Attention: The misuse of this software for unauthorized activities can result in criminal consequences. The author will not be held responsible for any illegal or unethical use of this software. Use it responsibly and only in compliance with applicable laws and regulations.
This project implements a rogue captive portal attack device using the ESP8266 platform. The captive portal intercepts DNS look-ups and presents login interfaces for specific URLs such as Google, Facebook, and Yahoo. Captured login credentials are stored in the ESP8266 flash memory and can be accessed by visiting RandomDomain.com/logs
.
- Captive Portal: Intercepts DNS look-ups and presents fake login interfaces for specified URLs.
- Login Interfaces: Currently implements Google login masks.
- Credential Harvesting: Captured login data is stored in the ESP8266 flash memory.
- LED Indicators: The built-in LED blinks to confirm successful start-up (10 blinks) and when a user logs in (5 blinks).
- Select the board type as NodeMCU 1.0 (ESP-12E).
- Export the code to the ESP8266.
- After the export, verify that the process is successful in the terminal.
- Connect to the WiFi.
- You should be redirected to a Gmail login page.
- View captured information in the terminal after clicking "Sign In."
- An ESP8266-compatible board.
- Correct SPIFFS setup.
- LED pin configuration.
- Install the sketch using the Arduino IDE on an ESP8266-compatible board.
- Set up SPIFFS and configure the LED pin.
- No additional hardware is needed.
- Update the WiFi public SSID and captive portal page in the main file.
- Set up a catch-all captive portal and specify three websites to simulate for credential harvesting.
- The device can be powered by a power bank for portability.
- Captured login credentials can be viewed by visiting
RandomDomain.com/logs
or in the Serial Terminal.