Hide Your Repeater And Gain A Radio

[Bradley]’s workplace was recently put into a position where they needed to install a WIFI network to operate some wireless barcode scanners, which was left open for anyone to connect to. Management thought that the people in the shop, who didn’t really need internet, would get less work done if they had access to it. So they just simply stuck the access point as far away as they could. Problem with that theory is that the signal still reaches a little bit where they don’t want it, and people in the shop really want access, so a repeater is needed.

Of course this repeater cant be just sitting out in the open. so [Bradley] decided to hide the it inside of an old radio. Searching around he finally settled on a 10$ ebay radio from the 1980’s, which is large enough to hold the guts of a WRT54G. The routers AC adapter was popped open and wired into the AC input of the radio, the main board and antennas were epoxied to the back. Once everything is buttoned back up you’re left with a hidden repeater, and a fully functional radio.

Now hopefully none of his bosses read his blog!

41 thoughts on “Hide Your Repeater And Gain A Radio

  1. What took me a few reads to figure out is the people who didn’t have access, but wanted access, set up this repeater to share the wealth. The covert nature of the hack ensure management won’t immediately suspect what’s going on.

    But anyone with a smartphone should be able to figure out what’s what pretty quickly, unless they lock the other side of the repeater. In that case, they should probably setup a NAT instead of a bridge and, maybe, periodically create a new MAC on the client side of the router.

    Then again, all it takes is a quick walk around the office to see who is using what. That probably poses a bigger problem.

    1. Suddenly getting a strong WiFi signal pop up should raise a few suspicions, but someone checking the logs might notice the extra traffic.

      The usual way to get sprung is by someone opening their mouth; as the saying goes “Three may keep a secret, if two of them are dead”.

  2. Management should have just set up MAC address filtering, or created a wireless network without internet access. Then the idea of anyone surfing the net would have been dead in the water.

  3. Slow loading of pics aside. I like this hack, it’s a bit 80’s and lets face it, if hiding WiFi by moving(far far away) is the security solution, I’m not going to guess they will find this any time soon.

    1. The title sucked though. “Repeater” means I’m expecting something to do with Ham radio. Had to read everything twice to understand what was going on. (Bradley work at some sucky place where management is too stupid to give the employees the tools they need to do their job and are likewise too stupid to know how to monitor everyone’s traffic, or use MAC filtering to at least make things harder.)

  4. I used to work in the point of sale support industry, almost every wireless barcode scanner made in the last decade supports WEP at the least, and most of them support wpa/wpa2.

    This “security” setup is probably just a wonderful example of someone being inept.
    Unfortunately inept “setup technicians” are very common in the POS industry, as most of the people in the industry are hired for thier retail backgrounds.
    (Joe worked in a grocery store for 5 years and knows the software already, lets hire him!)

    At the support company I worked for, out of 30 technicians only 3 of them had any experience in IT before being hired. (and I hired the other 2…)

    The worst part is, these clowns are the ONLY AUTHORIZED support company for the entire region. This means that if your grocery store uses either of the two biggest POS softwares in the US, you can only get software updates/support through these guys.
    Any other companys trying to support the software get sued out of existence.

  5. It’s town policy to allow access to the APs. It’s just local mgt that doesn’t like it. They don’t get a choice which is why the original AP is so far away from the shop.

  6. Be aware that the WAG54g series suffer from capacitor plague. Mine lasted about 4 years then ports started failing etc. There are about 12 or so caps and I was about to embark on that unfortunate task when I got hold of a WAG54gv3 on the cheap which is an excellent unit in it’s own right.

  7. mmm this hack is so delicious. im satisfied.

    normally i’d bitch about “wheres the existing junk radio in ur closet?”
    but in this case:
    1 it might get thrown out
    2 it might get smashed for fun by someone else :)
    3 if its for work, where u make money, then 10$ isnt so bad
    4 it cant be something co-workers/boss recognise as “already modified…”
    5 the 10$ gets it pre “outside cleaned”
    6 u get to keep your bc437

  8. If this router has a diversity receiver on the same band as it’s usual, the distance between the two antennas is too small (and cannot be changed freely). If both are used to transmit, the distance between the two antennas is too small. Other metallic parts are too close as well. And there are other cases when the distance is critical, however it seemingly isn’t such a device. Plastic case without any kind of shielding may cause EMC, degradation in performance, other nearby equipments’ performance, etc. Certainly, no one of them is lethal, the router will work, but it is preferred to know more about the technology before…

  9. that is a lot of work just to quell the temptation.

    i would just with a couple settings disable the broadcast of the ssid


    without broadcasting the ssid then you wont have ones being able to see the router.

    another way is since you said bar code scanner that means grocery store most likely.

    teach all the workers to always keep the scanner gun’s charger base next to the checkout line.

    if the charger base is usb connectable then connect the charger to the usb so those in line thinking of pulling out their laptop or ipad or iphone and using your network may not think to do so because it then looks like the scanner gun is not wireless.

    if you can set the delay between the scanner picking up the bar code being read and the price showing up then you would have time enough get the scanner back to the dock before the customer realize it is wireless.

    if you are allowed to decorate the scanner then get some bluetooth stickers and make it look like it is bluetooth (you cant connect to the internet via bluetooth.

    1. “you cant connect to the internet via bluetooth”
      Back to the drawing board there bub, you can use a Bluetooth PAN to share internet connection without a problem (other than low speed of connection)
      I’m not sure what issue you’re addressing here with the stuff about the USB etc. it doesn’t make any sense in the context of what the OP is doing with his WiFi repeater.

    2. “It’s intended to be used with a wireless bar code scanner in the parts department.”; “WiFi still reaches a good part of the shop”. Sounds more like he works in the service department of an automobile dealership than a grocery store.

  10. Nice, I like it!

    ‘Town policy’? Is this a townships free wifi that your company is using for it’s barcode scanners and they were able to dictate where the ap went?

    I wonder.. did you need to include the power adapter or is there a nice source of unregulated DC somewhere in that radio that could be fed to a 7812 and a couple of capacitors. It doesn’t matter, it works as is!

    2 people mentioned MAC filtering. Really? In 2012 on HaD not everyone knows how useless MAC filtering is yet? I wish one of them was my neighbor. Yay for free internet!

      1. Yes, I work for the gov’t. It’s a public wifi spot provided by said town. All APs must be allowed for public use due to town policy. The bar code scanner is for a parts dept. Not Food Lion!

        The antenna distance and shielding issues were concerning on paper, but they turned out to be of no concern in the real world. One antenna is Tx, the other Rx.

      2. @bradley

        Wait, so this parts dept has this barcode scanner (and the inventory tracking system its for) connected directly to a municipal wireless network?

        That seems a bit dangerous. All you need is another municpal user to connect to the network with a virus invected laptop and the fun begins.

        Why not reccomend that they install the repeater and a separate wirless router for the parts dept?
        That way the company network can access the internet via municipal wireless, but their systems are safely behind a stateful firewall.

  11. I’ve hidden many wireless repeaters everywhere during pentesting. anyway what is great about this mod is that they can mod it even further by transforming the radio AM antenna into a wifi antenna :p
    I like it.

  12. @eldorel

    Yea, it’s a stupid policy. It should have been isolated, but hey, I can’t complain. I was originally going to have this radio connected to my office computer. The open WiFi allowed me to avoid that. The AP is isolated from the internal network via VPN. I’m Bus Security systems, headsigns, AVLs, etc. Not IT.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.