0xchocolate / flipperzero-wifi-marauder Goto Github PK
View Code? Open in Web Editor NEWFlipper Zero WiFi Marauder companion app
License: GNU General Public License v3.0
Flipper Zero WiFi Marauder companion app
License: GNU General Public License v3.0
FAP is outdated after compared to recent Flipper Marauder update. There are missing options and controls, to include items such incorrect file timestamps and multiple flipper device crashes.
No response
No response
No response
Hey,
I just wanted if it was possible to edit the ESP32_WiFi_Marauder.fap file to change the rickroll by anything else ?
Load failed GPIO/es32_wifi-_marauder.fap
Found unsatisfied imports
running latest extreme build
Instead of adding an additional sdcard slot to the breakout board could we potentially save pcaps's to the flipper's sdcard?
No response
Describe the bug
When adding a script and you press 'Save' from the UI Keyboard on the Flipper Zero, it causes a complete freeze of the UI, no button inputs work, the system requires a hard reboot by holding Left + Back to function again.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A script template should be created and the UI should return to the previous menu.
Marauder (please complete the following information if applicable):
Additional context
Flipper Zero is running Unleashed Firmware 'unlshd-065'
After the Hard Reboot the Script is created and can be edited, so I assume the crash happens after the app creates the Script '.json' file.
For some reason when I flash the fw for LDDB marauder doesn't work. I am using the esp flasher app on the flipper
To make possible that the log collected by the app contains a compatible format with wigle.net
Here is the format https://api.wigle.net/csvFormat.html
Hello! Your [ESP32] WiFi Marauder app version 7.0 fails to build with the SDK version 0.98.0-rc f7. Please update the app in your repository and create a new pull request to the catalog repository with the updated manifest file.
IMPORTANT: Don’t forget to update the app version and commit version in the manifest file.
I am encountering the exact same issue, and tried copying the `index.html` file at various locations on the Flipper Micro SD card, at:
None of these seem to work, error persists.
Then I noticed I initially missed an important note in docs: https://github.com/justcallmekoko/ESP32Marauder/wiki/evil-portal-workflow#important-note
Not very experienced on the topic but could it be that /apps_data/marauder/ap.config.txt
is read from the Flipper Zero SD Card, while /index.html
is read from the root of the ESP32 SD Card ?
Note: That would require extra hardware enabling the ESP32 SD card capabilities, using either a SD adapter board or a MicroSD Breakout according to the following instructions: https://github.com/justcallmekoko/ESP32Marauder/wiki/flipper-zero#sd-card-modification
@bitterbuick did I get this right ?
Originally posted by @opskovitch in #28 (comment)
Opening the text input when adding a new Script still does contain text from other text inputs on V0.6.5
Reproduction
1.SSID add rand (others do work too)
2.Go to "Scripts"
3.Add script
-> The text from SSID add rand is still inside the text box
4. Go Back on step
5. Add script
-> Now the text is properly deleted.
The App can use some kind of scripts.
From v0.3.4 changelog:
" Scripts are here! Thanks to [@tcpassos 2]
...
The scripts are saved in the “apps_data/marauder/scripts” folder as JSON files."
Where could one find the documentation or examples of the scripts?
Hey everyone!
Is it possible to perform a deauth attack while sniffing to save pcaps with handshakes on sd card? Maybe i am wrong, but as i understand its not possible in the latest fw.
When you load a bigger size html, followed by a smaller size html there appears to be some kind of buffer overflow bug.
Has been duplicated by everyone I've asked to confirm. Load stock Matrix html then load Soectrum html to test for results matching mibe (see above pic)
Using the new Marauder firmware that includes Evil Portal. Not sure if issue exists in dual boot version.
when i run scan ap i get 150+ networks. if i go to list to select an ap the listing starts at number ~70. and i cannot scroll up to to see scanned aps 1-70.
No response
No response
No response
New firmware is out 0.78.1
Can you please update support? thanks
I'm trying to install the Marauder firmware on my Flipper dev board, and even after the binary has been flashed, a red light appears after boot.
I tried to install it several times, but there was no success.
