WiFiTools Class Reference

Collaboration diagram for WiFiTools:

Public Member Functions
	WiFiTools ()
	Construct a new Wi-Fi Tools object.
void	initWiFiTools (fs::SDFS &sdInstance)
	Initialise the Wi-Fi tools object.
void	nextChannel ()
	Function to change the Wi-Fi channel.
void	rickRollBeaconSpam (int duration)
	Function to run a Rick Roll beacon spam attack.
void	scanWiFiNetworks ()
	Function to scan for available Wi-Fi networks.
std::vector< wifi_ap_record_t >	getAvailableNetworks ()
	Get the Available Networks object.
void	clearFoundWiFiNetworks ()
	Function to clear the found Wi-Fi networks vector.
void	runAction ()
	Function to call from external code to run the action.
void	stopNetworkDeauth ()
	Function to end the network deathentication attack.
void	startNetworkDeauth (uint8_t *networkSSID, uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, uint8_t *targetMacAddr, int delayMs, uint8_t reasonCode)
	Function to start a deauthentication attack.
void	deauthNetwork (uint8_t *networkSSID, uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, uint8_t *targetMacAddr, int numPackets, int delayMs, uint8_t reasonCode)
	Function to run a deauthentication attack.
void	handshakeCapture (uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, int captureTime)
	Function to initiate a passive handshake capture.
void	activeHandshakeCapture (uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, int captureTime)
	Function to initiate an active handshake capture.
void	findClients (uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, int captureTime)
	Function to identify clients connected to a network.
void	toggleRickRollBeaconSpam (bool enable)
	Function to toggle the Rick Roll beacon spam attack.
	WiFiTools ()
	Construct a new Wi-Fi Tools object.
void	initWiFiTools (fs::SDFS &sdInstance)
	Initialise the Wi-Fi tools object.
void	nextChannel ()
	Function to change the Wi-Fi channel.
void	rickRollBeaconSpam (int duration)
	Function to run a Rick Roll beacon spam attack.
void	scanWiFiNetworks ()
	Function to scan for available Wi-Fi networks.
std::vector< wifi_ap_record_t >	getAvailableNetworks ()
	Get the Available Networks object.
void	clearFoundWiFiNetworks ()
	Function to clear the found Wi-Fi networks vector.
void	runAction ()
	Function to call from external code to run the action.
void	stopNetworkDeauth ()
	Function to end the network deathentication attack.
void	startNetworkDeauth (uint8_t *networkSSID, uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, uint8_t *targetMacAddr, int delayMs, uint8_t reasonCode)
	Function to start a deauthentication attack.
void	deauthNetwork (uint8_t *networkSSID, uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, uint8_t *targetMacAddr, int numPackets, int delayMs, uint8_t reasonCode)
	Function to run a deauthentication attack.
void	handshakeCapture (uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, int captureTime)
	Function to initiate a passive handshake capture.
void	activeHandshakeCapture (uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, int captureTime)
	Function to initiate an active handshake capture.
void	findClients (uint8_t *networkBSSID, uint8_t channel, int availableNetworkIndex, int captureTime)
	Function to identify clients connected to a network.

Private Member Functions
void	beaconSpamSetup ()
	Setup function for the beacon spam attack.
void	generateRandomMac ()
	Function to generate a random MAC address.
void	sendBeaconPacket ()
	Function to send a single beacon packet.
void	sendDeauthPacket (uint8_t *apMac, uint8_t *stMac, uint8_t channel, uint8_t reasonCode)
	Function to transmit a deatuthentication packet.
void	filterForClients (const wifi_ieee80211_mac_hdr_t *hdr)
	Function to identify clients based on detected packets.
void	filterForHandshakes (void *buf, wifi_promiscuous_pkt_type_t type)
	Function to filter packets for handshake capture.
void	processWiFiData (uint8_t *networkBSSID, uint8_t channel, int captureTime, bool captureHandshake, bool detectClients)
	Function to begin capture and processing of Wi-Fi data.
void	beaconSpamSetup ()
	Setup function for the beacon spam attack.
void	generateRandomMac ()
	Function to generate a random MAC address.
void	sendDeauthPacket (uint8_t *apMac, uint8_t *stMac, uint8_t channel, uint8_t reasonCode)
	Function to transmit a deatuthentication packet.
void	filterForClients (const wifi_ieee80211_mac_hdr_t *hdr)
	Function to identify clients based on detected packets.
void	filterForHandshakes (void *buf, wifi_promiscuous_pkt_type_t type)
	Function to filter packets for handshake capture.
void	processWiFiData (uint8_t *networkBSSID, uint8_t channel, int captureTime, bool captureHandshake, bool detectClients)
	Function to begin capture and processing of Wi-Fi data.

