
Deauthentication attack and other ‘wifi hacks’ using an ESP8266 module - infosecrf
https://medium.com/@tomac/deauthentication-attack-and-other-wifi-hacks-using-an-esp8266-module-14f9142b063d
======
wolframio
I did a quick search of the forums but didn't find anything related to this. I
came across this page on the FCC's site that states deauth attacks and jamming
of WiFi are illegal in the US as of January, 2015. They also state the
following:

In addition, we reiterate that Federal law prohibits the operation, marketing,
or sale of any type of jamming equipment, including devices that interfere
with Wi-Fi, cellular, or public safety communications. Detailed information
about the prohibition against jamming is available on the Commission’s website
at [http://www.fcc.gov/encyclopedia/jammer-
enforcement](http://www.fcc.gov/encyclopedia/jammer-enforcement).

If you read the example they gave about a Marriott hotel deauthenticating
users it appears the FCC doesn't know the different between that and jamming a
signal. Of course they added that catch-all statement that any device that
interferes with WiFi communications is illegal. Page 2 of that document states
that no commercial establishment is allowed to block WiFi communication but
the next paragraph down has the quote I posted above. It would appear that
using the deauth feature of the Pineapple is now illegal, unless if I'm
misinterpreting this.

~~~
blackguardx
From the FCC's point of view, performing any denial of service attack on a
radio channel using either old fashioned jamming or other technological means
is illegal. It doesn't have to distinguish between the two because the intent
and end result are the same.

~~~
seanp2k2
What about using bandwidth to the extent that it degrades performance for
other users? Is using 80Mhz for my wifi for my legitimate use-cases in my
apartment while copying lots of photos to my NAS and thus using up most of
that an attack? It would measurably degrade the performance of nearby wifi,
and given a location in an apartment and my naive default power levels of
"everything to max" (as most wifi routers operate by default)...

Why is everyone in an apartment who isn't a radio engineer guilty of
interference given the broad definition? I know that it's only who they choose
to prosecute, but that seems to be the problem with laws like this.

~~~
blackguardx
They aren't guilty of interference. Interference has a strict definition. A
device operating in the ISM band by defition can't be interfering with other
devices in the ISM band if that bandwidth is being used for communication.

ISM (Industry, Science, and Medical) is a free for all band. It is like a
public good. Anyone can make a device that uses those frequencies.

------
samueloph
Just a friendly reminder that there's also mdk3[1], which i think is not under
active development now but it works.

Also, i'm the maintainer of mdk3 on Debian and if any mdk3's dev is reading
this, please have a look at the patches i applied upon it[2] and consider
merging upstream, or putting the code on github.

There's also a manpage[3].

[1][https://packages.debian.org/sid/net/mdk3](https://packages.debian.org/sid/net/mdk3)
[2][https://anonscm.debian.org/git/pkg-
security/mdk3.git/tree/de...](https://anonscm.debian.org/git/pkg-
security/mdk3.git/tree/debian/patches) [3][https://anonscm.debian.org/git/pkg-
security/mdk3.git/tree/de...](https://anonscm.debian.org/git/pkg-
security/mdk3.git/tree/debian/mdk3.1)

------
blacksmith_tb
A while back I remember seeing a less-nuanced ESP8266 wifi jammer, it
announces a huge number of APs with random names, making it hard for devices
to connect to real networks:

[http://ruralhacker.blogspot.pt/2016/01/esp8266-jamming.html](http://ruralhacker.blogspot.pt/2016/01/esp8266-jamming.html)

~~~
gruez
>it announces a huge number of APs with random names, making it hard for
devices to connect to real networks

How does that even work? I get it will prevent someone from choosing the right
network to join, but I can't imagine how it prevents connection if the network
is already remembered (ie. autoconnect)

~~~
mschuster91
It jams the announcement channels, and lots of devices only show the X
strongest networks so the autoconnecters which get their listing after said
filter don't see the real network at all as a candidate when the jammer is
sending strong enough.

------
daveloyall
I'm in the market for a cheap device that will detect this and a variety of
other such attacks.

Bonus points and bonus money if it can somehow reveal the physical location of
the attacking device. Perhaps in the manner of a Geiger counter (some sound or
light changes as you approach the attacker).

------
banterfoil
Honest question here. Can somebody explain why a device is needed for this?
How does this differ from this project?
[https://github.com/k4m4/kickthemout](https://github.com/k4m4/kickthemout)

------
ram_rattle
Again, already known project appearing in front page again

~~~
confounded
Not known to me, I'm glad it was posted!

