Closed Archimedes127 closed 1 year ago
Double posted deauth pic. Should've been beacon spam (cut me some slack, jetlag is real)
After a deauth is carried out, if you try to attack via Rickroll, no beacons appear. Reset the board and carry out the same attack, they show as intended.
I am unable to reproduce the bug myself. I followed this order of operations to reproduce the issue on my end. Please let me know if there was something I misunderstood.
scanap
stopscan
ssid -a -g 3
select -a <index of target ap>
attack -t beacon -l
(first beacon spam)stopscan
attack -t deauth
stopscan
attack -t beacon -l
stopscan
attack -t rickroll
stopscan
All beacon spam attacks following the deauthentication attack executed as expected. This was tested on a Marauder Mini and Flipper Zero Dev Board as the transmitter. I monitored the attacks with a separate Marauder. All of the attacks were detected by the monitoring Marauder.
The only hardware variation is that I'm using a flipper zero/ Flipper dev board and not a marauder mini/flipper dev board as you have done above.
There must be an issue with the interface between the flipper zero and the devboard possibly. The WiFi dev board shows activity when initialised via the flipper zero (scan and attack) with green and red LEDs respectively.
Oh no when I say I tested this with a mini and a flipper dev board, I meant they were operating independent of each other. The flipper dev board was plugged into the flipper zero and the Marauder Mini was operating as a standalone device. Both devices performed the list of commands above and the output from both was as expected. I will need to see if there is something else I need to do to get the same thing to happen
Can you confirm the fw versions on the FZ and Dev board? Cheers
I am currently running v0.9.17 on both the Marauder Mini and the Dev Board. On the FZ, I am running unleashed version unlshd-012
I'm running unlshd-014.
I'll roll back to 012 and see if I can emulate the issue.
Any updates on this issue?
None so far. Some other users have reported the same thing in some groups I'm in. I'm trying to figure out if there's any settings/hardware variations (sd card, general flipper settings) but in all honesty I've been busy with work, so have slacked a bit regarding it.
Get Outlook for Androidhttps://aka.ms/AAb9ysg
From: Just Call Me Koko @.> Sent: Sunday, November 27, 2022 3:44:24 PM To: justcallmekoko/ESP32Marauder @.> Cc: Archimedes @.>; Author @.> Subject: Re: [justcallmekoko/ESP32Marauder] Flipper Zero Marauder (dev board) Unable to Deauth and then send beacon frames (Issue #166)
Any updates on this issue?
— Reply to this email directly, view it on GitHubhttps://github.com/justcallmekoko/ESP32Marauder/issues/166#issuecomment-1328346710, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A3E4L5LWPHJAYO54DXJ4HB3WKPI3RANCNFSM6AAAAAARYVVQUI. You are receiving this because you authored the thread.Message ID: @.***>
I have the exact same issue as above, I am using the 0.9.1.7 Marauder OTA flashed to the flipper 0 wifi dev board, and I'm running unleashed-0.1.4. So I'm not sure if I'm doing something wrong or there's a bug in the firmware.
Cheers
I've ordered another dev board (dedication to the cause) to rule out it possibly being the board. I'm also going to get another FZ to rule out possible hardware issues. I expect delivery in the next week so will keep you posted. I'm leaning towards the unleashed firmware, but as koko can't emulate the issue it almost seems like it's an intermittent thing with maybe different hardware batches? Guess we'll find out...
Get Outlook for Androidhttps://aka.ms/AAb9ysg
From: Wh331z @.> Sent: Thursday, December 1, 2022 8:58:22 PM To: justcallmekoko/ESP32Marauder @.> Cc: Archimedes @.>; Author @.> Subject: Re: [justcallmekoko/ESP32Marauder] Flipper Zero Marauder (dev board) Unable to Deauth and then send beacon frames (Issue #166)
I have the exact same issue as above, I am using the 0.9.1.7 Marauder OTA flashed to the flipper 0 wifi dev board, and I'm running unleashed-0.1.4. So I'm not sure if I'm doing something wrong or there's a bug in the firmware.
Cheers
— Reply to this email directly, view it on GitHubhttps://github.com/justcallmekoko/ESP32Marauder/issues/166#issuecomment-1334700282, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A3E4L5OF25RSPDOAAAD7YQTWLFQU5ANCNFSM6AAAAAARYVVQUI. You are receiving this because you authored the thread.Message ID: @.***>
@Archimedes127 Please update to v0.10.0 when you get the chance and check if the issue is still present
Will do mate.
Sent from Outlook for Androidhttps://aka.ms/AAb9ysg
From: Just Call Me Koko @.> Sent: Friday, December 23, 2022 7:07:30 PM To: justcallmekoko/ESP32Marauder @.> Cc: Archimedes @.>; Mention @.> Subject: Re: [justcallmekoko/ESP32Marauder] Flipper Zero Marauder (dev board) Unable to Deauth and then send beacon frames (Issue #166)
@Archimedes127https://github.com/Archimedes127 Please update to v0.10.0 when you get the chance and check if the issue is still present
— Reply to this email directly, view it on GitHubhttps://github.com/justcallmekoko/ESP32Marauder/issues/166#issuecomment-1364240332, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A3E4L5NDKU54E5SFTK4GLHLWOXZ7FANCNFSM6AAAAAARYVVQUI. You are receiving this because you were mentioned.Message ID: @.***>
Updated and issue is fixed! Good job.
Sent from Outlook for Androidhttps://aka.ms/AAb9ysg
From: Ross Noyce @.> Sent: Friday, December 23, 2022 7:51:01 PM To: justcallmekoko/ESP32Marauder @.>; justcallmekoko/ESP32Marauder @.> Cc: Mention @.> Subject: Re: [justcallmekoko/ESP32Marauder] Flipper Zero Marauder (dev board) Unable to Deauth and then send beacon frames (Issue #166)
Will do mate.
Sent from Outlook for Androidhttps://aka.ms/AAb9ysg
From: Just Call Me Koko @.> Sent: Friday, December 23, 2022 7:07:30 PM To: justcallmekoko/ESP32Marauder @.> Cc: Archimedes @.>; Mention @.> Subject: Re: [justcallmekoko/ESP32Marauder] Flipper Zero Marauder (dev board) Unable to Deauth and then send beacon frames (Issue #166)
@Archimedes127https://github.com/Archimedes127 Please update to v0.10.0 when you get the chance and check if the issue is still present
— Reply to this email directly, view it on GitHubhttps://github.com/justcallmekoko/ESP32Marauder/issues/166#issuecomment-1364240332, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A3E4L5NDKU54E5SFTK4GLHLWOXZ7FANCNFSM6AAAAAARYVVQUI. You are receiving this because you were mentioned.Message ID: @.***>
So it was an issue with older versions. Good job fixing it justcallmekoko, cheers!
Hardware and firmware Flipper Zero - Unleashed FZ Dev Board - Marauder v0.9.17
The dev board running marauder requires resetting after sending deauth frames and switching to beacon frames. If the board is not reset, the flipper dev board does show that it sending beacon frames (led indicator turns red) however utilising a mobile device to scan for the beacons brings back no results. If the board is reset and beacon frames are re-sent the beacons are visible after scanning.
Steps to reproduce the behavior:
Expected behavior A deauth attack followed by a beacon spam afterwards without having to reset the devboard between changing.
Screenshots
No ssid shown when looking for ap's via phone (reset of board required, and it is possible)
After emulating the issue, it was noticed that no further actions can be taken without resetting the devboard. The initial deauth attack appears to stop further pen testing.