Sir, It Appears We’ve Been Jammed!

In a move that would induce ire in Lord Helmet, [Kedar Nimbalkar] has recreated Instructables user spacehun’s version of WiFi jammer that comes with a handful of features certain to frustrate whomever has provoked its wrath.

The jammer is an ESP8266 development board — running some additional custom code — accessed and controlled by a cell phone. From the interface, [Nimbalkar] is able to target a WiFi network and boot all the devices off the network by de-authenticating them. Another method is to flood the airspace with bogus SSIDs to make connecting to a valid network a drawn-out affair.

This kind of signal interruption is almost certainly illegal where you live. It does no permanent damage, but once again raises the existing deauth exploit and SSID loophole. [Nimbalkar]’s purpose in recreating this was for educational purposes and to highlight weaknesses in 802.11 WiFi protocols. The 802.11w standard should alleviate some of our fake deauth woes by using protected frames. Once the device authenticates on a network it will be able to detect fake deauth packets.

We featured a more targeted version of this hack that can be done using a PC — even targeting itself! And more recently there was a version that can target specific devices by jumping on the ACK.

http://www.youtube.com/watch?v=N5JVQ-m5Kd0

[A previous version of this post wrongly attributed credit to Kedar Nimbalkar for creating the device, when in actual fact credit goes to spacehun]

[Thanks for the tip, Itay!]

43 thoughts on “Sir, It Appears We’ve Been Jammed!

    1. You might want to check out your source on that. ESP deauth attacks have been a thing for years now. here’s one from a year ago, with a hackaday.io project.

      Seems to me spacehuhn is the one just taking an idea and reimplementing it. Let’s give credit to the people who first created this attack: Marriott International.

      BTW, notice how everyone in this thread is crediting spacehuhn, when he is demonstrably not the original implementer of ESP deauth attack hardware, yet the complaints in this thread are that we’re not crediting the original implementor of the hack. This is why you’re terrible.

      1. Brain, you may verify what you wrote. Nobody told [spacehuhn] created first the attack. But you must acknowledge that [spacehuhn] brought [randdruid] work to a next level,and wrote some code himself.

        And you should also admit that Kedar the script kiddie just flashed [spacehuhn]´s code on an ESP8266, and MADE A VIDEO.

        When one digs further it´s the only thing Kedar does:
        taking people work or code, making YT videos with it. Not a single line of code, nothing, not even understanding what he really does.
        And he lets people believe he invented all this while all he does is showing off on YT.

        He is not even able to answer any of the technical questions he get for the “articles” he publishes on instructables.com, but they all are stuffed with links to his YT videos !!! Is that ok for you ???

        Finally James Hobson just copy-pastes the crap, not verifying or proofing anything, as usual here.

        If it is for you intellectually honest, then you should propose Kedar to makes YT videos for HaD. He exemplifies what is wrong with HaD, and you actively support that.
        According to your standards, Kedar should have won the HaD prize if he had made a hackaday.io project.
        And 90% of the flamewars here are because of those low low editorial standards you enforce, Brian.

        1. > And 90% of the flamewars here are because of those low low editorial standards you enforce, Brian.

          I don’t have anything to do with this shit. If it doesn’t have my name on it, I didn’t touch it. If it were up to me, I’d pay James for this post and put it in the trash. ESP deauth attacks are idiotic, and don’t deserve to be publicized.

      2. Actually you’re missing the point here Brian. Sure, people have been doing ESP deauth for a while – it’s not like a new implementation of an existing idea isn’t often posted on HAD. The point is, this goofy youtube person didn’t ‘hack together’ anything. He downloaded spacehuhn’s code onto a dev board and made a video about it. Spacehuhn at least is providing a noteable value-add in that there is a phone interface, and native ESP8266 code as opposed to arduino with no UI.

  1. Please, HaD, do your job and remove this crap video form the article, and any link to the youtuber Kedar Nimbalkar.
    He earns money by making crappy videos with the work of other people, misleading them into believing he is ht eauthor of those.

    NONE of his “articles” on instructables.com contain any work he did. There is no technical detail, and he does not answer any of the technical questions he´s got asked.

    Give back credits to spacehuhn and his REAL work, and stop sourcing new articles from youtube videos at all. Enough of social media attention whores !!!

  2. Come on folks, stop your bitching, a HaD writer came across a nice and easy way to deal with all the terrible smartphone-gaze-locked people, who cares who made it originally, in case you’re not aware, about 85% of hackaday.io is full of projects that have been done before aswell, and at least 50% can be called a shamefull ripoff, but does that make them invalid? imho most certainly not, all of those people bring their own skill and additions, which just makes you have more to base your own idea’s off of in the future.

    To summarize; Look at any possible ‘field’ you can imagine, and find me something that was NOT developed based on earlier work.

  3. “”” [Kedar Nimbalkar] has hacked together a simple — yet effective — WiFi jammer”””
    This is simply NOT TRUE. Could you please correct your article, James, and give credits to the original author ?
    Or has HaD become a proxy for alternative reality ?

  4. I tried it and could not jam my home router and I learn that it automatically switch to 5.8Ghz because my router has 2,4 and 5,8Ghz! I did learn a few things regarding IEEE 802.11.

  5. Is this the same s*** that has been available on kali for age?
    I’m not an expert but a few month ago I had an issue with my ISP (the non technical kind)
    and was in dire need of internet. So I played around with those, but pretty much all attack worked liked very poorly.
    the fake AP generator made ~30 bogus SSID, which is basically below what you expect in any dense urban area under real life condition. I can’t imagine the ESP8266 doing much better.

    Anyone actually tried this instead of shitting on the editor???

    1. Right, my neighbourhood isn’t super dense, but stand near an upstairs window with any device that actually has a fractionally decent antenna and there’s 50 APs. Anything with any gain worth mentioning you have to log to see them all as they keep talking over each other.

Leave a Reply to Mike AberleCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.