Great Badge Concept: A “Geiger Counter” For WiFi Deauthentication Frames

[Nick Price] had a wonderful concept for a DEFCON badge: a device that worked a lot like a directional Geiger counter, but chirped at detecting WiFi deauthentication packets instead of radiation. That’s a wild idea and it somehow slipped past us last year. Why detect such a thing? Well, the WiFi deauth attack is a kind of invisible toxicity, effectively jamming wireless communications by forcing users to be constantly tied up with authentication, and this device would detect it.

A few things were harder than expected, however. To make the device directional, [Nick] designed and built a PCB Yagi antenna but it wasn’t practical. Not only was it far too big, it would also have required going to four layers on a PCB that was already expensive. The solution he settled on — inspired by a friend’s joke about just dropping the badge into a Pringles can — was to surround the PCB omni antenna with a copper pipe end cap from the plumbing section of any hardware store. [Nick] figured that soldering that to the ground plane should result in a simple, cheap, and attractive directional antenna mod. Did it work? We’ll all have to wait and see.

Sadly, [Nick] wasn’t able to finish in time for last year’s DEFCON. Hardware revisions mounted, and fabrication times for his specialized PCB were longer than usual. Worse news is that this year’s is cancelled, or rather is going virtual, which means he’s going to have to deauth himself. The good news is that now he’s got another 12-month extension. Watch the brief video of the functional prototype, embedded below.

Continue reading “Great Badge Concept: A “Geiger Counter” For WiFi Deauthentication Frames”

Pocket-Sized Deauther Could Definitely Get You In Trouble

Interfering with radio communications, whether through jamming, deauthing attacks, or other meddling, is generally considered a crime, and one that attracts significant penalties. However, studying such techniques should provide a useful edge in the electronic wars to come. In this vein, [Giorgio Filardi] has recently built a WiFi deauther the size of a credit card.

The device has a simple interface, consisting of 3 buttons and a small OLED screen. It can also be accessed remotely and controlled through a web interface. A NodeMCU ESP8266 board runs the show, using [spacehuhn]’s deauther firmware. The point-to-point construction probably won’t hold up to much rough and tumble out in the field, but it’s fine for a bench test. We’d recommend constructing an enclosure if it was to be used more regularly.

There’s plenty of functionality baked in – the device can scan for networks, perform deauth attacks, and even create spoof networks. It’s a tricky little device that serves to highlight several flaws in WiFi security that are yet to be fixed by the powers that be.

Using one of these devices for nefarious purposes will likely get you into trouble. Experimenting on your own networks can be educational, however, and goes to show that wireless networks are never quite as safe as we want them to be.

If you’re wondering as to the difference between deauthentication and jamming, here’s your primer.