Merge pull request #774 from justcallmekoko/develop

Add Pineapple and multiSSID sniff

esp32_marauder/Assets.h

@@ -215,7 +215,13 @@ PROGMEM static const unsigned char menu_icons[][66] = {
     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0xFF, 0xFF, 0x3F, 0xFF, 0xF7, 0x3F, 0x7F, 0x96, 0x3F, 0xFF, 0xED, 0x3F, // PINESCAN_SNIFF: 37
+    0x3F, 0x25, 0x3F, 0xDF, 0xD2, 0x3E, 0xFF, 0xED, 0x3F, 0x7F, 0x8E, 0x3F, 
+    0x3B, 0x77, 0x37, 0xBD, 0x6A, 0x2F, 0xD6, 0xBD, 0x1A, 0xDA, 0xDA, 0x16, 
+    0x5A, 0x6F, 0x16, 0x9A, 0xF7, 0x16, 0xD6, 0x5A, 0x1A, 0xDD, 0xBD, 0x2E, 
+    0xBB, 0x5A, 0x37, 0x3F, 0x6F, 0x3F, 0x7F, 0xB7, 0x3F, 0xFF, 0xCC, 0x3F, 
+    0xFF, 0xF3, 0x3F, 0xFF, 0xFF, 0x3F}
 };
 
 /*#ifndef MARAUDER_MINI

esp32_marauder/CommandLine.cpp

@@ -229,6 +229,8 @@ void CommandLine::runCommand(String input) {
     Serial.println(HELP_SNIFF_BEACON_CMD);
     Serial.println(HELP_SNIFF_PROBE_CMD);
     Serial.println(HELP_SNIFF_PWN_CMD);
+    Serial.println(HELP_SNIFF_PINESCAN_CMD);
+    Serial.println(HELP_SNIFF_MULTISSID_CMD);
     Serial.println(HELP_SNIFF_ESP_CMD);
     Serial.println(HELP_SNIFF_DEAUTH_CMD);
     Serial.println(HELP_SNIFF_PMKID_CMD);
@@ -683,6 +685,24 @@ void CommandLine::runCommand(String input) {
       #endif
       wifi_scan_obj.StartScan(WIFI_SCAN_PWN, TFT_MAGENTA);
     }
+    // PineScan sniff
+    else if (cmd_args.get(0) == SNIFF_PINESCAN_CMD) {
+      Serial.println("Starting Pinescan sniff. Stop with " + (String)STOPSCAN_CMD);
+      #ifdef HAS_SCREEN
+        display_obj.clearScreen();
+        menu_function_obj.drawStatusBar();
+      #endif
+      wifi_scan_obj.StartScan(WIFI_SCAN_PINESCAN, TFT_MAGENTA);
+    }
+    // MultiSSID sniff
+    else if (cmd_args.get(0) == SNIFF_MULTISSID_CMD) {
+      Serial.println("Starting MultiSSID sniff. Stop with " + (String)STOPSCAN_CMD);
+      #ifdef HAS_SCREEN
+        display_obj.clearScreen();
+        menu_function_obj.drawStatusBar();
+      #endif
+      wifi_scan_obj.StartScan(WIFI_SCAN_MULTISSID, TFT_MAGENTA);
+    }
     // Espressif sniff
     else if (cmd_args.get(0) == SNIFF_ESP_CMD) {
       Serial.println("Starting Espressif device sniff. Stop with " + (String)STOPSCAN_CMD);

esp32_marauder/CommandLine.h

@@ -63,6 +63,8 @@ const char PROGMEM SNIFF_RAW_CMD[] = "sniffraw";
 const char PROGMEM SNIFF_BEACON_CMD[] = "sniffbeacon";
 const char PROGMEM SNIFF_PROBE_CMD[] = "sniffprobe";
 const char PROGMEM SNIFF_PWN_CMD[] = "sniffpwn";
+const char PROGMEM SNIFF_PINESCAN_CMD[] = "sniffpinescan";
+const char PROGMEM SNIFF_MULTISSID_CMD[] = "sniffmultissid";
 const char PROGMEM SNIFF_ESP_CMD[] = "sniffesp";
 const char PROGMEM SNIFF_DEAUTH_CMD[] = "sniffdeauth";
 const char PROGMEM SNIFF_PMKID_CMD[] = "sniffpmkid";
@@ -121,6 +123,8 @@ const char PROGMEM HELP_SNIFF_RAW_CMD[] = "sniffraw";
 const char PROGMEM HELP_SNIFF_BEACON_CMD[] = "sniffbeacon";
 const char PROGMEM HELP_SNIFF_PROBE_CMD[] = "sniffprobe";
 const char PROGMEM HELP_SNIFF_PWN_CMD[] = "sniffpwn";
+const char PROGMEM HELP_SNIFF_PINESCAN_CMD[] = "sniffpinescan";
+const char PROGMEM HELP_SNIFF_MULTISSID_CMD[] = "sniffmultissid";
 const char PROGMEM HELP_SNIFF_ESP_CMD[] = "sniffesp";
 const char PROGMEM HELP_SNIFF_DEAUTH_CMD[] = "sniffdeauth";
 const char PROGMEM HELP_SNIFF_PMKID_CMD[] = "sniffpmkid [-c <channel>][-d][-l]";

esp32_marauder/MenuFunctions.cpp

@@ -776,6 +776,8 @@ void MenuFunctions::main(uint32_t currentTime)
           (wifi_scan_obj.currentScanMode == WIFI_SCAN_TARGET_AP_FULL) ||
           (wifi_scan_obj.currentScanMode == WIFI_SCAN_AP_STA) ||
           (wifi_scan_obj.currentScanMode == WIFI_SCAN_PWN) ||
+          (wifi_scan_obj.currentScanMode == WIFI_SCAN_PINESCAN) ||
+          (wifi_scan_obj.currentScanMode == WIFI_SCAN_MULTISSID) ||
           (wifi_scan_obj.currentScanMode == WIFI_SCAN_ESPRESSIF) ||
           (wifi_scan_obj.currentScanMode == WIFI_SCAN_ALL) ||
           (wifi_scan_obj.currentScanMode == WIFI_SCAN_DEAUTH) ||
@@ -846,6 +848,8 @@ void MenuFunctions::main(uint32_t currentTime)
             (wifi_scan_obj.currentScanMode == WIFI_SCAN_TARGET_AP_FULL) ||
             (wifi_scan_obj.currentScanMode == WIFI_SCAN_AP_STA) ||
             (wifi_scan_obj.currentScanMode == WIFI_SCAN_PWN) ||
+            (wifi_scan_obj.currentScanMode == WIFI_SCAN_PINESCAN) ||
+            (wifi_scan_obj.currentScanMode == WIFI_SCAN_MULTISSID) ||
             (wifi_scan_obj.currentScanMode == WIFI_SCAN_ESPRESSIF) ||
             (wifi_scan_obj.currentScanMode == WIFI_SCAN_ALL) ||
             (wifi_scan_obj.currentScanMode == WIFI_SCAN_DEAUTH) ||
@@ -1651,13 +1655,13 @@ void MenuFunctions::RunSetup()
   #if (!defined(HAS_ILI9341) && defined(HAS_BUTTONS))
     miniKbMenu.list = new LinkedList<MenuNode>();
   #endif
-  #ifndef HAS_ILI9341
-    #ifdef HAS_BUTTONS
+  //#ifndef HAS_ILI9341
+  //  #ifdef HAS_BUTTONS
       #ifdef HAS_SD
         sdDeleteMenu.list = new LinkedList<MenuNode>();
       #endif
-    #endif
-  #endif
+  //  #endif
+  //#endif
 