Static Private Member Functions
static void	promiscuousPacketHandler (void *buf, wifi_promiscuous_pkt_type_t type)
	Callback function for promiscuous packet handling.
static void	promiscuousPacketHandler (void *buf, wifi_promiscuous_pkt_type_t type)
	Callback function for promiscuous packet handling.

Private Attributes
const bool	wpa2 = true
char	emptySSID [32]
uint8_t	channelIndex = 0
uint8_t	macAddr [6]
uint8_t	randomMacAddr [6]
uint8_t	wifiChannel = 1
uint32_t	currentTime = 0
uint32_t	packetSize = 0
uint32_t	packetCounter = 0
uint32_t	attackTime = 0
uint32_t	packetRateTime = 0
uint8_t	targetBSSID [6]
uint8_t	targetChannel
wifi_packet_flag	packetScanFlag
fs::SDFS *	sd = nullptr
wifi_attack_mode	attackMode = WiFi_IDLE
deauthPacket_t	setDeauthPacket
long	lastDeauthTime = 0
int	lastBeconIndex = 0
long	lastBeaconTime = 0
long	beaconPaketDelayMs = 10
wifi_init_config_t	cfg = WIFI_INIT_CONFIG_DEFAULT()
std::vector< uint8_t * >	detectedClients
std::vector< uint8_t * >	capturedPackets
std::vector< wifi_ap_record_t >	foundWiFiNetworks
uint8_t	deauthPacket [26]
uint8_t	beaconPacket [109]
const char *const rickRollSSIDs[8]	PROGMEM

Member Function Documentation

activeHandshakeCapture() [1/2]

void WiFiTools::activeHandshakeCapture	(	uint8_t *	networkBSSID = NULL,
		uint8_t	channel = NULL,
		int	availableNetworkIndex = NULL,
		int	captureTime = 10000
	)

Function to initiate an active handshake capture.

Parameters

networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
captureTime	Duration to capture packets for

References deauthNetwork(), and processWiFiData().

activeHandshakeCapture() [2/2]

void WiFiTools::activeHandshakeCapture	(	uint8_t *	networkBSSID,
		uint8_t	channel,
		int	availableNetworkIndex,
		int	captureTime
	)

Function to initiate an active handshake capture.

Parameters

networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
captureTime	Duration to capture packets for

deauthNetwork() [1/2]

void WiFiTools::deauthNetwork	(	uint8_t *	networkSSID = NULL,
		uint8_t *	networkBSSID = NULL,
		uint8_t	channel = NULL,
		int	availableNetworkIndex = -1,
		uint8_t *	targetMacAddr = NULL,
		int	numPackets = 1,
		int	delayMs = 100,
		uint8_t	reasonCode = 2
	)

Function to run a deauthentication attack.

Parameters

networkSSID	SSID of the target network
networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
targetMacAddr	MAC address of the target device
numPackets	Number of deauthentication packets to send
delayMs	Delay between sending deauthentication packets
reasonCode	Reason code for the deauthentication

References sendDeauthPacket().

Referenced by activeHandshakeCapture().

deauthNetwork() [2/2]

void WiFiTools::deauthNetwork	(	uint8_t *	networkSSID,
		uint8_t *	networkBSSID,
		uint8_t	channel,
		int	availableNetworkIndex,
		uint8_t *	targetMacAddr,
		int	numPackets,
		int	delayMs,
		uint8_t	reasonCode
	)

Function to run a deauthentication attack.

Parameters

networkSSID	SSID of the target network
networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
targetMacAddr	MAC address of the target device
numPackets	Number of deauthentication packets to send
delayMs	Delay between sending deauthentication packets
reasonCode	Reason code for the deauthentication

filterForClients() [1/2]

void WiFiTools::filterForClients ( const wifi_ieee80211_mac_hdr_t *  hdr )

private

Function to identify clients based on detected packets.

Parameters

hdr	Pointer to the MAC header of the packet

Referenced by promiscuousPacketHandler().

filterForClients() [2/2]

void WiFiTools::filterForClients ( const wifi_ieee80211_mac_hdr_t *  hdr )

private

Function to identify clients based on detected packets.

