Interfering with radio communications, whether through jamming, deauthing attacks, or other meddling, is generally considered a crime, and one that attracts significant penalties. However, studying such techniques should provide a useful edge in the electronic wars to come. In this vein, [Giorgio Filardi] has recently built a WiFi deauther the size of a credit card.
The device has a simple interface, consisting of 3 buttons and a small OLED screen. It can also be accessed remotely and controlled through a web interface. A NodeMCU ESP8266 board runs the show, using [spacehuhn]’s deauther firmware. The point-to-point construction probably won’t hold up to much rough and tumble out in the field, but it’s fine for a bench test. We’d recommend constructing an enclosure if it was to be used more regularly.
There’s plenty of functionality baked in – the device can scan for networks, perform deauth attacks, and even create spoof networks. It’s a tricky little device that serves to highlight several flaws in WiFi security that are yet to be fixed by the powers that be.
Using one of these devices for nefarious purposes will likely get you into trouble. Experimenting on your own networks can be educational, however, and goes to show that wireless networks are never quite as safe as we want them to be.
If you’re wondering as to the difference between deauthentication and jamming, here’s your primer.
Could just use something like the Odroid-Go and it would be a little less MacGyver’d together.
IIRC the Odroid-Go is ESP32 based and the deauther code by Spacehuhn only works for the ESP8266.
MacGyvering is the point of doing things like this.
If you don’t want to MacGyver something, why the heck are you on Hackaday?
My intentions were to say that it would be more pocketable and less likely to fall apart in use. But it looks like I triggered a key word match for some people.
Are there any regulations for ISM bands other than for the physical layer (i.e. output power)?
I think this is a reference to mentioning the first paragraphs “a crime” statement. This is not accurate. Yes there are many regs for radio, but for wifi nothing I know of. Deauth is not illegal. Spoofing a network is not illegal. Downloading something of off someones computer with out them knowing, that -is- illegal. Not saying it shouldn’t be a crime… it just isn’t and the law is vague on both state, national, and international levels.
>Deauth is not illegal.
Isn’t deauth packets what Marriot hotels got into trouble using a few years back? (In all fairness reporting was a bit vague on the details of how_
As far as i know Marriott was deauthing guests WiFi hot-spots from their phones thus forcing guests to use the hotels wifi.
Yeah, and how many times has the *present* FCC administration enforced that ruling?
Intentional interfering with wifi is illegal. https://www.fcc.gov/general/jammer-enforcement
This may be a loophole in some countries. In the US it is illegal, but in many radio regulations the definition of interference and jamming is quite narrow.
You could probably argue the FCC’s Part 15 would qualify.. “Must not cause unwanted interference”… I think you could argue that deauthing could be considered interference.
No. This a wanted interference
it depends, honestly I’d say it goes by the owner of the network, if they want it then it’s ok, if you’re not the owner then don’t get caught
A deauthentication frame is a part of the 802.11 standard.
You’re using a device that is compliant with the 802.11 standard, operating at a standard, legal power level, on a standard, legal frequency, with a completely legitimate, standard physical-layer implementation of 802.11, as well as legitimate 802.11 at the layers above that.
“Interference”, in FCC terms, really only applies to physical RF interference – not to higher-level network interactions designed in a way that is annoying for users. This stuff, legally and technically, was never designed to be specific to the complexities of high-level computer network stacks.
If you want to share the same unlicensed frequency that other people are using and they’re transmitting at an authorised power level – well you’re going to have to deal with it. If other users are legally compliant, in terms of the spectrum and power levels they are using, well you’ll just have to buy licensed spectrum if you really want assurance that you don’t have to deal with anybody else getting in the way.
A deauthentication frame is a part of that standard, implemented into that standard, and you’re using it as it was designed.
It is a legitimate, intentional interaction between the stations and AP which faithfully implement that standard.
You could easily argue that this is not interference – it’s the intentional behaviour of the system.
Sure, the standard might have been designed terribly for user experience in this case, but it’s working as designed.
> It is a legitimate, intentional interaction between the stations and AP which faithfully implement that standard.
So how does deauther fit into this description? It’s neither a station nor AP. And doesn’t it have to spoof the MAC address of AP? I bet there’s some court ruling from 60s or 70s making it a federal crime ;-)
FYI: https://transition.fcc.gov/eb/jammerenforcement/fccdhssj.pdf
Also a very long list of applicable laws including The Communication Act of 1934, DoJ Title 18 -1362, 1367a.