   // Bluetooth menu stuff
   bluetoothSnifferMenu.list = new LinkedList<MenuNode>();
@@ -1723,9 +1727,9 @@ void MenuFunctions::RunSetup()
     miniKbMenu.name = "Mini Keyboard";
   #endif
   #ifdef HAS_SD
-    #ifndef HAS_ILI9341
+  //  #ifndef HAS_ILI9341
       sdDeleteMenu.name = "Delete SD Files";
-    #endif
+  //  #endif
   #endif
 
   // Build Main Menu
@@ -1832,6 +1836,18 @@ void MenuFunctions::RunSetup()
     this->drawStatusBar();
     wifi_scan_obj.StartScan(WIFI_SCAN_PWN, TFT_RED);
   });
+  
+  this->addNodes(&wifiSnifferMenu, text_table1[63], TFTYELLOW, NULL, PINESCAN_SNIFF, [this]() {
+    display_obj.clearScreen();
+    this->drawStatusBar();
+    wifi_scan_obj.StartScan(WIFI_SCAN_PINESCAN, TFT_YELLOW);
+  });
+
+  this->addNodes(&wifiSnifferMenu, text_table1[64], TFTORANGE, NULL, MULTISSID_SNIFF, [this]() {
+    display_obj.clearScreen();
+    this->drawStatusBar();
+    wifi_scan_obj.StartScan(WIFI_SCAN_MULTISSID, TFT_ORANGE);
+  });
   //#ifndef HAS_ILI9341
     this->addNodes(&wifiSnifferMenu, text_table1[49], TFTMAGENTA, NULL, BEACON_SNIFF, [this]() {
       display_obj.clearScreen();
@@ -2495,20 +2511,98 @@ void MenuFunctions::RunSetup()
               }
             #endif
           #endif
+        #else
+          #ifdef HAS_BUTTONS
+            this->changeMenu(&sdDeleteMenu);
+            bool deleting = true;
+
+            display_obj.tft.setTextWrap(false);
+            display_obj.tft.setCursor(0, SCREEN_HEIGHT / 3);
+            display_obj.tft.setTextColor(TFT_CYAN, TFT_BLACK);
+            display_obj.tft.println("Loading...");
+
+            uint16_t t_x = 0, t_y = 0; // To store the touch coordinates
+
+            while (deleting) {
+              // Build list of files
+              sd_obj.sd_files->clear();
+              delete sd_obj.sd_files;
+
+              sd_obj.sd_files = new LinkedList<String>();
+
+              sd_obj.sd_files->add("Back");
+
+              sd_obj.listDirToLinkedList(sd_obj.sd_files);
+
+              int sd_file_index = 0;
+
+              this->sdDeleteMenu.list->set(0, MenuNode{sd_obj.sd_files->get(sd_file_index), false, TFTCYAN, 0, NULL, true, NULL});
+              this->buildButtons(&sdDeleteMenu);
+              this->displayCurrentMenu();
+
+              // Start button loop
+              while(true) {
+                #ifdef HAS_ILI9341
+                  if (!this->disable_touch)
+                    pressed = display_obj.updateTouch(&t_x, &t_y);
+                #endif
+
+                uint8_t menu_button = display_obj.menuButton(&t_x, &t_y, pressed);
+
+                #if !defined(MARAUDER_M5STICKC) || defined(MARAUDER_M5STICKCP2)
+                  if (menu_button == UP_BUTTON) {
+                    if (sd_file_index > 0)
+                      sd_file_index--;
+                    else
+                      sd_file_index = sd_obj.sd_files->size() - 1;
+
+                    this->sdDeleteMenu.list->set(0, MenuNode{sd_obj.sd_files->get(sd_file_index), false, TFTCYAN, 0, NULL, true, NULL});
+                    this->buildButtons(&sdDeleteMenu);
+                    this->displayCurrentMenu();
+                  }
+                #endif
+                if (menu_button == DOWN_BUTTON) {
+                  if (sd_file_index < sd_obj.sd_files->size() - 1)
+                    sd_file_index++;
+                  else
+                    sd_file_index = 0;
+
+                  this->sdDeleteMenu.list->set(0, MenuNode{sd_obj.sd_files->get(sd_file_index), false, TFTCYAN, 0, NULL, true, NULL});
+                  this->buildButtons(&sdDeleteMenu, 0, sd_obj.sd_files->get(sd_file_index));
+                  this->displayCurrentMenu();
+                }
+                if (menu_button == SELECT_BUTTON) {
+                  if (sd_obj.sd_files->get(sd_file_index) != "Back") {
+                    if (sd_obj.removeFile("/" + sd_obj.sd_files->get(sd_file_index)))
+                      Serial.println("Successfully Removed File: /" + sd_obj.sd_files->get(sd_file_index));
+                      display_obj.tft.setTextWrap(false);
+                      display_obj.tft.setCursor(0, SCREEN_HEIGHT / 3);
+                      display_obj.tft.setTextColor(TFT_CYAN, TFT_BLACK);
+                      display_obj.tft.println("Deleting /" + sd_obj.sd_files->get(sd_file_index) + "...");
+                  }
+                  else {
+                    this->changeMenu(sdDeleteMenu.parentMenu);
+                    deleting = false;
+                  }
+                  break;
+                }
+              }
+            }
+          #endif
         #endif
       });
     }
   #endif
 
   #ifdef HAS_SD
-    #ifndef HAS_ILI9341
+    //#ifndef HAS_ILI9341
       #ifdef HAS_BUTTONS
         sdDeleteMenu.parentMenu = &deviceMenu;
         this->addNodes(&sdDeleteMenu, text09, TFTLIGHTGREY, NULL, 0, [this]() {
           this->changeMenu(sdDeleteMenu.parentMenu);
         });
       #endif
-    #endif
+    //#endif
   #endif
 
   // Save Files Menu

esp32_marauder/MenuFunctions.h

@@ -74,6 +74,8 @@ extern Settings settings_obj;
 #define DISABLE_TOUCH 34
 #define FLIPPER 35
 #define BLANK 36
+#define PINESCAN_SNIFF 37 // Use blanks icon
+#define MULTISSID_SNIFF 37 // Use blanks icon
 
 PROGMEM void my_disp_flush(lv_disp_drv_t *disp, const lv_area_t *area, lv_color_t *color_p);
 PROGMEM bool my_touchpad_read(lv_indev_drv_t * indev_driver, lv_indev_data_t * data);

esp32_marauder/WiFiScan.cpp

@@ -546,6 +546,14 @@ void WiFiScan::RunSetup() {
   stations = new LinkedList<Station>();
   airtags = new LinkedList<AirTag>();
   flippers = new LinkedList<Flipper>();
+  // for Pinescan
+  pinescan_trackers = new LinkedList<PineScanTracker>();
+  confirmed_pinescan = new LinkedList<ConfirmedPineScan>();
+  pinescan_list_full_reported = false;
+  // for MultiSSID
+  multissid_trackers = new LinkedList<MultiSSIDTracker>();
+  confirmed_multissid = new LinkedList<ConfirmedMultiSSID>();
+  multissid_list_full_reported = false;
 
   #ifdef HAS_PSRAM
     mac_history = (struct mac_addr*) ps_malloc(mac_history_len * sizeof(struct mac_addr));
@@ -804,6 +812,10 @@ void WiFiScan::StartScan(uint8_t scan_mode, uint16_t color)
     RunAPScan(scan_mode, color);
   else if (scan_mode == WIFI_SCAN_PWN)
     RunPwnScan(scan_mode, color);
+  else if (scan_mode == WIFI_SCAN_PINESCAN)
+    RunPineScan(scan_mode, color);
+  else if (scan_mode == WIFI_SCAN_MULTISSID)
+    RunMultiSSIDScan(scan_mode, color);
   else if (scan_mode == WIFI_SCAN_DEAUTH)
     RunDeauthScan(scan_mode, color);
   else if (scan_mode == WIFI_PACKET_MONITOR) {
@@ -1003,6 +1015,24 @@ bool WiFiScan::shutdownBLE() {
   return true;
 }
 