Parameters

hdr	Pointer to the MAC header of the packet

filterForHandshakes() [1/2]

void WiFiTools::filterForHandshakes ( void *  buf, wifi_promiscuous_pkt_type_t  type  )

private

Function to filter packets for handshake capture.

Parameters

buf	Pointer to the packet buffer
type	Type of the packet

Referenced by promiscuousPacketHandler().

filterForHandshakes() [2/2]

void WiFiTools::filterForHandshakes ( void *  buf, wifi_promiscuous_pkt_type_t  type  )

private

Function to filter packets for handshake capture.

Parameters

buf	Pointer to the packet buffer
type	Type of the packet

findClients() [1/2]

void WiFiTools::findClients	(	uint8_t *	networkBSSID = NULL,
		uint8_t	channel = NULL,
		int	availableNetworkIndex = NULL,
		int	captureTime = 10000
	)

Function to identify clients connected to a network.

Parameters

networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
captureTime	Duration to scan for clients

References processWiFiData().

findClients() [2/2]

void WiFiTools::findClients	(	uint8_t *	networkBSSID,
		uint8_t	channel,
		int	availableNetworkIndex,
		int	captureTime
	)

Function to identify clients connected to a network.

Parameters

networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
captureTime	Duration to scan for clients

getAvailableNetworks() [1/2]

std::vector< wifi_ap_record_t > WiFiTools::getAvailableNetworks

(

)

Get the Available Networks object.

Returns

std::vector<wifi_ap_record_t>

References scanWiFiNetworks().

getAvailableNetworks() [2/2]

std::vector< wifi_ap_record_t > WiFiTools::getAvailableNetworks

(

)

Get the Available Networks object.

Returns

std::vector<wifi_ap_record_t>

handshakeCapture() [1/2]

void WiFiTools::handshakeCapture	(	uint8_t *	networkBSSID = NULL,
		uint8_t	channel = NULL,
		int	availableNetworkIndex = NULL,
		int	captureTime = 10000
	)

Function to initiate a passive handshake capture.

Parameters

networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
captureTime	Duration to capture packets for

References processWiFiData().

handshakeCapture() [2/2]

void WiFiTools::handshakeCapture	(	uint8_t *	networkBSSID,
		uint8_t	channel,
		int	availableNetworkIndex,
		int	captureTime
	)

Function to initiate a passive handshake capture.

Parameters

networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
captureTime	Duration to capture packets for

initWiFiTools() [1/2]

void WiFiTools::initWiFiTools

(

fs::SDFS &

sdInstance

)

Initialise the Wi-Fi tools object.

Parameters

sdInstance

Instance of the SD card filesystem

initWiFiTools() [2/2]

void WiFiTools::initWiFiTools

(

fs::SDFS &

sdInstance

)

Initialise the Wi-Fi tools object.

Parameters

sdInstance

Instance of the SD card filesystem

processWiFiData() [1/2]

void WiFiTools::processWiFiData ( uint8_t *  networkBSSID, uint8_t  channel, int  captureTime, bool  captureHandshake, bool  detectClients  )

private

Function to begin capture and processing of Wi-Fi data.

Parameters

networkBSSID	MAC address of the target network
channel	Channel to capture packets on
captureTime	The duration to capture packets for
captureHandshake	Flag to capture handshake packets
detectClients	Flag to identify connected clients

References promiscuousPacketHandler().

Referenced by activeHandshakeCapture(), findClients(), and handshakeCapture().

processWiFiData() [2/2]

void WiFiTools::processWiFiData ( uint8_t *  networkBSSID, uint8_t  channel, int  captureTime, bool  captureHandshake, bool  detectClients  )

private

Function to begin capture and processing of Wi-Fi data.

Parameters

networkBSSID	MAC address of the target network
channel	Channel to capture packets on
captureTime	The duration to capture packets for
captureHandshake	Flag to capture handshake packets
detectClients	Flag to identify connected clients

promiscuousPacketHandler() [1/2]

void WiFiTools::promiscuousPacketHandler ( void *  buf, wifi_promiscuous_pkt_type_t  type  )

staticprivate

Callback function for promiscuous packet handling.

Parameters

buf	Pointer to the packet buffer
type	Type of the packet

References filterForClients(), and filterForHandshakes().

