Wi-fi Jammer and Fake Access Points using Nord MCU (Esp-8266)

Hi,

In this blog, we look into a small Micro Controller which we can use to Jam wi-fi and also put up some fake access points.

What is a Micro-Controller?

Microcontrollers are inexpensive, effective, and commonly utilised by hackers. It can perform many of the same assaults as the more costly Raspberry Pi. While microcontrollers do not come with a full operating system like the Raspberry Pi. Microcontrollers are more powerful but also more harmful. For such attacks, an NodeMCU (ESP8266 12E) is used.

What is ESP8266?

NodeMCU is an ESP8266 firmware designed with the C programming language, the Espressif NON-OS SDK, and the Lua scripting language. It is available on the market in India for between Rs.250 and Rs.500. It is a low-cost microcontroller with high performance. The range of the ESP8266 WiFi module is 4 to 70 metres.

Now that we have a Nord MCU , Lets get the work done step by step. To start with, we need to use an IDE called Arduino. Arduino is an open-source IDE software used to upload and write codes to the board.This programme may be used with any board, such as Arduino, NodeMCU, and so on. It communicates with and uploads programmes to the Arduino hardware.

After installing Arduino IDE , we want to download the ESP8266 packages for IDE.

Go to Files — > Prefernces.

We can see a tab called “Additional Board Manager URLs” where we add the following URL

https://arduino.esp8266.com/stable/package_esp8266com_index.json

Click OK .

After this, Lets Install the Package that is required to make things work properly. To do that, Click on Tools and Check for Board: <board_name> Names in Board Managers where you can see that we have added Arduino’s Esp8266 Package. Install the package and we are good to move forward.

Now to Use the Arduino as a wifi jammer , we need to Flash it. Download the program for Esp8266 : https://github.com/SpacehuhnTech/esp8266_deauther

After Downloading it, we need to extract the files and there we can find a file names esp8266_deauther.ino . This code is the main program required. To keep in mind that, esp8266 should be connected using data cable and it should have power to work and it must be connected to the system when its flashing.

Before going to the attack we need to know what is de-authentication, beacon and probe.

1. De-auth : A de-authentication attack is a type of attack which targets the communication between router and the device. Effectively disabling the WiFi on the device. Deauthencation attack’s use a deauthenication frame. This frame sent from a router to a device forces the device to disconnect.
2. Beacon : This attack will create up to a thousand fake networks, either cloning nearby networks or creating entirely fake ones from scratch.
3. Probe : The board will send probe requests asking for a network name that’s in the list you specify. This will confuse some Wi-Fi trackers and also sometimes cause Wi-Fi attack tools to create fake networks in response to the network names contained in the probe requests.

These all can be used with the Esp8266 and try different modes of attacks on Wi-fi. Now lets look into NordMCU’s Interface. After connecting the board, connect to it using The NodeMCU WiFi’s SSID is pwned and password is deauther.

After connecting, we can access the web interface on 192.168.4.1 . Cross check if the NordMCU is On.

After connecting we can access the web interface on 192.168.4.1 and you can use any browser for browsing. Before going to web interface make sure that NodeMCU is power on and you are connected on its AP. The interface is like below :

Read the message and click on I HAVE READ AND UNDERSTOOD THE NOTICE ABOVE .

This is the initial web interface page. This will provide a list of all devices in range of a Wi-Fi network. We can scan both APs and particular stations. For best results, just select one at a time. We can select a point by ticking the rectangle box under the Vendor column.

Before going to attack, just explore the Settings on right top side of screen. On the above image the SSID is our Wi-Fi AP’s name. We can choose which AP to attack and then Go to attack section.

The attack section contains 3 types and each one has different functionalities that is also explained in the page itself. For example: If Deauth is choosed, all the devices connected to the selected AP will get deauthenticated as the MCU send the Deauth packets. Similarly each attack has each functions that you can explore on your choice.

We can also add several fake APs which can redirect attention of the users. To take as a note : Do not try to attack any WiFi without proper authorisation/permission. This post is purely for educational purposes.

Hope you like this article. Now try it out yourselves. Lets catch on the next one !!!