Galileo Profile picture
Jan 22 16 tweets 9 min read
🧵 Don't read on if you want to continue using your WiFi 🛜☠️.
The tools I release are for educational and didactic purposes. Please be responsible when using them and take into account the current legislation to avoid problems with the law.
The WiFi of your mobile or PC is a real indiscreet as it calls the last networks to which it has connected, this is known as "Probe Request", serves to save battery and speed up the connection, but exposes 100m around where we live, work or have been.
We will use the #WiFi packet monitor for #ESP32.
#PacketMonitor32 by @spacehuhn

This version is awesome, warns of deauth attacks and can save packets to SD for later analysis with #Wireshark.
github.com/spacehuhn/Pack…
I slightly modified the #PacketMonitor32 code and now every time a probe request packet is received, it is displayed over the serial port.

You can download the modified version from here:

github.com/G4lile0/Heimda…
How can they know where I live with just the name of my WiFi?

Easy, there are databases of WiFi names associated with your position, one of the best known is Wigle.
wigle.net/map?maplat=40.…
Another problem with WiFI networks is how easily we can be blocked either to a single device, or all users of a network by sending special packets called "deauth".
The biggest problem is not having a funny neighbor who cuts off our WiFi, but the criminals who use this technique in public places to push us to their access points and steal our data.
These APs are known as pineapples.
We can use the ESP8266 Deauther another amazing tool from @spacehuhn.

Which serves to search for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners.
github.com/SpacehuhnTech/…
As a curiosity @spacehuh created an emergency deauther.... (you can imagine what it can be used for 😅).
When using WiFi they can approximate our position even through the walls... for this I have modified the excellent PhatSniffer by @larsjuhljensen which you can download here:

github.com/larsjuhljensen…
PhatSniffer graphically represent the associations of clients and APs, gives us lists with the RSSI or in other words the quality of signal reception.
Receiving the signal from several receivers, knowing their location and the the signal RSSI we can approx. the position of the emiter.
Technique is called trilateration and the trick was to design it cheap with 3x ESP8266, it was a challenge to program it but I did not invent it.
So I created HEIMDALL-WIFI-RADAR a modification of phatsniffer that allows using three or more wireless #esp8266 nodes communicating with #ESPNOW protocol to trilaterate the positions of all the wifi devices around you.

You can download this POC here:
github.com/G4lile0/Heimda…
Now I present you the opposite utility SkyLift
When there is no GPS signal, mobiles use the position of nearby APs to locate us...
What happens if we generate a false SSID + MAC signal?
Exactly! They will think we are somewhere else..... 😀

ahprojects.com/skylift/
I developed the Purple Hash Monster 👾 with an #esp32
It audits the wifi security, store EAPOL & PMKID packets in an SD-CARD (these packets include the Wifi Password Hash, If the password is weak, is very easy to calculate the original password...)
github.com/G4lile0/ESP32-…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Galileo

Galileo Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @G4lile0

Jan 15
⚠️A while ago I developed Heimdall-WiFi-Radar, only with 3× ESP8266 it was possible to track and position WiFis devices through walls, now with the help of AI we have a new level, it is possible to know where you are and what are you doing! 😱😱
Research done by Jiaqi Geng, Dong Huang, and Fernando De la Torre from @CarnegieMellon

Paper 👇
arxiv.org/abs/2301.00250
Source code for the Heimdall-WiFi-Radar PoC is here, be careful how you use it :
"With great power comes great responsibility".
github.com/G4lile0/Heimda…
Read 4 tweets
Jan 14
⚠️Hace tiempo desarrolle Heimdall-WiFi-Radar, con solo 3× ESP8266 posicionaba dispositivos WiFis atraves de los muros, ahora con ayuda de la IA tenemos un nuevo nivel, se sabe donde estás y lo que estas haciendo 😱😱😱
Para más información podéis ver el estudio aqui:👇
arxiv.org/abs/2301.00250
Por cierto el codigo del PoC de Heimdall-WiFi-Radar lo teneis aquí, ojito como lo usáis, un gran poder conlleva una gran responsabilidad
github.com/G4lile0/Heimda…
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(