Welcome boyzzz

This Photo by Unknown author is licensed under CC BY.

Detect & Classify Wi-Fi Jamming Packets
with the NodeMCU

The most common Wi-Fi jamming attacks leverage deauthentication and disassociation packets to
attack networks. This allows a low-cost ESP8266-based device programmed in Arduino to detect and
classify Wi-Fi denial-of-service attacks by lighting a different color LED for each type of packet. The
pattern of these colors can also allow us to fingerprint the tool being used to attack the network.
 • The most common way this sort of attack is
done is with deauthentication packets.
These are a type of "management" frame
responsible for disconnecting a device from
Deauthentication an access point. Forging these packets is the
Packets key to hacking many Wi-Fi networks, as you
can forcibly disconnect any client from the
network at any time. The ease of which this
can be done is somewhat frightening and is
often done as part of gathering a WPA
handshake for cracking.
 • Disassociation packets are another type of
management frame that is used to
disconnect a node (meaning any device like
a laptop or cell phone) from a nearby access
point. The difference between
Dissasociation deauthentication and disassociation frames
is primarily that an AP looking to disconnect
Packets a rogue device would send a
deauthentication packet to inform the
device it has been disconnected from the
network, whereas a disassociation packet is
used to disconnect any nodes when the AP is
powering down, rebooting, or leaving the
area.
 ESP8266 NodeMCU CP2102 development
board wireless module

Solderless breadboard kit with jumper wires

What You'll
Need Tricolor LED

Micro-USB cable

Resistors
Download & • The free, cross-platform Arduino IDE will
allow us to quickly prototype what we need.
Configure Arduino IDE (the IDE stands for "integrated
Arduino IDE development environment") allows you to
quickly write and upload scripts to Arduino-
like microcontroller devices.
Download the • Now that we have our IDE set up, we can
DeauthDetector download Spacehuhn's DeauthDetector to
get started modifying the code.
 • First and most obviously, we have our main
settings. There are a collection of definitions
that dictate how the code functions. Here, we
can define whether or not we want to channel
Tweak the hop or just stay on one channel by setting the
Deauth "channelHopping" setting to "true."
• Depending on where we are, we can define the
Detector highest channel to scan to while channel
Code hopping (Japan is 14, while the US only goes to
11), and the number of packets detected per
minute which we will decide an attack is
underway. Because we are tweaking the
detector, this won't be so important.
 • Once you have the code pushed to the NodeMCU,
you can wire your four-pin, three-color RGB LED in
one of two ways. Most direct is plugging it directly
next to the D5, D6, D7, and ground pins on the mini
breadboard. This works great, and probably won't
burn out the LED, but to be safe, you may want to
Wire & Test the use a resistor in your design.
Modified
DeauthDetector • using MDK3 and Airplay-ng to fire off some hostile
packets against a network you have permission to,
and see if the LED lights up in response. In addition,
watch for patterns in the colors that appear, as
they'll directly reflect the behavior of the program
being used.
Thankyou