Terminology is something that gets us all mixed up at some point. [Seytonic] does a great job of explaining the difference between WiFi jammers and deauthenticators in the video embedded below. A lot of you will already know the difference however it is useful to point out the difference since so many people call deauth devices “WiFi Jammers”.
In their YouTube video they go on to explain that jammers basically throw out a load of noise on all WiFi channels making the frequencies unusable in a given distance from the jammer. Jammers are also normally quite expensive, mostly illegal, and thus hard to find unless of course you build your own.
WiFi deauthentication on the other hand works in a very different way. WiFi sends unencrypted packets of data called management frames. Because these are unencrypted, even if the network is using WPA2, malicious parties can send deauthentication commands which boot users off of an access point. There is hope though with 802.11w which encrypts management frames. It’s been around for a while however manufacturers don’t seem bothered and don’t implement it, even though it would improve the security of a WiFi device from these types of attacks.
Continue reading “WiFi Deauthentication VS WiFi Jamming: What is the difference?”
Researchers from Exodus Intel recently published details on a flaw that exists on several Broadcom WiFi chipsets. It’s estimated to affect nearly 1 Billion devices, from Android to iPhone. Just to name a few in the top list:
- Samsung Galaxy from S3 through S8, inclusive
- All Samsung Notes3. Nexus 5, 6, 6X and 6P
- All iPhones after iPhone 5
So how did this happen? And how does a bug affect so many different devices?
A smart phone nowadays is a very complicated mesh of interconnected chips. Besides the main processor, there are several other secondary processors handling specialized tasks which would otherwise clog up the main CPU. One of those is the WiFi chipset, which is responsible for WiFi radio communications — handling the PHY, MAC and MLME layers. When all the processing is complete, the radio chipset hands data packets over the kernel driver, which runs on the main CPU. This means that the radio chipset itself has to have some considerable data processing power to handle all this work. Alas, with great power comes great responsibility.
Continue reading “Broadpwn – All Your Mobiles are Belong to Us”
The ESP8266 is a remarkable piece of hardware. What we originally thought — and what was originally marketed as — a simple UART to WiFi bridge with Hayes modem commands has turned into one of the best embedded platforms around. It’s a powerful little microcontroller, it has WiFi, and it can send raw frames. That last bit is awesome, because it allows for some mischief or mirth making, depending on your point of view.
For his Hackaday Prize entry, [Tejas] is building a WiFi Jammer with an ESP8266. It’s a small device that is able to disconnect anyone from a WiFi AP. Should you build it? No. Can you? Sure, why not.
The code for this WiFi hacking tool is taken from the creator of the ESP8266 deauth toolkit, [spacehuhn], although [Tejas] is violating the license for [spacehuhn]’s (non-Open Source) code. This fantastic piece of firmware uses management packets to send a deauthentication frame, effectively allowing anyone to disconnect any device from a WiFi router. Why would anyone want to do this? Mischief, of course, but there are also a few techniques that could allow an attacker to get a password for the WiFi.
While there are ways to protect against deauth attacks, most routers don’t have management-frame protection enabled. In any event, we’re going to see exactly how annoying deauth attacks can be this week at DEF CON. The smart money is on a small percentage of DEF CON attendees lulzing about with ESPs and the Caesar’s CTO being very, very unhappy.
Everyone’s favorite packet sniffing tool, Wireshark, has been around for almost two decades now. It’s one of the most popular network analysis tools available, partially due to it being free and open source. Its popularity guaranteed that it would eventually be paired with the ESP32/8266, the rising star of the wireless hardware world, and [spacehuhn] has finally brought these two tools together to sniff WiFi packets.
The library that [spacehuhn] created uses the ESP chip to save Pcap files (the default Wireshark filetype) onto an SD card or send the data over a serial connection. The program runs once every 30 seconds, creating a new Pcap file each time. There are many example scripts for the various hardware you might be using, and since this is written for the ESP platform it’s also Arduino compatible. [spacehuhn] has written this as a proof-of-concept, so there are some rough edges still, but this looks very promising as a network analysis tool.
[spacehuhn] is no stranger to wireless networks, either. His YouTube channel is full of interesting videos of him exploring various exploits and testing other pieces of hardware. He’s also been featured here before for using an ESP8266 as a WiFi jammer.
Continue reading “ESP to Wireshark”
A good robot is always welcome around here at Hackaday, and Hackaday.io user [igorfonseca83]’browser-controlled ‘bot s is no exception. Felines beware.
[igorfonseca83] — building on another project he’s involved in — used simple materials for the robot itself, but you could use just about anything. His goal for this build was to maximize accessibility in terms of components and construction using common tools.
An Arduino Uno gets two D/C motors a-driving using an H-bridge circuit — granting independent control the wheels — an ESP8266 enabling WiFi access, with power provided by a simple 5V USB power bank. [igorfonseca83] is using an Android smartphone to transmit audio and video data; though this was mostly for convenience on his part, a Raspberry Pi and camera module combo as another great option!
Continue reading “Stalk Your Cats With A Browser-Controlled Robot”
While most of you reading this have broadband in your home, there are still vast areas with little access to the Internet. Ham radio operator [emmynet] found himself in just such a situation recently, and needed to get a wireless connection over 1 km from his home. WiFi wouldn’t get the job done, so he turned to a 433 MHz serial link instead. (Alternate link)
[emmynet] used an inexpensive telemetry kit that operates in a frequency that travels long distances much more easily than WiFi can travel. The key here isn’t in the hardware, however, but in the software. He went old-school, implemending peer-to-peer TCP/IP connection using SLIP — serial line Internet protocol. All of the commands to set up the link are available on his project page. With higher gain antennas than came with the telemetry kit, a range much greater than 1 km could be achieved as well.
[Editor’s note: This is how we all got Internet, over phone lines, back in the early Nineties. Also, you kids get off my lawn! But also, seriously, SLIP is a good tool to have in your toolbox, especially for low-power devices where WiFi would burn up your batteries.]
While it didn’t suit [emmynet]’s needs, it is possible to achieve extremely long range with WiFi itself. However this generally requires directional antennas with very high gain and might not be as reliable as a lower-frequency connection. On the other hand, a WiFi link will (in theory) get a greater throughput, so it all depends on what your needs are. Also, be aware that using these frequencies outside of their intended use might require an amateur radio license.
Continue reading “Long Range Wireless Internet”
The rabbit hole of features and clever hacks in [chiprobot]’s NEMA17 3D Printed Linear Actuator is pretty deep. Not only can it lift 2kg+ of mass easily, it is mostly 3D printed, and uses commonplace hardware like a NEMA 17 stepper motor and a RAMPS board for motion control.
The main 3D printed leadscrew uses a plug-and-socket design so that the assembly can be extended easily to any length desired without needing to print the leadscrew as a single piece. The tip of the actuator even integrates a force sensor made from conductive foam, which changes resistance as it is compressed, allowing the actuator some degree of feedback. The force sensor is made from a 3M foam earplug which has been saturated with a conductive ink. [chiprobot] doesn’t go into many details about his specific method, but using conductive foam as a force sensor is a fairly well-known and effective hack. To top it all off, [chiprobot] added a web GUI served over WiFi with an ESP32. Watch the whole thing in action in the video embedded below.
Continue reading “Hackaday Prize Entry: 3D Printed Linear Actuator Does 2kg+”