gitea-mirror/ESP32Marauder
1
0
Fork 0
mirror of https://github.com/justcallmekoko/ESP32Marauder.git synced 2025-12-15 09:10:38 -08:00
Code Issues Packages Projects Releases Wiki Activity

Added rick roll

Browse Source
This commit is contained in:
Just Call Me Koko
2019-12-14 15:52:31 -05:00
parent b2f928953f
commit 4882016e03
3 changed files with 141 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
esp32_marauder/MenuFunctions.cpp
View File

@@ -14,7 +14,8 @@ void MenuFunctions::main()
// Get the display buffer out of the way
if ((wifi_scan_obj.currentScanMode != WIFI_SCAN_OFF ) &&
(wifi_scan_obj.currentScanMode != WIFI_ATTACK_BEACON_SPAM))
(wifi_scan_obj.currentScanMode != WIFI_ATTACK_BEACON_SPAM) &&
(wifi_scan_obj.currentScanMode != WIFI_ATTACK_RICK_ROLL))
display_obj.displayBuffer();
@@ -40,6 +41,7 @@ void MenuFunctions::main()
(wifi_scan_obj.currentScanMode == WIFI_SCAN_ST) ||
(wifi_scan_obj.currentScanMode == WIFI_SCAN_ALL) ||
(wifi_scan_obj.currentScanMode == WIFI_ATTACK_BEACON_SPAM) ||
(wifi_scan_obj.currentScanMode == WIFI_ATTACK_RICK_ROLL) ||
(wifi_scan_obj.currentScanMode == BT_SCAN_ALL) ||
(wifi_scan_obj.currentScanMode == BT_SCAN_SKIMMERS))
{
@@ -61,7 +63,8 @@ void MenuFunctions::main()
// Check if any key coordinate boxes contain the touch coordinates
// This is for when on a menu
if ((wifi_scan_obj.currentScanMode != WIFI_ATTACK_BEACON_SPAM))
if ((wifi_scan_obj.currentScanMode != WIFI_ATTACK_BEACON_SPAM) &&
(wifi_scan_obj.currentScanMode != WIFI_ATTACK_RICK_ROLL))
{
// Need this to set all keys to false
for (uint8_t b = 0; b < BUTTON_ARRAY_LEN; b++) {
@@ -147,6 +150,7 @@ void MenuFunctions::RunSetup()
wifiAttackMenu.parentMenu = &wifiMenu; // Main Menu is second menu parent
addNodes(&wifiAttackMenu, "Back", TFT_RED, NULL, 0, [this](){changeMenu(wifiAttackMenu.parentMenu);});
addNodes(&wifiAttackMenu, "Beacon Spam Random", TFT_ORANGE, NULL, 1, [this](){wifi_scan_obj.StartScan(WIFI_ATTACK_BEACON_SPAM, TFT_ORANGE);});
addNodes(&wifiAttackMenu, "Rick Roll Beacon", TFT_YELLOW, NULL, 1, [this](){wifi_scan_obj.StartScan(WIFI_ATTACK_RICK_ROLL, TFT_YELLOW);});
// Build Bluetooth Menu
bluetoothMenu.parentMenu = &mainMenu; // Second Menu is third menu parent

