Wi-PWN

Wi-PWN

ESP8266 firmware for performing deauthentication attacks, with ease.

• Fast & responsive Material Design UI, with optional dark mode
• Integrated Deauth Detector (with full customization)
• WiFi client mode - Access Wi-PWN on a WiFi network
• Info page with total packets sent, uptime, memory usage, check for updates...
• Easy to use translation engine - want to translate it to your own language? Simply go over here and ask!

Table of Contents

• Introduction
  • What is Wi-PWN
  • How it works
  • How to protect against it
• Installation
  • Flashing with NodeMCU-Flasher
  • Compiling with Arduino
• How to use it
• FAQ
• License
• Sources and additional links

Introduction

What is Wi-PWN

Wi-PWN is a firmware that performs deauth attacks on cheap Arduino boards. The ESP8266 is a cheap micro controller with built-in Wi-Fi. It contains a powerful 160 MHz processor and it can be programmed using Arduino.

A deauthentication attack is often confused with Wi-Fi jamming, as they both block users from accessing Wi-Fi networks.

How it works

The 802.11 Wi-Fi protocol contains a so called deauthentication frame. It is used to disconnect clients safely from a wirelessnetwork.

Because these management packets are unencrypted, you just need the MAC address of the Wi-Fi router and of the client device which you want to disconnect from the network. You don’t need to be in the network or know the password, it’s enough to be in its range.

How to protect against it

With the 802.11w-2009 updated standards, management frames are encrypted by default.

802.11w is rarely used in the real world as both the router and the client device need to support this standard, otherwise they won't be able to connect to the routers.

Updating to the 802.11w standard is often expensive and difficult due to the vast devices of legacy devices not supporting the new standard. Because of the maintenance nightmare, over 95% of devices use the vulnerable 802.11 standard — even though newer devices support newer standards.

Installation

Requirements:

• ESP8266 module (any board)
• Micro-USB cable
• Computer

I would recommend getting a USB breakout/developer board, mainly due to the 4Mb of flash and simplicity.

In order to upload the Wi-PWN firmware, you can use one of two methods. The first method is easier overall but using Arduino is better for debugging.YOU ONLY NEED TO DO ONE OF THE INSTALLATION METHODS!

Install the necessary drivers

There are two variants of UART converters that ESP8266 boards use:

Method 1: Flashing with NodeMCU-Flasher

1. Download the current release of Wi-PWN

2. Upload the .bin file using the nodemcu-flasher. Alternatively you can use the official esptool from espressif.

3. Connect your ESP8266 (making sure the drivers are installed) and open up the NodeMCU Flasher

4. Go to the Advanced tab and select the correct values for your board.

5. Navigate to the config tab and click the gear icon for the first entry.

6. Browse for the .bin file you just downloaded and click open.

7. Switch back to the Operation tab and click Flash(F).

Method 2: Compiling with Arduino

1. Download the source code of this project.

2. Install Arduino and open it.

3. Go to File > Preferences

4. Add http://arduino.esp8266.com/stable/package_esp8266com_index.json to the Additional Boards Manager URLs. (refer to https://github.com/esp8266/Arduino)

5. Go to Tools > Board > Boards Manager

6. Type in esp8266

7. Select version 2.0.0 and click on Install (must be version 2.0.0!)
   
   

8. Go to File > Preferences

9. Open the folder path under More preferences can be edited directly in the file
   
   

10. Go to packages > esp8266 > hardware > esp8266 > 2.0.0 > tools > sdk > include

11. Open user_interface.h with a text editor

12. Just before the last line #endif, add the following:

typedef void (*freedom_outside_cb_t)(uint8 status);
int wifi_register_send_pkt_freedom_cb(freedom_outside_cb_t cb);
void wifi_unregister_send_pkt_freedom_cb(void);
int wifi_send_pkt_freedom(uint8 *buf, int len, bool sys_seq);

13. Go to the arduino/SDK_fix folder of this project

14. Copy ESP8266Wi-Fi.cpp and ESP8266Wi-Fi.h toC:\Users\%username%\AppData\Local\Arduino15\packages\esp8266\hardware\esp8266\2.0.0\libraries\ESP8266WiFi\src

15. Open arduino/Wi-PWN/Wi-PWN.ino in Arduino

16. Select your ESP8266 board at Tools > Board and the right port at Tools > PortIf no port shows up you need to reinstall the drivers, search online for chip part number + 'driver Windows'

17. Depending on your board you may have to adjust the Tools > Board > Flash Frequency and the Tools > Board > Flash Size. I used the 80MHz Flash Frequency, and the 4M (1M SPIFFS) Flash Size

18. Upload! CTRL-U

Note: If you use a 512kb version of the ESP8266, you need to comment out a part of the mac vendor list in data.h

How to use

1. Connect your ESP8266 to a USB power source (you can power it with your phone using an OTG cable)

2. Scan for Wi-Fi networks on your device and connect to Wi-PWN (no password by default).

3. Once connected, open up your browser and go to http://192.168.4.1

4. Click on ACCEPT to accept the Terms & Conditions
   
   

5. Specify a SSID and password for Wi-PWN to use and click on CONTINUE
   
   

6. Reconnect to the new network using the SSID & Password you specified in the previous step.

7. Go back to your browser and the page should reload (open http://192.168.4.1 again if the page doesn't reload)
   
   

8. Click on the Scan button to scan for Wi-Fi networks
   
   
   Note: You may have to reconnect to the Wi-Fi network.

9. Select the WiFi network(s) you want to perform the attack on. Once finished, click on the Attack button

10. Select the attack you wish to perform
    
    
    

FAQ

Only able to connect to Wi-Fi network on some devices

This happens due to a channel conflict. Simply navigate to 192.168.4.1/settings.html on a device that is able to connect to the Wi-Fi network and change the Channel number from 1 to any number up to 14.

espcomm_sync failed / espcomm_open when uploading

The ESP upload tool can't communicate with the chip.

• Reconnect the chip using a different USB port and cable.
• Install the USB drivers (cp2102 or ch340).
• Make sure the right COM port is selected.

SSID's wont load? (No clear button)

Try resetting the SSID list by visiting 192.168.4.1/clearSSID.json while connected to your ESP.If this doesnt solve your problem, ask for help in the official discord.

Deauth attack won't work

If you see 0 pkts/s on the website, then you've made a mistake. Check that you have followed the installation steps correctly and that the right SDK installed, it must be version 2.0.0!If it can send packets but your target doesn't lose its connection, then the Wi-Fi router either uses 802.11w and it's protected against such attacks, or it communicates on the 5GHz band, which the ESP8266 doesn't support because of its 2.4GHz antenna.

If you have other questions or problems with the ESP8266 you can also check out the official community forum.