+// Pinescan cleanup
+int WiFiScan::clearPineScanTrackers() {
+  int num_cleared = pinescan_trackers->size() + confirmed_pinescan->size();
+  pinescan_trackers->clear();
+  confirmed_pinescan->clear();
+  pinescan_list_full_reported = false;
+  return num_cleared;
+}
+
+// MultiSSID Cleanup
+int WiFiScan::clearMultiSSID() {
+  int num_cleared = multissid_trackers->size() + confirmed_multissid->size();
+  multissid_trackers->clear();
+  confirmed_multissid->clear();
+  multissid_list_full_reported = false;
+  return num_cleared;
+}
+
 // Function to stop all wifi scans
 void WiFiScan::StopScan(uint8_t scan_mode)
 {
@@ -1018,6 +1048,8 @@ void WiFiScan::StopScan(uint8_t scan_mode)
   (currentScanMode == WIFI_SCAN_TARGET_AP_FULL) ||
   (currentScanMode == WIFI_SCAN_AP_STA) ||
   (currentScanMode == WIFI_SCAN_PWN) ||
+  (currentScanMode == WIFI_SCAN_PINESCAN) ||
+  (currentScanMode == WIFI_SCAN_MULTISSID) ||
   (currentScanMode == WIFI_SCAN_EAPOL) ||
   (currentScanMode == WIFI_SCAN_ACTIVE_EAPOL) ||
   (currentScanMode == WIFI_SCAN_ACTIVE_LIST_EAPOL) ||
@@ -2518,6 +2550,104 @@ void WiFiScan::RunMimicFlood(uint8_t scan_mode, uint16_t color) {
   initTime = millis();
 }
 
+// Pineapple
+void WiFiScan::RunPineScan(uint8_t scan_mode, uint16_t color)
+{
+  this->clearPineScanTrackers();
+
+  startPcap("pinescan");
+
+  #ifdef HAS_FLIPPER_LED
+    flipper_led.sniffLED();
+  #elif defined(XIAO_ESP32_S3)
+    xiao_led.sniffLED();
+  #elif defined(MARAUDER_M5STICKC)
+    stickc_led.sniffLED();
+  #else
+    led_obj.setMode(MODE_SNIFF);
+  #endif
+  
+  #ifdef HAS_SCREEN
+    display_obj.TOP_FIXED_AREA_2 = 48;
+    display_obj.tteBar = true;
+    display_obj.print_delay_1 = 15;
+    display_obj.print_delay_2 = 10;
+    display_obj.initScrollValues(true);
+    display_obj.tft.setTextWrap(false);
+    display_obj.tft.setTextColor(TFT_BLACK, color);
+    #ifdef HAS_FULL_SCREEN
+      display_obj.tft.fillRect(0,16,240,16, color);
+      display_obj.tft.drawCentreString(text_table4[48],120,16,2);
+    #endif
+    #ifdef HAS_ILI9341
+      display_obj.touchToExit();
+    #endif
+    display_obj.tft.setTextColor(TFT_RED, TFT_BLACK);
+    display_obj.setupScrollArea(display_obj.TOP_FIXED_AREA_2, BOT_FIXED_AREA);
+  #endif
+  
+  esp_wifi_init(&cfg2);
+  esp_wifi_set_storage(WIFI_STORAGE_RAM);
+  esp_wifi_set_mode(WIFI_MODE_NULL);
+  esp_wifi_start();
+  this->setMac();
+  esp_wifi_set_promiscuous(true);
+  esp_wifi_set_promiscuous_filter(&filt);
+  esp_wifi_set_promiscuous_rx_cb(&pineScanSnifferCallback);
+  esp_wifi_set_channel(set_channel, WIFI_SECOND_CHAN_NONE);
+  this->wifi_initialized = true;
+  initTime = millis();
+}
+
+// MultiSSID
+void WiFiScan::RunMultiSSIDScan(uint8_t scan_mode, uint16_t color)
+{
+  this->clearMultiSSID();
+
+  startPcap("multissid");
+
+  #ifdef HAS_FLIPPER_LED
+    flipper_led.sniffLED();
+  #elif defined(XIAO_ESP32_S3)
+    xiao_led.sniffLED();
+  #elif defined(MARAUDER_M5STICKC)
+    stickc_led.sniffLED();
+  #else
+    led_obj.setMode(MODE_SNIFF);
+  #endif
+  
+  #ifdef HAS_SCREEN
+    display_obj.TOP_FIXED_AREA_2 = 48;
+    display_obj.tteBar = true;
+    display_obj.print_delay_1 = 15;
+    display_obj.print_delay_2 = 10;
+    display_obj.initScrollValues(true);
+    display_obj.tft.setTextWrap(false);
+    display_obj.tft.setTextColor(TFT_BLACK, color);
+    #ifdef HAS_FULL_SCREEN
+      display_obj.tft.fillRect(0,16,240,16, color);
+      display_obj.tft.drawCentreString(text_table4[49],120,16,2);
+    #endif
+    #ifdef HAS_ILI9341
+      display_obj.touchToExit();
+    #endif
+    display_obj.tft.setTextColor(TFT_BLUE, TFT_BLACK);
+    display_obj.setupScrollArea(display_obj.TOP_FIXED_AREA_2, BOT_FIXED_AREA);
+  #endif
+  
+  esp_wifi_init(&cfg2);
+  esp_wifi_set_storage(WIFI_STORAGE_RAM);
+  esp_wifi_set_mode(WIFI_MODE_NULL);
+  esp_wifi_start();
+  this->setMac();
+  esp_wifi_set_promiscuous(true);
+  esp_wifi_set_promiscuous_filter(&filt);
+  esp_wifi_set_promiscuous_rx_cb(&multiSSIDSnifferCallback);
+  esp_wifi_set_channel(set_channel, WIFI_SECOND_CHAN_NONE);
+  this->wifi_initialized = true;
+  initTime = millis();
+}
+
 void WiFiScan::RunPwnScan(uint8_t scan_mode, uint16_t color)
 {
   startPcap("pwnagotchi");
@@ -4141,6 +4271,671 @@ String WiFiScan::processPwnagotchiBeacon(const uint8_t* frame, int length) {
   }
 }
 