Referenced by processWiFiData().

promiscuousPacketHandler() [2/2]

static void WiFiTools::promiscuousPacketHandler ( void *  buf, wifi_promiscuous_pkt_type_t  type  )

staticprivate

Callback function for promiscuous packet handling.

Parameters

buf	Pointer to the packet buffer
type	Type of the packet

rickRollBeaconSpam() [1/2]

void WiFiTools::rickRollBeaconSpam

(

int

duration = 15000

)

Function to run a Rick Roll beacon spam attack.

Parameters

duration

Duration of the attack in milliseconds, defaults to 15 seconds

References beaconSpamSetup(), generateRandomMac(), and nextChannel().

rickRollBeaconSpam() [2/2]

void WiFiTools::rickRollBeaconSpam

(

int

duration

)

Function to run a Rick Roll beacon spam attack.

Parameters

duration

Duration of the attack in milliseconds, defaults to 15 seconds

sendDeauthPacket() [1/2]

void WiFiTools::sendDeauthPacket ( uint8_t *  apMac, uint8_t *  stMac, uint8_t  channel, uint8_t  reasonCode  )

private

Function to transmit a deatuthentication packet.

Parameters

apMac	MAC address of the access point
stMac	MAC address of the device to deauthenticate
channel	Chanel to transmit the packet on
reasonCode	Reason code for the deauthentication

Referenced by deauthNetwork(), and runAction().

sendDeauthPacket() [2/2]

void WiFiTools::sendDeauthPacket ( uint8_t *  apMac, uint8_t *  stMac, uint8_t  channel, uint8_t  reasonCode  )

private

Function to transmit a deatuthentication packet.

Parameters

apMac	MAC address of the access point
stMac	MAC address of the device to deauthenticate
channel	Chanel to transmit the packet on
reasonCode	Reason code for the deauthentication

startNetworkDeauth() [1/2]

void WiFiTools::startNetworkDeauth	(	uint8_t *	networkSSID = NULL,
		uint8_t *	networkBSSID = NULL,
		uint8_t	channel = NULL,
		int	availableNetworkIndex = -1,
		uint8_t *	targetMacAddr = NULL,
		int	delayMs = 50,
		uint8_t	reasonCode = 2
	)

Function to start a deauthentication attack.

Parameters

networkSSID	SSID of the target network
networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
targetMacAddr	MAC address of the target device
delayMs	Delay between sending deauthentication packets
reasonCode	Reason code for the deauthentication

startNetworkDeauth() [2/2]

void WiFiTools::startNetworkDeauth	(	uint8_t *	networkSSID,
		uint8_t *	networkBSSID,
		uint8_t	channel,
		int	availableNetworkIndex,
		uint8_t *	targetMacAddr,
		int	delayMs,
		uint8_t	reasonCode
	)

Function to start a deauthentication attack.

Parameters

networkSSID	SSID of the target network
networkBSSID	BSSID of the target network
channel	Channel of the target network
availableNetworkIndex	Index of the target network in the foundWiFiNetworks vector
targetMacAddr	MAC address of the target device
delayMs	Delay between sending deauthentication packets
reasonCode	Reason code for the deauthentication

toggleRickRollBeaconSpam()

void WiFiTools::toggleRickRollBeaconSpam

(

bool

enable

)

Function to toggle the Rick Roll beacon spam attack.

Parameters

enable

True to enable the attack, false to disable it

References beaconSpamSetup().

Field Documentation

deauthPacket

uint8_t WiFiTools::deauthPacket

private

Initial value:

= {
         0xA0, 0x00,                          
         0x3A, 0x01,                          
         0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,  
         0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,  
         0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,  
         0x00, 0x00,                          
         0x01, 0x00                           
    }

PROGMEM

const char* const rickRollSSIDs [8] WiFiTools::PROGMEM

private

Initial value:

= {
        "NeverGonnaGiveYouUp",
        "NeverGonnaLetYouDown",
        "NeverGonnaRunAround",
        "AndDesertYou",
        "NeverGonnaMakeYouCry",
        "NeverGonnaSayGoodbye",
        "NeverGonnaTellALie",
        "AndHurtYou"}

---

The documentation for this class was generated from the following files:

• Software/GUI/WiFiTools.h
• Software/WiFi/WiFiTools.h
• Software/GUI/WiFiTools.cpp
• Software/WiFi/WiFiTools.cpp