ESPTool – A WiFi Security Tool

Daniel Grießhaber over hackaday.io created a project called ESPTool. It is a tool to test WiFi networks security and to demonstrate how easy it is to crack a WiFi password or jam a WiFi network. Daniel designed ESPTool for education and self-test purpose.

The Device has SSD1306 based OLED display, microSD card socket, 3 general purpose buttons, ESP8266-12E module, TPS63031 Buck-/Boost converter with an input range from 1.8V – 5.5V, MCP73831 Single-Cell LiPo Charger Chip and CP2012 USB to UART converter chip.

The firmware of ESPTool has the following layers of attacks, according to Daniel’s documentation:

• Layer 1:

Since the ESPs Radio is not really configurable, it is not possible to create a WiFi Jammer that works by emitting broadband noise or any other Layer 1 attacks.

• Layer 2:
  • Deauthentification attack
  • Collecting authentication frames and save the keys to SD card for later decryption (using a wordlist on a computer, the ESP neither has enough memory nor enough processing power to crack them on the system)
  • arp spoofing and session hijacking when connected (needs investigation)
  • evil twin hotspot

• Layer 3 (after connecting to an AP):
  • Host discovery (IP Scanner)
  • Ping flooding (ICMP Pings)

• Layer 4 (after connecting to an AP):
  • Port Scan on Host

The source code and the design files, using Eagle CAD, (SCH & BRD) can be found here.

Please follow and like us: