack.html is now /attack) 6a52e70ea7655caa78300950549035dd8f145fdc

I would be nice to make a python script that auto minify and auto update data.h 👍

[ghost]

Wifi reapeater..

[spacehuhn]

@cezarlacatus that's not what this project is for

[hallard]

Guys, This is a very nice project, I love it ;) Anyway may be I can help with some ideas

• first I can implement asyncwebserver from @me-no-dev which is a wonderful library that speed up web server and it's becoming the reference because it's async and no blocking
• use the spiffs file system to serve HTML and JS files
• put the MAC address list on Spiffs to get back flash memory for code
• add web file spiffs editor to be able to edit spiffs files from web interface (great for testing)

Let me know if you want me to help with pull request or as collaborator on a new branch, whatever is fine for me but first implementation of async need lot of changes ;)

[NajiHakimian]

Would adding an option to enable not password protected beacon(list) so people would get a notification on their phone when we broadcast be possible eventuality?

[BingeOn]

Is there any way it could work on 5ghz or maybe there's another board that could do this at 5ghz?

[carlosroe]

I would like to equip my deauther with a list of SSIDs from a file just like the Beakon spamer from Spacehuhn!

[jLynx]

@FrancTheCat its not a jammer

[carlosroe]

Better? 😉

[amahlaka]

Suggestion: support for WebApp / Add to homescreen (https://developer.chrome.com/multidevice/android/installtohomescreen) I have already started to implement this on my fork

[jLynx]

@spacehuhn can this be closed now?

[spacehuhn]

... that is @N0vaPixel decision.

[Behooz-Sirouszad]

@spacehuhn : connection and disconnection problem for user to work with html pages ...iv found the problem and edited yout data.h code buffer size from 6000 must be change to 1000 and all works fine und wundabar. vielen dank Fur ihre aufmerksamkeit.. but i have a question why did you deleted (commented) channel hopping from html and java codes

[spacehuhn]

I think it's fair to say that we can close this.