+// PINEAPPLE LOGIC
+
+// Define lookup table for Pineapple OUIs
+
+const WiFiScan::SuspiciousVendor WiFiScan::suspicious_vendors[] = {
+    // Alfa
+    {"Alfa Inc", SUSPICIOUS_WHEN_OPEN, {0x00C0CA}, 1},
+    
+    // Orient Power (Pineapple MK7)
+    {"Orient Power Home Network Ltd", SUSPICIOUS_ALWAYS, {0x001337}, 1},
+    
+    // Shenzhen Century
+    {"Shenzhen Century Xinyang Technology Co Ltd", SUSPICIOUS_WHEN_OPEN, {0x1CBFCE}, 1},
+    
+    // IEEE
+    {"IEEE Registration Authority", SUSPICIOUS_WHEN_OPEN, {0x0CEFAF}, 1},
+    
+    // Hak5 (Locally Administered)
+    {"Hak5", SUSPICIOUS_WHEN_PROTECTED, {0x02C0CA, 0x021337}, 2},
+    
+    // MediaTek
+    {"MediaTek Inc", SUSPICIOUS_ALWAYS, {0x000A00, 0x000C43, 0x000CE7, 0x0017A5}, 4},
+    
+    // Panda Wireless
+    {"Panda Wireless Inc", SUSPICIOUS_ALWAYS, {0x9CEFD5, 0x9CE5D5}, 2},
+    
+    // Unassigned/Spoofed
+    {"Unassigned/Spoofed", SUSPICIOUS_ALWAYS, {0xDEADBE}, 1}
+};
+
+// Total OUI count: 13
+
+// Update the number of vendors constant
+const int WiFiScan::NUM_SUSPICIOUS_VENDORS = sizeof(WiFiScan::suspicious_vendors) / sizeof(WiFiScan::suspicious_vendors[0]);
+
+// This fixes picking up a AP on an adjacent channel.
+int WiFiScan::extractPineScanChannel(const uint8_t* payload, int len) {
+    if (len < 38) return -1; // Ensure we have enough data
+
+    // Jump to the element fields after the fixed beacon header and SSID field
+    int pos = 36 + payload[37] + 2; // 36 fixed header bytes + SSID length + 2 bytes for SSID tag info
+
+    // Search through the tags for the channel information (DS Parameter Set, tag number 3)
+    while (pos < len - 2) {
+        uint8_t tag_num = payload[pos];
+        uint8_t tag_len = payload[pos + 1];
+        
+        // Safety check to prevent buffer overruns
+        if (pos + 2 + tag_len > len) break;
+        
+        // Found DS Parameter Set (tag 3), channel is the next byte
+        if (tag_num == 3 && tag_len == 1) {
+            return payload[pos + 2]; // Return the channel
+        }
+        pos += tag_len + 2;
+    }
+    
+    // If channel not found in the beacon, return the one from rx_ctrl
+    return -1;
+}
+
+// Function to count tagged parameters in beacon frames
+bool countPineScanTaggedParameters(const uint8_t* payload, int len) {
+  int ssid_len = payload[37];
+  int pos = 36 + ssid_len + 2;
+  
+  // Check if next tag is the DS Parameter (channel info) - tag number 3
+  if (pos < len - 2 && payload[pos] == 3 && payload[pos+1] == 1) {
+    // Check for end of packet after DS Parameter (no more tags)
+    int next_pos = pos + 2 + payload[pos+1];
+    return (next_pos >= len || next_pos + 2 > len);
+  }
+  
+  return false;
+}
+
+void WiFiScan::pineScanSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type) {
+  extern WiFiScan wifi_scan_obj;
+
+  wifi_promiscuous_pkt_t *snifferPacket = (wifi_promiscuous_pkt_t*)buf;
+  WifiMgmtHdr *frameControl = (WifiMgmtHdr*)snifferPacket->payload;
+  wifi_pkt_rx_ctrl_t ctrl = (wifi_pkt_rx_ctrl_t)snifferPacket->rx_ctrl;
+  int len = snifferPacket->rx_ctrl.sig_len;
+
+  String display_string = "";
+  String essid = "";
+
+  if (type == WIFI_PKT_MGMT) {
+    len -= 4;
+    int fctl = ntohs(frameControl->fctl);
+    const wifi_ieee80211_packet_t *ipkt = (wifi_ieee80211_packet_t *)snifferPacket->payload;
+    const WifiMgmtHdr *hdr = &ipkt->hdr;
+  
+    #ifdef HAS_SCREEN
+      int buff = display_obj.display_buffer->size();
+    #else
+      int buff = 0;
+    #endif
+    
+    if ((snifferPacket->payload[0] == 0x80) && (buff == 0)) {
+      buffer_obj.append(snifferPacket, len); // Capture all beacons
+      
+      // Extract MAC address for Pineapple detection
+      uint8_t mac_addr[6];
+      for (int i = 0; i < 6; i++) {
+        mac_addr[i] = snifferPacket->payload[10 + i];
+      }
+
+      // Extract channel from the beacon frame
+      int ap_channel = WiFiScan::extractPineScanChannel(snifferPacket->payload, len);
+      if (ap_channel == -1) {
+        ap_channel = snifferPacket->rx_ctrl.channel;
+      }
+      
+      // Extract capability flags
+      uint16_t capab_info = ((uint16_t)snifferPacket->payload[34] | ((uint16_t)snifferPacket->payload[35] << 8));
+      bool suspicious_capability = (capab_info == 0x0001);
+      bool tag_count = countPineScanTaggedParameters(snifferPacket->payload, len);
+      bool tag_and_susp_cap = suspicious_capability && tag_count;
+
+      bool is_protected = (capab_info & 0x10) != 0;
+      bool is_open = !is_protected;
+      String auth_type = is_open ? "OPEN" : "PROTECTED";
+
+      // Check for suspicious OUIs
+      uint8_t oui[3] = {snifferPacket->payload[10], snifferPacket->payload[11], snifferPacket->payload[12]};
+      uint32_t oui_value = ((uint32_t)oui[0] << 16) | ((uint32_t)oui[1] << 8) | oui[2];
+      
+      bool suspicious_oui = false;
+      bool pinescan_match = false;
+      bool pinescan_match_by_oui = false;
+      const char* vendor_name = "Unknown";
+
+      // Check against suspicious vendors list
+      for (int i = 0; i < WiFiScan::NUM_SUSPICIOUS_VENDORS; i++) {
+        const WiFiScan::SuspiciousVendor& vendor = WiFiScan::suspicious_vendors[i];
+
+        // Check each OUI for this vendor
+        for (int j = 0; j < vendor.oui_count; j++) {
+          if (oui_value == vendor.ouis[j]) {
+            if ((vendor.security_flags & SUSPICIOUS_ALWAYS) || 
+                (is_open && (vendor.security_flags & SUSPICIOUS_WHEN_OPEN)) || 
+                (is_protected && (vendor.security_flags & SUSPICIOUS_WHEN_PROTECTED))) {
+              suspicious_oui = true;
+              pinescan_match = true;
+              vendor_name = vendor.vendor_name;
+              pinescan_match_by_oui = true;
+              break;
+            }
+          }
+        }
+        if (pinescan_match_by_oui) break;
+      }
+
+      pinescan_match = pinescan_match || tag_and_susp_cap;
+      
+      if ((tag_and_susp_cap) && !suspicious_oui) {
+        vendor_name = "Unknown";
+      }
+
+      // Check if we have already seen this MAC
+      int ap_index = -1;
+      bool already_tracked = false;
+      
+      // Find if have seen this MAC before in the tracking list
+      for (int i = 0; i < wifi_scan_obj.pinescan_trackers->size(); i++) {
+        bool mac_match = true;
+        for (int x = 0; x < 6; x++) {
+          if (mac_addr[x] != wifi_scan_obj.pinescan_trackers->get(i).mac[x]) {
+            mac_match = false;
+            break;
+          }
+        }
+        
+        if (mac_match) {
+          ap_index = i;
+          already_tracked = true;
+          break;
+        }
+      }
+
+      // Check if already in confirmed list
+      bool already_confirmed = false;
+      int confirmed_index = -1;
+      
+      for (int i = 0; i < wifi_scan_obj.confirmed_pinescan->size(); i++) {
+        bool mac_match = true;
+        for (int x = 0; x < 6; x++) {
+          if (mac_addr[x] != wifi_scan_obj.confirmed_pinescan->get(i).mac[x]) {
+            mac_match = false;
+            break;
+          }
+        }
+        if (mac_match) {
+          already_confirmed = true;
+          confirmed_index = i;
+          break;
+        }
+      }
+
+      // If already confirmed, just update it and return
+      if (already_confirmed) {
+        if (snifferPacket->payload[37] <= 0) {
+          essid = "[hidden]";
+        } else {
+          for (int i = 0; i < snifferPacket->payload[37]; i++) {
+            essid.concat((char)snifferPacket->payload[i + 38]);
+          }
+        }
+
+        ConfirmedPineScan confirmed = wifi_scan_obj.confirmed_pinescan->get(confirmed_index);
+        if (snifferPacket->rx_ctrl.rssi > confirmed.rssi) {
+          confirmed.rssi = snifferPacket->rx_ctrl.rssi;
+        }
+        if (essid != "" && essid != "[hidden]") {
+          confirmed.essid = essid;
+        }
+        wifi_scan_obj.confirmed_pinescan->set(confirmed_index, confirmed);
+        return;
+      }
+      
+      // Add to tracking list if new
+      if (!already_tracked) {
+        // Check if we've reached the maximum number of tracked APs
+        if (wifi_scan_obj.pinescan_trackers->size() >= MAX_AP_ENTRIES) {
+          if (!wifi_scan_obj.pinescan_list_full_reported) {
+            Serial.println("AP List Full - Clearing list to make room");
+            wifi_scan_obj.pinescan_list_full_reported = true;
+            wifi_scan_obj.pinescan_trackers->clear();
+            Serial.println("AP list cleared, continuing scan");
+          }
+          
+          // Add the current AP to the freshly cleared list
+          PineScanTracker new_tracker;
+          memcpy(new_tracker.mac, mac_addr, 6);
+          new_tracker.suspicious_oui = suspicious_oui;
+          new_tracker.tag_and_susp_cap = tag_and_susp_cap;
+          new_tracker.channel = ap_channel;
+          new_tracker.rssi = snifferPacket->rx_ctrl.rssi;
+          new_tracker.reported = false;
+          wifi_scan_obj.pinescan_trackers->add(new_tracker);
+          ap_index = wifi_scan_obj.pinescan_trackers->size() - 1;
+          
+          // Reset the full reported flag since we've made room
+          wifi_scan_obj.pinescan_list_full_reported = false;
+        } else {
+          // Add to tracking list when there is room
+          PineScanTracker new_tracker;
+          memcpy(new_tracker.mac, mac_addr, 6);
+          new_tracker.suspicious_oui = suspicious_oui;
+          new_tracker.tag_and_susp_cap = tag_and_susp_cap;
+          new_tracker.channel = ap_channel;
+          new_tracker.rssi = snifferPacket->rx_ctrl.rssi;
+          new_tracker.reported = false;
+          wifi_scan_obj.pinescan_trackers->add(new_tracker);
+          ap_index = wifi_scan_obj.pinescan_trackers->size() - 1;
+        }
+      } else {
+        // Update existing tracker
+        PineScanTracker tracker = wifi_scan_obj.pinescan_trackers->get(ap_index);
+				
+        if (snifferPacket->rx_ctrl.rssi > tracker.rssi) {
+          tracker.rssi = snifferPacket->rx_ctrl.rssi;
+        }
+        
+        if (!tracker.suspicious_oui && suspicious_oui) {
+          tracker.suspicious_oui = true;
+        }
+        
+        if (!tracker.tag_and_susp_cap && tag_and_susp_cap) {
+          tracker.tag_and_susp_cap = true;
+        }
+        
+        wifi_scan_obj.pinescan_trackers->set(ap_index, tracker);
+      }
+
+      // If we have a match and it is not already in the confirmed list, add it
+      if (pinescan_match) {
+        if (wifi_scan_obj.confirmed_pinescan->size() >= MAX_PINESCAN_ENTRIES) {
+          if (!wifi_scan_obj.pinescan_list_full_reported) {
+            Serial.println("Confirmed PineScan List Full - Cannot add more");
+            Serial.println("Stopping PineScan detection until scan is restarted");
+            wifi_scan_obj.pinescan_list_full_reported = true;
+          }
+          return; // Stop processing completely if list is full
+        }
+        
+        if (snifferPacket->payload[37] <= 0) {
+          essid = "[hidden]";
+        } else {
+          for (int i = 0; i < snifferPacket->payload[37]; i++) {
+            essid.concat((char)snifferPacket->payload[i + 38]);
+          }
+        }
+
+        String detection = "";
+        if (pinescan_match_by_oui) {
+          detection = "SUSP_OUI";
+        } else if (tag_and_susp_cap) {
+          detection = "TAG+SUSP_CAP";
+        } else {
+          detection = "OTHER";
+        }
+
+        char addr[18];
+        snprintf(addr, sizeof(addr), "%02X:%02X:%02X:%02X:%02X:%02X",
+                mac_addr[0], mac_addr[1], mac_addr[2], 
+                mac_addr[3], mac_addr[4], mac_addr[5]);
+
+        // Add to confirmed Pineapple list
+        ConfirmedPineScan new_confirmed;
+        memcpy(new_confirmed.mac, mac_addr, 6);
+        new_confirmed.detection_type = detection;
+        new_confirmed.essid = essid;
+        new_confirmed.channel = ap_channel;
+        new_confirmed.rssi = snifferPacket->rx_ctrl.rssi;
+        new_confirmed.displayed = false;
+        wifi_scan_obj.confirmed_pinescan->add(new_confirmed);
+
+        // Mark as reported in the tracker
+        if (already_tracked) {
+          PineScanTracker tracker = wifi_scan_obj.pinescan_trackers->get(ap_index);
+          tracker.reported = true;
+          wifi_scan_obj.pinescan_trackers->set(ap_index, tracker);
+        }
+
+        // Only display MAX_DISPLAY_ENTRIES entries per MAC
+        int displayed_count = 0;
+        for (int i = 0; i < wifi_scan_obj.confirmed_pinescan->size(); i++) {
+          bool mac_match = true;
+          for (int x = 0; x < 6; x++) {
+            if (mac_addr[x] != wifi_scan_obj.confirmed_pinescan->get(i).mac[x]) {
+              mac_match = false;
+              break;
+            }
+          }
+          
+          if (mac_match && wifi_scan_obj.confirmed_pinescan->get(i).displayed) {
+            displayed_count++;
+          }
+        }
+
+        // Only display if we have not hit the display limit for this MAC
+        if (displayed_count < MAX_DISPLAY_ENTRIES) {
+          int idx = wifi_scan_obj.confirmed_pinescan->size() - 1;
+          ConfirmedPineScan to_display = wifi_scan_obj.confirmed_pinescan->get(idx);
+          to_display.displayed = true;
+          wifi_scan_obj.confirmed_pinescan->set(idx, to_display);
+          
+          // Create display string
+          String log_line = "MAC: " + String(addr) + 
+                        " CH: " + String(ap_channel) +
+                        " RSSI: " + String(snifferPacket->rx_ctrl.rssi) + 
+                        " DET: " + detection +
+                        " SSID: " + essid;
+          log_line += "\n";
+          delay(random(0, 10));
+          Serial.print(log_line);
+
+          #ifdef HAS_FULL_SCREEN
+
+            display_string.concat("MAC: " + String(addr));
+            display_string.concat(" CH: " + String(ap_channel));
+            display_string.concat(" RSSI: " + String(snifferPacket->rx_ctrl.rssi));
+
+            int temp_len = display_string.length();
+            for (int i = 0; i < 40 - temp_len; i++) {
+              display_string.concat(" ");
+            }
+            
+            display_obj.display_buffer->add(display_string);
+
+            display_string = "";
+            display_string.concat("DET: " + detection);
+            display_string.concat(" SSID: " + essid);
+
+            temp_len = display_string.length();
+            for (int i = 0; i < 40 - temp_len; i++) {
+              display_string.concat(" ");
+            }
+
+            display_obj.display_buffer->add(display_string);
+
+            display_string = "";
+            for (int i = 0; i < 60; i++) {
+              display_string.concat("-");
+            }
+
+            display_obj.display_buffer->add(display_string);
+            
+          #elif defined(HAS_MINI_SCREEN)
+            // Add MAC and channel
+            display_string.concat("MAC: " + String(addr));
+            display_string.concat(" CH: " + String(ap_channel));
+
+            int temp_len = display_string.length();
+            for (int i = 0; i < 40 - temp_len; i++) {
+              display_string.concat(" ");
+            }
+            
+            display_obj.display_buffer->add(display_string);
+
+            // Add RSSI and Detection method
+            display_string = "";
+            display_string.concat("RSSI: " + String(snifferPacket->rx_ctrl.rssi));
+            display_string.concat(" DET: " + detection);
+
+            temp_len = display_string.length();
+            for (int i = 0; i < 40 - temp_len; i++) {
+              display_string.concat(" ");
+            }
+
+            display_obj.display_buffer->add(display_string);
+
+            // Add SSID
+            display_string = "";
+            display_string.concat("SSID: " + essid);
+
+            temp_len = display_string.length();
+            for (int i = 0; i < 40 - temp_len; i++) {
+              display_string.concat(" ");
+            }
+
+            display_obj.display_buffer->add(display_string);
+
+            // Add delin
+            display_string = "";
+            for (int i = 0; i < 60; i++) {
+              display_string.concat("-");
+            }
+
+            display_obj.display_buffer->add(display_string);
+          #endif
+        }
+      }
+    }
+  }
+}
+
+void WiFiScan::multiSSIDSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type) {
+  extern WiFiScan wifi_scan_obj;
+
+  wifi_promiscuous_pkt_t *snifferPacket = (wifi_promiscuous_pkt_t*)buf;
+  WifiMgmtHdr *frameControl = (WifiMgmtHdr*)snifferPacket->payload;
+  wifi_pkt_rx_ctrl_t ctrl = (wifi_pkt_rx_ctrl_t)snifferPacket->rx_ctrl;
+  int len = snifferPacket->rx_ctrl.sig_len;
+
+  String display_string = "";
+  String essid = "";
+
+  if (type == WIFI_PKT_MGMT) {
+    len -= 4;
+    int fctl = ntohs(frameControl->fctl);
+    const wifi_ieee80211_packet_t *ipkt = (wifi_ieee80211_packet_t *)snifferPacket->payload;
+    const WifiMgmtHdr *hdr = &ipkt->hdr;
+  
+    #ifdef HAS_SCREEN
+      int buff = display_obj.display_buffer->size();
+    #else
+      int buff = 0;
+    #endif
+    
+    if ((snifferPacket->payload[0] == 0x80) && (buff == 0)) {
+      buffer_obj.append(snifferPacket, len); // Capture all beacons
+      
+      // Extract MAC address
+      uint8_t mac_addr[6];
+      for (int i = 0; i < 6; i++) {
+        mac_addr[i] = snifferPacket->payload[10 + i];
+      }
+
+      // Extract channel from the beacon frame
+      int ap_channel = WiFiScan::extractPineScanChannel(snifferPacket->payload, len);
+      if (ap_channel == -1) {
+        ap_channel = snifferPacket->rx_ctrl.channel;
+      }
+      
+      // Process SSID and compute hash
+      uint16_t ssid_hash = 0;
+      if (snifferPacket->payload[37] > 0) {
+        // Compute Whole SSID hash directly from payload
+        for (int i = 0; i < (int)snifferPacket->payload[37]; i++) {
+          char c = snifferPacket->payload[i + 38];
+          ssid_hash = ((ssid_hash << 5) + ssid_hash) + c;
+        }
+      } else {
+        ssid_hash = 0xFFFF; // hash for hidden SSIDs
+      }
+      
+      // Check for multiple unique SSIDs from same MAC
+      bool multi_ssid_ap = false;
+      int ap_index = -1;
+      
+      // Find if have seen this MAC before
+      for (int i = 0; i < wifi_scan_obj.multissid_trackers->size(); i++) {
+        bool mac_match = true;
+        for (int x = 0; x < 6; x++) {
+          if (mac_addr[x] != wifi_scan_obj.multissid_trackers->get(i).mac[x]) {
+            mac_match = false;
+            break;
+          }
+        }
+        
+        if (mac_match) {
+          ap_index = i;
+          break;
+        }
+      }
+
+      bool already_confirmed = false;
+      int confirmed_index = -1;
+      for (int i = 0; i < wifi_scan_obj.confirmed_multissid->size(); i++) {
+        bool mac_match = true;
+        for (int x = 0; x < 6; x++) {
+          if (mac_addr[x] != wifi_scan_obj.confirmed_multissid->get(i).mac[x]) {
+            mac_match = false;
+            break;
+          }
+        }
+        if (mac_match) {
+          already_confirmed = true;
+          confirmed_index = i;
+          break;
+        }
+      }
+
+      // If already confirmed, just update and return
+      if (already_confirmed) {
+        if (snifferPacket->payload[37] <= 0) {
+          essid = "[hidden]";
+        } else {
+          for (int i = 0; i < snifferPacket->payload[37]; i++) {
+            essid.concat((char)snifferPacket->payload[i + 38]);
+          }
+        }
+
+        ConfirmedMultiSSID confirmed = wifi_scan_obj.confirmed_multissid->get(confirmed_index);
+        if (snifferPacket->rx_ctrl.rssi > confirmed.rssi) {
+          confirmed.rssi = snifferPacket->rx_ctrl.rssi;
+        }
+        if (essid != "" && essid != "[hidden]") {
+          confirmed.essid = essid;
+        }
+        wifi_scan_obj.confirmed_multissid->set(confirmed_index, confirmed);
+        return;
+      }
+      
+      if (ap_index == -1) {
+        if (wifi_scan_obj.confirmed_multissid->size() >= MAX_MULTISSID_ENTRIES) {
+          if (!wifi_scan_obj.multissid_list_full_reported) {
+            Serial.println("Confirmed MultiSSID List Full - Cannot add more");
+            Serial.println("Stopping MultiSSID detection until scan is restarted");
+            wifi_scan_obj.multissid_list_full_reported = true;
+          }
+          return; // Stop processing completely if list is full
+        }
+          
+        // Check if we have reached the maximum number of tracked APs
+        if (wifi_scan_obj.multissid_trackers->size() >= MAX_AP_ENTRIES) {
+          if (!wifi_scan_obj.multissid_list_full_reported) {
+            Serial.println("AP List Full - Clearing list to make room");
+            wifi_scan_obj.multissid_list_full_reported = true;
+            wifi_scan_obj.multissid_trackers->clear();
+            Serial.println("AP list cleared, continuing scan");
+          }
+          
+          // Add the current AP to the freshly cleared list
+          MultiSSIDTracker new_tracker;
+          memcpy(new_tracker.mac, mac_addr, 6);
+          new_tracker.ssid_hashes[0] = ssid_hash;
+          new_tracker.unique_ssid_count = 1;
+          new_tracker.reported = false;
+          wifi_scan_obj.multissid_trackers->add(new_tracker);
+          ap_index = wifi_scan_obj.multissid_trackers->size() - 1;
+          
+          // Reset the full reported flag since we've made room
+          wifi_scan_obj.multissid_list_full_reported = false;
+        } else {
+          // Add to tracking list when there is room
+          MultiSSIDTracker new_tracker;
+          memcpy(new_tracker.mac, mac_addr, 6);
+          new_tracker.ssid_hashes[0] = ssid_hash;
+          new_tracker.unique_ssid_count = 1;
+          new_tracker.reported = false;
+          wifi_scan_obj.multissid_trackers->add(new_tracker);
+          ap_index = wifi_scan_obj.multissid_trackers->size() - 1;
+        }
+      } else {
+        MultiSSIDTracker tracker = wifi_scan_obj.multissid_trackers->get(ap_index);
+        
+        // Check if we have already seen this SSID hash
+        bool hash_found = false;
+        for (int i = 0; i < min(MULTISSID_THRESHOLD, (int)tracker.unique_ssid_count); i++) {
+          if (tracker.ssid_hashes[i] == ssid_hash) {
+            hash_found = true;
+            break;
+          }
+        }
+        
+        // Add new hash if not seen before
+        if (!hash_found && tracker.unique_ssid_count < MULTISSID_THRESHOLD) {
+          int index = tracker.unique_ssid_count;
+          tracker.ssid_hashes[index] = ssid_hash;
+          tracker.unique_ssid_count = min(MULTISSID_THRESHOLD, tracker.unique_ssid_count + 1);
+          wifi_scan_obj.multissid_trackers->set(ap_index, tracker);
+        }
+
+        // Check if this MAC now has enough unique SSIDs
+        if (tracker.unique_ssid_count >= MULTISSID_THRESHOLD) {
+          multi_ssid_ap = true;
+        }
+      }
+
+      // If we found a multi SSID AP, report it
+      if (multi_ssid_ap) {
+        if (snifferPacket->payload[37] <= 0) {
+          essid = "[hidden]";
+        } else {
+          for (int i = 0; i < snifferPacket->payload[37]; i++) {
+            essid.concat((char)snifferPacket->payload[i + 38]);
+          }
+        }
+
+        char addr[18];
+        snprintf(addr, sizeof(addr), "%02X:%02X:%02X:%02X:%02X:%02X",
+                mac_addr[0], mac_addr[1], mac_addr[2], 
+                mac_addr[3], mac_addr[4], mac_addr[5]);
+
+        // Add to confirmed Multi SSID list
+        ConfirmedMultiSSID new_confirmed;
+        memcpy(new_confirmed.mac, mac_addr, 6);
+        new_confirmed.essid = essid;
+        new_confirmed.channel = ap_channel;
+        new_confirmed.rssi = snifferPacket->rx_ctrl.rssi;
+        new_confirmed.ssid_count = wifi_scan_obj.multissid_trackers->get(ap_index).unique_ssid_count;
+        new_confirmed.displayed = false;
+        wifi_scan_obj.confirmed_multissid->add(new_confirmed);
+
+        String log_line = "MAC: " + String(addr) + 
+                      " CH: " + String(ap_channel) +
+                      " RSSI: " + String(snifferPacket->rx_ctrl.rssi) + 
+                      " SSIDs: " + String(new_confirmed.ssid_count) +
+                      " SSID: " + essid;
+        log_line += "\n";
+        delay(random(0, 10));
+        Serial.print(log_line);
+
+        display_string.concat("MAC: " + String(addr));
+        display_string.concat(" CH: " + String(ap_channel));
+        display_string.concat(" RSSI: " + String(snifferPacket->rx_ctrl.rssi));
+        display_string.concat(" SSIDs: " + String(new_confirmed.ssid_count));
+        display_string.concat(" SSID: " + essid);
+
+        int temp_len = display_string.length();
+        for (int i = 0; i < 40 - temp_len; i++) {
+          display_string.concat(" ");
+        }
+        
+        #ifdef HAS_SCREEN
+          display_obj.display_buffer->add(display_string);
+        #endif
+      }
+    }
+  }
+}
 