120
esp32_marauder/WiFiScan.cpp
View File

@@ -122,6 +122,8 @@ void WiFiScan::StartScan(uint8_t scan_mode, uint16_t color)
RunBeaconScan(scan_mode, color);
else if (scan_mode == WIFI_ATTACK_BEACON_SPAM)
RunBeaconSpam(scan_mode, color);
else if (scan_mode == WIFI_ATTACK_RICK_ROLL)
RunRickRoll(scan_mode, color);
else if (scan_mode == BT_SCAN_ALL)
RunBluetoothScan(scan_mode, color);
else if (scan_mode == BT_SCAN_SKIMMERS)
@@ -137,7 +139,8 @@ void WiFiScan::StopScan(uint8_t scan_mode)
(currentScanMode == WIFI_SCAN_AP) ||
(currentScanMode == WIFI_SCAN_ST) ||
(currentScanMode == WIFI_SCAN_ALL) ||
(currentScanMode == WIFI_ATTACK_BEACON_SPAM))
(currentScanMode == WIFI_ATTACK_BEACON_SPAM) ||
(currentScanMode == WIFI_ATTACK_RICK_ROLL))
{
esp_wifi_set_promiscuous(false);
WiFi.mode(WIFI_OFF);
@@ -158,6 +161,32 @@ void WiFiScan::StopScan(uint8_t scan_mode)
display_obj.tteBar = false;
}
void WiFiScan::RunRickRoll(uint8_t scan_mode, uint16_t color)
{
//Serial.println("Rick Roll...");
display_obj.TOP_FIXED_AREA_2 = 32;
display_obj.tteBar = true;
display_obj.print_delay_1 = 15;
display_obj.print_delay_2 = 10;
display_obj.clearScreen();
display_obj.initScrollValues(true);
display_obj.tft.setTextWrap(false);
display_obj.tft.setTextColor(TFT_BLACK, color);
display_obj.tft.fillRect(0,0,240,16, color);
display_obj.tft.drawCentreString(" Rick Roll Beacon ",120,0,2);
display_obj.touchToExit();
display_obj.tft.setTextColor(TFT_GREEN, TFT_BLACK);
packets_sent = 0;
//esp_wifi_set_mode(WIFI_MODE_STA);
WiFi.mode(WIFI_AP_STA);
esp_wifi_set_promiscuous_filter(NULL);
esp_wifi_set_promiscuous(true);
esp_wifi_set_max_tx_power(78);
initTime = millis();
//display_obj.clearScreen();
//Serial.println("End of func");
}
// Function to prepare for beacon spam
void WiFiScan::RunBeaconSpam(uint8_t scan_mode, uint16_t color)
{
@@ -414,6 +443,67 @@ void WiFiScan::probeSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type)
}
}
// Function to send beacons with random ESSID length
void WiFiScan::broadcastSetSSID(uint32_t current_time, char* ESSID) {
set_channel = random(1,12);
esp_wifi_set_channel(set_channel, WIFI_SECOND_CHAN_NONE);
delay(1);
// Randomize SRC MAC
packet[10] = packet[16] = random(256);
packet[11] = packet[17] = random(256);
packet[12] = packet[18] = random(256);
packet[13] = packet[19] = random(256);
packet[14] = packet[20] = random(256);
packet[15] = packet[21] = random(256);
/////////////////////////////
//int essid_len = random(6, 10);
// random prefix to beacon essid
//uint8_t rand_reg[essid_len] = {};
//for (int i = 0; i < essid_len; i++)
// rand_reg[i] = alfa[random(65)];
int ssidLen = strlen(ESSID);
//int rand_len = sizeof(rand_reg);
int fullLen = ssidLen;
packet[37] = fullLen;
// Insert random prefix
//for (int i = 0; i < rand_len; i++)
// packet[38+i] = rand_reg[i];
// Insert my tag
for(int i = 0; i < ssidLen; i++)
packet[38 + i] = ESSID[i];
/////////////////////////////
packet[50 + fullLen] = set_channel;
uint8_t postSSID[13] = {0x01, 0x08, 0x82, 0x84, 0x8b, 0x96, 0x24, 0x30, 0x48, 0x6c, //supported rate
0x03, 0x01, 0x04 /*DSSS (Current Channel)*/ };
// Add everything that goes after the SSID
for(int i = 0; i < 12; i++)
packet[38 + fullLen + i] = postSSID[i];
esp_wifi_80211_tx(WIFI_IF_AP, packet, sizeof(packet), false);
esp_wifi_80211_tx(WIFI_IF_AP, packet, sizeof(packet), false);
esp_wifi_80211_tx(WIFI_IF_AP, packet, sizeof(packet), false);
//esp_wifi_80211_tx(WIFI_IF_AP, packet, sizeof(packet), false);
//esp_wifi_80211_tx(WIFI_IF_AP, packet, sizeof(packet), false);
//esp_wifi_80211_tx(WIFI_IF_AP, packet, sizeof(packet), false);
packets_sent = packets_sent + 3;
}
// Function for sending crafted beacon frames
void WiFiScan::broadcastRandomSSID(uint32_t currentTime) {
@@ -508,6 +598,34 @@ void WiFiScan::main(uint32_t currentTime)
for (int i = 0; i < 55; i++)
broadcastRandomSSID(currentTime);
if (currentTime - initTime >= 1000)
{
initTime = millis();
//Serial.print("packets/sec: ");
//Serial.println(packets_sent);
String displayString = "";
String displayString2 = "";
displayString.concat("packets/sec: ");
displayString.concat(packets_sent);
for (int x = 0; x < STANDARD_FONT_CHAR_LIMIT; x++)
displayString2.concat(" ");
display_obj.showCenterText(displayString2, 160);
display_obj.showCenterText(displayString, 160);
packets_sent = 0;
}
}
else if ((currentScanMode == WIFI_ATTACK_RICK_ROLL))
{
// Need this for loop because getTouch causes ~10ms delay
// which makes beacon spam less effective
for (int i = 0; i < 7; i++)
{
for (int x = 0; x < (sizeof(rick_roll)/sizeof(char *)); x++)
{
broadcastSetSSID(currentTime, rick_roll[x]);
}
}
if (currentTime - initTime >= 1000)
{
initTime = millis();

18
esp32_marauder/WiFiScan.h
View File

@@ -20,8 +20,9 @@
#define WIFI_SCAN_ST 3
#define WIFI_SCAN_ALL 4
#define WIFI_ATTACK_BEACON_SPAM 5
#define BT_SCAN_ALL 6
#define BT_SCAN_SKIMMERS 7
#define WIFI_ATTACK_RICK_ROLL 6
#define BT_SCAN_ALL 7
#define BT_SCAN_SKIMMERS 8
extern Display display_obj;
@@ -40,6 +41,17 @@ class WiFiScan
String alfa = "1234567890qwertyuiopasdfghjkklzxcvbnm QWERTYUIOPASDFGHJKLZXCVBNM_";
char* rick_roll[8] = {
"01 Never gonna give you up",
"02 Never gonna let you down",
"03 Never gonna run around",
"04 and desert you",
"05 Never gonna make you cry",
"06 Never gonna say goodbye",
"07 Never gonna tell a lie",
"08 and hurt you"
};
char* prefix = "G";
typedef struct
@@ -72,6 +84,8 @@ class WiFiScan
};
void broadcastRandomSSID(uint32_t currentTime);
void broadcastSetSSID(uint32_t current_time, char* ESSID);
void RunRickRoll(uint8_t scan_mode, uint16_t color);
void RunBeaconSpam(uint8_t scan_mode, uint16_t color);
void RunBeaconScan(uint8_t scan_mode, uint16_t color);
void RunProbeScan(uint8_t scan_mode, uint16_t color);