Our great sponsors
-
esp32-wifi-penetration-tool
Exploring possibilities of ESP32 platform to attack on nearby Wi-Fi networks.
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Getting the ESP32 to send deauthentication frames has been on my radar for quite some time now. I started designing and producing the Marauder not realizing the ESP32 was incapable of sending deauth frames due to the limitations enforced by Espressif in their IDF. Thankfully DonBrus and tobozo tested my capabilities and questioned my methods. They led me to this repo on github. Within the source of the repo, there is a bypass of ieee80211_raw_frame_sanity_check which allows the ESP32 to send frames originally not permitted by the ESP-IDF using that very method. According to the repo documentation, this bypass was only tested in ESP-IDF version 4.1 5ef1b390026270503634ac3ec9f1ec2e364e23b2.
Now I still have not made the transition from the Arduino IDE to other more adult development frameworks like pure ESP-IDF. I still like the Arduino wrapping and all of the libraries that spoon feed me the functionality I need. For anyone who is not aware, esp-idf and arduino-esp32 are two different things. Arduino-ESP32 is built on top of ESP-IDF and wraps it to do that spoon feeding I was talking about. The trick is to install the correct version of Arduino-ESP32 so you can get to the version of ESP-IDF that you want. There is no version of Arduino-ESP32 built with ESP-IDF version 4.1. The next best thing is Arduino-ESP32 version 2.0.0 RC1 (ESP-IDF v4.4). A quick sift through ghidra can confirm the process flow still involves the sanity check method prior to sending frames. Install that and make your little code migrations to make things work again.
Now I still have not made the transition from the Arduino IDE to other more adult development frameworks like pure ESP-IDF. I still like the Arduino wrapping and all of the libraries that spoon feed me the functionality I need. For anyone who is not aware, esp-idf and arduino-esp32 are two different things. Arduino-ESP32 is built on top of ESP-IDF and wraps it to do that spoon feeding I was talking about. The trick is to install the correct version of Arduino-ESP32 so you can get to the version of ESP-IDF that you want. There is no version of Arduino-ESP32 built with ESP-IDF version 4.1. The next best thing is Arduino-ESP32 version 2.0.0 RC1 (ESP-IDF v4.4). A quick sift through ghidra can confirm the process flow still involves the sanity check method prior to sending frames. Install that and make your little code migrations to make things work again.
I currently have this working in v0.9.3 of the ESP32 Marauder firmware.
Related posts
- Any good/worthwhile Camera sensor modules for arduino/pico for still photography?
- I am trying to write to an SD card, it "works" but I can only find the file on PC if I use data recovery software?
- ESP32 memory corruption
- ESP32 WiFiMulti: Connect to the Strongest Wi-Fi Network (from a listing of networks).
- problems connecting esp32 to sd card