From ebc3497c32a241ec4e0d1d6d220e1013efbe81ed Mon Sep 17 00:00:00 2001 From: Just Call Me Koko Date: Wed, 4 Jun 2025 20:26:54 -0400 Subject: [PATCH] Add Ping Scan --- .github/workflows/build_parallel.yml | 7 ++++ esp32_marauder/MenuFunctions.cpp | 7 ++++ esp32_marauder/WiFiScan.cpp | 61 ++++++++++++++++++++++++++++ esp32_marauder/WiFiScan.h | 7 ++++ esp32_marauder/utils.h | 26 ++++++++++++ 5 files changed, 108 insertions(+) diff --git a/.github/workflows/build_parallel.yml b/.github/workflows/build_parallel.yml index 10eb26c..77c2369 100644 --- a/.github/workflows/build_parallel.yml +++ b/.github/workflows/build_parallel.yml @@ -69,6 +69,13 @@ jobs: run: | find /home/runner/.arduino15/packages/esp32/hardware/ + - name: Install ESP32Ping + uses: actions/checkout@v2 + with: + repository: marian-craciunescu/ESP32Ping + ref: 1.6 + path: CustomESP32Ping + - name: Install AsyncTCP uses: actions/checkout@v2 with: diff --git a/esp32_marauder/MenuFunctions.cpp b/esp32_marauder/MenuFunctions.cpp index 6670b7f..a375eb8 100644 --- a/esp32_marauder/MenuFunctions.cpp +++ b/esp32_marauder/MenuFunctions.cpp @@ -846,6 +846,7 @@ void MenuFunctions::main(uint32_t currentTime) (wifi_scan_obj.currentScanMode == WIFI_SCAN_TARGET_AP) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_TARGET_AP_FULL) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_AP_STA) || + (wifi_scan_obj.currentScanMode == WIFI_PING_SCAN) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_PWN) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_PINESCAN) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_MULTISSID) || @@ -919,6 +920,7 @@ void MenuFunctions::main(uint32_t currentTime) (wifi_scan_obj.currentScanMode == WIFI_SCAN_TARGET_AP) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_TARGET_AP_FULL) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_AP_STA) || + (wifi_scan_obj.currentScanMode == WIFI_PING_SCAN) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_PWN) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_PINESCAN) || (wifi_scan_obj.currentScanMode == WIFI_SCAN_MULTISSID) || @@ -2017,6 +2019,11 @@ void MenuFunctions::RunSetup() wifi_scan_obj.StartScan(WIFI_SCAN_SIG_STREN, TFT_CYAN); }); //#endif + this->addNodes(&wifiSnifferMenu, "Ping Scan", TFTGREEN, NULL, PROBE_SNIFF, [this]() { + display_obj.clearScreen(); + this->drawStatusBar(); + wifi_scan_obj.StartScan(WIFI_PING_SCAN, TFT_CYAN); + }); // Build Wardriving menu #ifdef HAS_GPS diff --git a/esp32_marauder/WiFiScan.cpp b/esp32_marauder/WiFiScan.cpp index a001857..b2ca8f9 100644 --- a/esp32_marauder/WiFiScan.cpp +++ b/esp32_marauder/WiFiScan.cpp @@ -610,6 +610,13 @@ void WiFiScan::RunSetup() { this->initWiFi(1); } +bool WiFiScan::isHostAlive(IPAddress ip) { + if (ip != IPAddress(0, 0, 0, 0)) + return Ping.ping(ip, 1); // 1 try, returns true if reply received + else + return false; +} + int WiFiScan::clearStations() { int num_cleared = stations->size(); stations->clear(); @@ -931,6 +938,8 @@ void WiFiScan::StartScan(uint8_t scan_mode, uint16_t color) gps_obj.enable_queue(); #endif } + else if (scan_mode == WIFI_PING_SCAN) + RunPingScan(scan_mode, color); WiFiScan::currentScanMode = scan_mode; } @@ -1092,6 +1101,7 @@ void WiFiScan::StopScan(uint8_t scan_mode) (currentScanMode == WIFI_SCAN_TARGET_AP) || (currentScanMode == WIFI_SCAN_TARGET_AP_FULL) || (currentScanMode == WIFI_SCAN_AP_STA) || + (currentScanMode == WIFI_PING_SCAN) || (currentScanMode == WIFI_SCAN_PWN) || (currentScanMode == WIFI_SCAN_PINESCAN) || (currentScanMode == WIFI_SCAN_MULTISSID) || @@ -1366,6 +1376,42 @@ void WiFiScan::parseBSSID(const char* bssidStr, uint8_t* bssid) { &bssid[3], &bssid[4], &bssid[5]); } +void WiFiScan::RunPingScan(uint8_t scan_mode, uint16_t color) +{ + startPcap("pingscan"); + + #ifdef HAS_FLIPPER_LED + flipper_led.sniffLED(); + #elif defined(XIAO_ESP32_S3) + xiao_led.sniffLED(); + #elif defined(MARAUDER_M5STICKC) + stickc_led.sniffLED(); + #else + led_obj.setMode(MODE_SNIFF); + #endif + + #ifdef HAS_SCREEN + display_obj.TOP_FIXED_AREA_2 = 48; + display_obj.tteBar = true; + display_obj.print_delay_1 = 15; + display_obj.print_delay_2 = 10; + display_obj.initScrollValues(true); + display_obj.tft.setTextWrap(false); + display_obj.tft.setTextColor(TFT_BLACK, color); + #ifdef HAS_FULL_SCREEN + display_obj.tft.fillRect(0,16,240,16, color); + display_obj.tft.drawCentreString("Ping Scan",120,16,2); + #endif + #ifdef HAS_ILI9341 + display_obj.touchToExit(); + #endif + display_obj.tft.setTextColor(TFT_RED, TFT_BLACK); + display_obj.setupScrollArea(display_obj.TOP_FIXED_AREA_2, BOT_FIXED_AREA); + #endif + this->current_scan_ip = this->gateway; + initTime = millis(); +} + void WiFiScan::RunLoadATList() { #ifdef HAS_SD // Prepare to access the file @@ -7151,6 +7197,18 @@ void WiFiScan::packetRateLoop(uint32_t tick) { #endif } +void WiFiScan::pingScan() { + if (this->current_scan_ip != IPAddress(0, 0, 0, 0)) { + this->current_scan_ip = getNextIP(this->current_scan_ip, this->subnet); + //Serial.print("Checking IP: "); + //Serial.println(this->current_scan_ip); + if (this->isHostAlive(this->current_scan_ip)) { + display_obj.display_buffer->add(this->current_scan_ip.toString()); + Serial.println(this->current_scan_ip); + } + } +} + // Function for updating scan status void WiFiScan::main(uint32_t currentTime) @@ -7174,6 +7232,9 @@ void WiFiScan::main(uint32_t currentTime) channelHop(); } } + else if (currentScanMode == WIFI_PING_SCAN) { + this->pingScan(); + } else if (currentScanMode == WIFI_SCAN_SIG_STREN) { #ifdef HAS_ILI9341 this->signalAnalyzerLoop(currentTime); diff --git a/esp32_marauder/WiFiScan.h b/esp32_marauder/WiFiScan.h index a14219b..d1a12dd 100644 --- a/esp32_marauder/WiFiScan.h +++ b/esp32_marauder/WiFiScan.h @@ -15,6 +15,7 @@ #endif #include +#include #include "EvilPortal.h" #include #include "esp_wifi.h" @@ -105,6 +106,7 @@ #define WIFI_SCAN_PINESCAN 50 #define WIFI_SCAN_MULTISSID 51 #define WIFI_CONNECTED 52 +#define WIFI_PING_SCAN 53 #define BASE_MULTIPLIER 4 @@ -423,6 +425,8 @@ class WiFiScan NimBLEAdvertisementData GetUniversalAdvertisementData(EBLEPayloadType type); #endif + void pingScan(); + bool isHostAlive(IPAddress ip); String extractManufacturer(const uint8_t* payload); int checkMatchAP(char addr[]); bool beaconHasWPS(const uint8_t* payload, int len); @@ -481,6 +485,7 @@ class WiFiScan void RunSwiftpairSpam(uint8_t scan_mode, uint16_t color); void RunLvJoinWiFi(uint8_t scan_mode, uint16_t color); void RunEvilPortal(uint8_t scan_mode, uint16_t color); + void RunPingScan(uint8_t scan_mode, uint16_t color); bool checkMem(); void parseBSSID(const char* bssidStr, uint8_t* bssid); @@ -527,6 +532,8 @@ class WiFiScan IPAddress gateway; IPAddress subnet; + IPAddress current_scan_ip; + String dst_mac = "ff:ff:ff:ff:ff:ff"; byte src_mac[6] = {}; diff --git a/esp32_marauder/utils.h b/esp32_marauder/utils.h index 1940e16..37bc6ff 100644 --- a/esp32_marauder/utils.h +++ b/esp32_marauder/utils.h @@ -4,6 +4,7 @@ #include #include +#include #include "configs.h" @@ -350,4 +351,29 @@ String replaceOUIWithManufacturer(const char *sta_addr) { return String(manufacturer) + mac_suffix; } +IPAddress getNextIP(IPAddress currentIP, IPAddress subnetMask) { + // Convert IPAddress to uint32_t + uint32_t ipInt = (currentIP[0] << 24) | (currentIP[1] << 16) | (currentIP[2] << 8) | currentIP[3]; + uint32_t maskInt = (subnetMask[0] << 24) | (subnetMask[1] << 16) | (subnetMask[2] << 8) | subnetMask[3]; + + uint32_t networkBase = ipInt & maskInt; + uint32_t broadcast = networkBase | ~maskInt; + + uint32_t nextIP = ipInt + 1; + + if (nextIP <= networkBase) { + nextIP = networkBase + 1; + } + if (nextIP >= broadcast) { + return IPAddress(0, 0, 0, 0); // no more IPs + } + + return IPAddress( + (nextIP >> 24) & 0xFF, + (nextIP >> 16) & 0xFF, + (nextIP >> 8) & 0xFF, + nextIP & 0xFF + ); +} + #endif \ No newline at end of file