ESP32 Marauder: Add Evil Twin Access Point functionality

The ESP32 Marauder is a firmware developed for the ESP32 for Wi-Fi security and pentesting. We developed the evil twin access point for the Marauder giving pentesters a useful AP tool on the go.

Comment

Inspiration

The Flipper Zero is the gold standard for penetration testers and ethical hackers for hacking on the go. We wanted to expand on its Wi-Fi penetration testing capabilities, and the perfect avenue to build upon this product was by expanding the functionality on existing firmware.

What it does

This allows the creation and cloning of an existing access point, creating a way of attack after deauthentication. An unknowing user would connect to the access point, where their credentials and security can be compromised.

How we built it

We used ESP-32 Devboards and the Flipper Zero to execute our game plan. By using an existing GitHub repository under justcallmekoko/ESP32Marauder, we created extra functionality.

Challenges we ran into

Building and debugging took up a majority of our time. A lot of documentation was missing or obsolete, which we had to sift through and improve upon to aid others in the future.

Accomplishments that we're proud of

We were able to execute a proof of concept attack on an existing network and are surprised in the different tool we were able to use and develop.

What we learned

We took this project as a learning opportunity to learn 1) how esp32 environment works, 2) how Wi-Fi networks can be approached as an avenue of attack, and 3) how to improve network security in the future.

What's next for ESP32 Marauder: Add Evil Twin Access Point functionality

Currently on the Marauder, we are able to create an evil twin access point. In the future, we hope to migrate our codebase into existing firmware for the Flipper, creating true remote and wireless testing.

Built With

Share this project:

Updates