 void WiFiScan::beaconSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type)
 {
@@ -4622,8 +5417,10 @@ void WiFiScan::rawSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type)
       access_points->set(targ_index, targ_ap);
       Serial.println((String)access_points->get(targ_index).essid + " RSSI: " + (String)access_points->get(targ_index).rssi);
       display_string.concat((String)access_points->get(targ_index).essid);
-      display_string.concat(" RSSI: ");
-      display_string.concat((String)access_points->get(targ_index).rssi);
+      #ifndef HAS_MINI_SCREEN
+        display_string.concat(" RSSI: ");
+        display_string.concat((String)access_points->get(targ_index).rssi);
+      #endif
       int temp_len = display_string.length();
       for (int i = 0; i < 50 - temp_len; i++)
       {
@@ -4631,6 +5428,17 @@ void WiFiScan::rawSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type)
       }
       #ifdef HAS_SCREEN
         display_obj.display_buffer->add(display_string);
+        #ifdef HAS_MINI_SCREEN
+          display_string = "";
+          display_string.concat("RSSI: ");
+          display_string.concat((String)access_points->get(targ_index).rssi);
+          temp_len = display_string.length();
+          for (int i = 0; i < 50 - temp_len; i++)
+          {
+            display_string.concat(" ");
+          }
+          display_obj.display_buffer->add(display_string);
+        #endif
       #endif
     }
     else
@@ -6299,6 +7107,8 @@ void WiFiScan::main(uint32_t currentTime)
   (currentScanMode == WIFI_SCAN_TARGET_AP) ||
   (currentScanMode == WIFI_SCAN_AP_STA) ||
   (currentScanMode == WIFI_SCAN_PWN) ||
+  (currentScanMode == WIFI_SCAN_PINESCAN) ||
+  (currentScanMode == WIFI_SCAN_MULTISSID) ||
   (currentScanMode == WIFI_SCAN_DEAUTH) ||
   (currentScanMode == WIFI_SCAN_STATION_WAR_DRIVE) ||
   (currentScanMode == WIFI_SCAN_ALL))