If you do anything like hacking/logging password, then a whole other can of computer hacking etc applies.
P.S. pdf DRM, so can’t copy/paste the section here.
Ridiculous. First, you dont need a voltage regulator (look at the micro usb on the nodemcu device).
Then, you can make something smaller and more robust use a Wemos D1+ an Oled shield. 7$ total.
The Vin pin of this board was broken, plus using a 3,3v regulator you improve the battery life.
I’d argue that it’s the same regulator, the AMS1117 :) so same difference
You are right, no battery saving…but the pin was still broken ????
1117 is a horrible regulator. It has a dropout of 1V (datasheet), so you’ll need at least 4.3V for 3.3V output. Li battery as starts off a dropping below 4.2V as soon as you stop charging.
it would be really nice to have a big regulator write up on HD one day…
I can’t imagine how the pin would have got broken.
Soldering several times, I use and reuse
You can make one battery powered on a dickbutt-shaped PCB for three dollars.
“COULD DEFINITELY” Mariott used deauth attacks against wifi hotspots on an industrial scale for years. In the end they were fined US $600k but no criminal charges were filed. I suspect they made more than $600k selling wifi to their victims.
im sure that had to do more with abusive business practices than it had to do with the legalities of a de-auth, The point being that they were doing that so that they could force people to buy their services when they were not required.
If they stated it forward they may have been alright. I dunno. All enterprise wireless solutions have deauth feature builtin for managing rogue APs in a physical space. Many non hospitality oriented organizations dont want stray APs running in their space. Also they all use MFP so they can’t be deauthed in return.
“Interfering with radio communications, whether through jamming, deauthing attacks, or other meddling, is generally considered a crime”
while that is true wifi is not the only communications channel out there i dont imagine that the emergency communications is done over wifi they have their own frequencies to avoid problems with wifi and to keep them more closed.
also i dont know if the deauther even transmits a number than can be traced.
of course if it was that illegal i am sure the fcc would have caught the capabilites of the cheap wifi modules and blocked them from coming int usa just like they are doing with the Baofeng radios.
now if one was to broadcast a blank 1.4 to 5 ghz carrier to drown out the wifi they may say something
You can legally deauther a drone that trepassing in your property. To barren 1,4 to 5 GHz you need something big and expensive
[Citation needed.]
I was wrong…you cannot legally
More like the citation in price, and not the legality of it. You can pretty much do this with WiFi modules costing less than a bottle of beer (and smaller than the beer cap)!
The 4327th deauther build…
YAWN!
Do something constructive and new instead or I’ll phone your mum!
I mean, DIY is fine and great but well:
https://www.tindie.com/products/lspoplove/dstike-wifi-deauther-mini-v2/
…
Why don’t you build something and notify us all about it, that’s more constructive than your (and my) comment…
BTW. If you phone your mum, at least do it the hacker way using pulse dialing the hook contacts of your wired analog phone…
My favorite thing about all these deauthers is network admins just see a little note that there was an attempt x number of times, at a specific time, with the coordinates and also a note that no connections were affected.
Very nice comparison.
What did you create recently?
Must be something wonderful if you feel free to compare other people projects to shit.
Deauth can really only effect home players these days, people with personal hotspots etc… All of the enterprise products support Management Frame Protection, nearly all consumer endpoints support MFP. Many of the enterprise products also support sending deauths to rogue AP within a defined range too. Maybe this could project be used to verify a netadmin’s configuration of an enterprise product?
Hello, congratulations on your construction. I’m doing one of these with a nodemcu, I2C 1306 display and neopixel led and buttons, but the led does not light up and the buttons on the same pins as yours do not respond, I use the spacehuhn deauther code, I cannot make it work, I am not good in code with arduino, could you help me? I already searched Aconfig.h, but I don’t know what else to enable there to work. Thanks
Hello, congratulations on your construction. I’m doing one of these with a nodemcu, I2C 1306 display and neopixel led and buttons, but the led does not light up and the buttons on the same pins as yours do not respond, I use the spacehuhn deauther code, I cannot make it work, I am not good in code with arduino, could you help me? I already searched Aconfig.h, but I don’t know what else to enable there to work. Thanks