esp32_marauder/WiFiScan.h

@@ -102,11 +102,20 @@
 #define BT_SCAN_ANALYZER 47
 #define WIFI_SCAN_PACKET_RATE 48
 #define WIFI_SCAN_AP_STA 49
+#define WIFI_SCAN_PINESCAN 50
+#define WIFI_SCAN_MULTISSID 51
 
 #define BASE_MULTIPLIER 4
 
 #define ANALYZER_NAME_REFRESH 100 // Number of events to refresh the name
 
+// PineScan and Multi SSID
+#define MULTISSID_THRESHOLD 3 // Threshold For Multi SSID
+#define MAX_MULTISSID_ENTRIES 100 // Max number of confirmed MultiSSIDs to store
+#define MAX_AP_ENTRIES 100 // Max number of APs to track for analysis
+#define MAX_DISPLAY_ENTRIES 1 // Max Unique MACs to display
+#define MAX_PINESCAN_ENTRIES 100 // PineScan Max Entries
+
 #define MAX_CHANNEL     14
 
 #define WIFI_SECURITY_OPEN   0
@@ -284,6 +293,74 @@ class WiFiScan
       WifiMgmtHdr hdr;
     } wifi_ieee80211_packet_t;
 
+		// Tracking structures for PineScan (similar to MultiSSID)
+    struct PineScanTracker {
+        uint8_t mac[6];
+        bool suspicious_oui;
+        bool tag_and_susp_cap;
+        uint8_t channel;
+        int8_t rssi;
+        bool reported;
+    };
+
+    // For confirmed Pineapple devices
+    struct ConfirmedPineScan {
+        uint8_t mac[6];
+        String detection_type;
+        String essid;
+        uint8_t channel;
+        int8_t rssi;
+        bool displayed;
+    };
+    LinkedList<PineScanTracker>* pinescan_trackers;
+    LinkedList<ConfirmedPineScan>* confirmed_pinescan;
+    bool pinescan_list_full_reported;
+    
+    // Security Conditions For Pineapple detection
+    enum SecurityCondition {
+        NONE = 0x00,
+        SUSPICIOUS_WHEN_OPEN = 0x01,
+        SUSPICIOUS_WHEN_PROTECTED = 0x02,
+        SUSPICIOUS_ALWAYS = 0x04
+    };
+
+    // SuspiciousVendor struct
+    struct SuspiciousVendor {
+        const char* vendor_name;
+        uint8_t security_flags;
+        uint32_t ouis[20];                 // Array of OUIs (max 20 per vendor)
+        uint8_t oui_count;                 // Number of OUIs for this vendor
+    };
+
+    // Declare the table for Pineapple
+    static const SuspiciousVendor suspicious_vendors[];
+    static const int NUM_SUSPICIOUS_VENDORS;
+
+    // Track for AP list limit (Uninitialised, Done in RunSetup)
+    bool ap_list_full_reported;
+
+    // MULTI SSID STRUCTS
+
+    struct MultiSSIDTracker {
+        uint8_t mac[6];
+        uint16_t ssid_hashes[MULTISSID_THRESHOLD];
+        uint8_t unique_ssid_count;
+        bool reported;
+    };
+
+    // New struct for confirmed MultiSSID devices
+    struct ConfirmedMultiSSID {
+        uint8_t mac[6];
+        String essid;
+        uint8_t channel;
+        int8_t rssi;
+        uint8_t ssid_count;
+        bool displayed;
+    };
+    LinkedList<MultiSSIDTracker>* multissid_trackers;
+    LinkedList<ConfirmedMultiSSID>* confirmed_multissid;
+    bool multissid_list_full_reported;
+
     // barebones packet
     uint8_t packet[128] = { 0x80, 0x00, 0x00, 0x00, //Frame Control, Duration
                     /*4*/   0xff, 0xff, 0xff, 0xff, 0xff, 0xff, //Destination address 
@@ -389,6 +466,8 @@ class WiFiScan
     void RunGPSNmea();
     void RunMimicFlood(uint8_t scan_mode, uint16_t color);
     void RunPwnScan(uint8_t scan_mode, uint16_t color);
+    void RunPineScan(uint8_t scan_mode, uint16_t color);
+    void RunMultiSSIDScan(uint8_t scan_mode, uint16_t color);
     void RunBeaconScan(uint8_t scan_mode, uint16_t color);
     void RunRawScan(uint8_t scan_mode, uint16_t color);
     void RunStationScan(uint8_t scan_mode, uint16_t color);
@@ -500,6 +579,8 @@ class WiFiScan
     int clearAirtags();
     int clearFlippers();
     int clearStations();
+    int clearPineScanTrackers();
+    int clearMultiSSID();
     bool addSSID(String essid);
     int generateSSIDs(int count = 20);
     bool shutdownWiFi();
@@ -552,6 +633,9 @@ class WiFiScan
     static void activeEapolSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type);
     static void eapolSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type);
     static void wifiSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type);
+    static void pineScanSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type); // Pineapple
+    static int extractPineScanChannel(const uint8_t* payload, int len); // Pineapple
+    static void multiSSIDSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type); // MultiSSID
 
     /*#ifdef HAS_BT
       enum EBLEPayloadType

esp32_marauder/configs.h

@@ -26,7 +26,7 @@
   //#define MARAUDER_CYD_GUITION // ESP32-2432S024 GUITION
   //// END BOARD TARGETS
 
-  #define MARAUDER_VERSION "v1.5.0"
+  #define MARAUDER_VERSION "v1.6.0"
 
   #define GRAPH_REFRESH   100
 

esp32_marauder/lang_var.h

@@ -103,7 +103,8 @@ PROGMEM const char text1_59[] = "Station Sniff";
 PROGMEM const char text1_60[] = "Clear Stations";
 PROGMEM const char text1_61[] = "Select Stations";
 PROGMEM const char text1_62[] = "Deauth Targeted";
-
+PROGMEM const char text1_63[] = "Detect Pineapple";
+PROGMEM const char text1_64[] = "Detect MultiSSID";
 
 //SDInterface.cpp texts
 PROGMEM const char text2_0[] = "Error, could not find update.bin";
@@ -179,12 +180,14 @@ PROGMEM const char text4_44[] = " AP Scan ";
 PROGMEM const char text4_45[] = "Clearing Stations...";
 PROGMEM const char text4_46[] = "Stations Cleared: ";
 PROGMEM const char text4_47[] = "Targeted Deauth";
+PROGMEM const char text4_48[] = " Detect Pineapple ";
+PROGMEM const char text4_49[] = " Detect MultiSSID ";
 
 //Making tables
 PROGMEM const char *text_table0[] = {text0_0,text0_1, text0_2, text0_3, text0_4, text0_5, text0_6, text0_7, text0_8};
-PROGMEM const char *text_table1[] = {text1_0,text1_1,text1_2,text1_3,text1_4,text1_5,text1_6,text1_7,text1_8,text1_9,text1_10,text1_11,text1_12,text1_13,text1_14,text1_15,text1_16,text1_17,text1_18,text1_19,text1_20,text1_21,text1_22,text1_23,text1_24,text1_25,text1_26,text1_27,text1_28,text1_29,text1_30,text1_31,text1_32,text1_33,text1_34,text1_35,text1_36,text1_37,text1_38,text1_39,text1_40,text1_41,text1_42,text1_43,text1_44,text1_45,text1_46,text1_47,text1_48,text1_49,text1_50,text1_51,text1_52,text1_53,text1_54,text1_55,text1_56,text1_57,text1_58,text1_59,text1_60,text1_61,text1_62};
+PROGMEM const char *text_table1[] = {text1_0,text1_1,text1_2,text1_3,text1_4,text1_5,text1_6,text1_7,text1_8,text1_9,text1_10,text1_11,text1_12,text1_13,text1_14,text1_15,text1_16,text1_17,text1_18,text1_19,text1_20,text1_21,text1_22,text1_23,text1_24,text1_25,text1_26,text1_27,text1_28,text1_29,text1_30,text1_31,text1_32,text1_33,text1_34,text1_35,text1_36,text1_37,text1_38,text1_39,text1_40,text1_41,text1_42,text1_43,text1_44,text1_45,text1_46,text1_47,text1_48,text1_49,text1_50,text1_51,text1_52,text1_53,text1_54,text1_55,text1_56,text1_57,text1_58,text1_59,text1_60,text1_61,text1_62,text1_63,text1_64};
 PROGMEM const char *text_table2[] = {text2_0,text2_1,text2_2,text2_3,text2_4,text2_5,text2_6,text2_7,text2_8,text2_9,text2_10,text2_11,text2_12,text2_13,text2_14};
 PROGMEM const char *text_table3[] = {text3_0,text3_1,text3_2,text3_3,text3_4,text3_5};
-PROGMEM const char *text_table4[] = {text4_0,text4_1,text4_2,text4_3,text4_4,text4_5,text4_6,text4_7,text1_54,text4_9,text4_10,text4_11,text4_12,text4_13,text4_14,text4_15,text4_16,text4_17,text4_18,text4_19,text4_20,text4_21,text4_22,text4_23,text4_24,text4_25,text4_26,text4_27,text4_28,text4_29,text4_30,text4_31,text4_32,text4_33,text4_34,text4_35,text4_36,text4_37,text4_38,text4_39,text4_40,text4_41,text4_42,text4_43,text4_44,text4_45,text4_46,text4_47};
+PROGMEM const char *text_table4[] = {text4_0,text4_1,text4_2,text4_3,text4_4,text4_5,text4_6,text4_7,text1_54,text4_9,text4_10,text4_11,text4_12,text4_13,text4_14,text4_15,text4_16,text4_17,text4_18,text4_19,text4_20,text4_21,text4_22,text4_23,text4_24,text4_25,text4_26,text4_27,text4_28,text4_29,text4_30,text4_31,text4_32,text4_33,text4_34,text4_35,text4_36,text4_37,text4_38,text4_39,text4_40,text4_41,text4_42,text4_43,text4_44,text4_45,text4_46,text4_47,text4_48,text4_49};
 
 #endif

pictures/xbm/pineapple_22.xbm

@@ -0,0 +1,9 @@
+#define be52a82b6ef24281d57d9491aef1484cv5n1Pq988C5WdKha_width 22
+#define be52a82b6ef24281d57d9491aef1484cv5n1Pq988C5WdKha_height 22
+static char be52a82b6ef24281d57d9491aef1484cv5n1Pq988C5WdKha_bits[] = {
+  0xFF, 0xFF, 0x3F, 0xFF, 0xF7, 0x3F, 0x7F, 0x96, 0x3F, 0xFF, 0xED, 0x3F, 
+  0x3F, 0x25, 0x3F, 0xDF, 0xD2, 0x3E, 0xFF, 0xED, 0x3F, 0x7F, 0x8E, 0x3F, 
+  0x3B, 0x77, 0x37, 0xBD, 0x6A, 0x2F, 0xD6, 0xBD, 0x1A, 0xDA, 0xDA, 0x16, 
+  0x5A, 0x6F, 0x16, 0x9A, 0xF7, 0x16, 0xD6, 0x5A, 0x1A, 0xDD, 0xBD, 0x2E, 
+  0xBB, 0x5A, 0x37, 0x3F, 0x6F, 0x3F, 0x7F, 0xB7, 0x3F, 0xFF, 0xCC, 0x3F, 
+  0xFF, 0xF3, 0x3F, 0xFF, 0xFF, 0x3F, };