The flipper seems to soft-lock and requires forcefully rebooting it if you try to edit wifi marauder stages. It doesn't seem to be a issue with the devboard since the behaviour is the same with or without it plugged in.
Reproduction
1.Open wifi marauder
2.Go to "Scripts"
3.Create a new script
4.Add a scan stage
5.Edit the scan stage
6.Edit "timeout" from 15 seconds default to 30 seconds for example
7.Press "save" while in the timeout-editor
8.The flipper becomes unresponsive.
Hi Led of on S2 MINI (ESP32) not work.
(WiFi Marauder companion 0.7.0)
All captured PCAP files are blank 0 bytes.
Sniff
Capture
Saved file is 0 bytes
No response
No response
No response
command: sniffraw
description:
Sniff raw WiFi traffic including data frames. Outputs source MAC address to display
command: attack -t deauth [-s <src_addr>] [-d <dst_addr>]
description:
Users will have the option to specify a source MAC address and/or a destination MAC address when executing a deauthentication attack. If the user wishes to specify an address, they will be expected to format it as follows...
xx:xx:xx:xx:xx:xx
or XX:XX:XX:XX:XX:XX
. All other functionality of the attack command remains unchanged
No response
Hello! Your [ESP32] WiFi Marauder app version 6.6 fails to build with the SDK version 0.98.2-rc f7. Please update the app in your repository and create a new pull request to the catalog repository with the updated manifest file.
IMPORTANT: Don’t forget to update the app version and commit version in the manifest file.
I can scan for aps and list them but when I go to select it does not save and then screen does not go back. When going back the selected ap number is gone. Am I not following the correct procedure ?
When using the Sniff PMKID ap option on the Flipper the majority of packets captured, including EAPOLS, are not from the targeted ap.
I'm also wondering, what's the difference between using the Sniff option with selected and using Sniff PMKID option right below it with ap selected? The only thing I can tell is that the Sniff PMKID ap option also sends deauths, if you have that setting enabled, while the Sniff option does not.
Also, I thought one of the main advantages of the newer PMKID attack was that it doesn't require deauths, or even any connected clients at all, it sends an association request to grab the PMKID straight from the AP. So why does the Sniff PMKID option send deauths at all? It seems to be sending deauths and trying to grab the hash at the EAPOL stage, which is not a PMKID attack as the name of the option on the Flipper would imply.
Simply run Sniff PMKID ap
No response
No response
No response
Hi there! I was wondering if console logging to a text file on the flipper could be added to the Wifi Marauder Companion plugin? That way any data data captured like the PMKID is saved and full logs are backed up to the SD card without needing to solder to the dev board.
No response
Hi, after flashing the latest version (without _sd_serial
) as it does not support microSD, I tried to capture beacons in the Sniff->Beacon
option, but the PCAP file is empty. I was using v0.12.0 FW and MC v0.6.2.
Also, I've tried to capture the Sniff -> RAW
but without success, the PCAP file was still empty.
Hello! Your [ESP32] WiFi Marauder app version 7.0 fails to build with the SDK version 0.98.1-rc f7. Please update the app in your repository and create a new pull request to the catalog repository with the updated manifest file.
IMPORTANT: Don’t forget to update the app version and commit version in the manifest file.
In wifi marauder, after scanning, we select an access point using the "select -a" command.
For example, after scanning, I have "list -a" in which there are 40 access points. And I want to pick a few.
Wifi murader supports multi-selection, you can write several numbers separated by commas like this "select -a 3,6,8,15,19,22,23" and all these points will be selected, you will not need to open the "select" item in menu every time and enter new number.
But the problem is that in the keyboard that is used in the application, as I understand it is a stock keyboard, there is no comma, there is also no dash, to add a parameter, for example, choosing "Sniff PKMID on channel", I want to add the -d parameter, so that it would be like this "sniffpkmid -c 11 -d", so that deauthentication is also performed. Also no colon to enter mac address
Perhaps you can somehow modifie keyboard in the application?
It would be very convenient if the app could play a sound whenever arbitrary event happens - new beacon detected, new PMKID sniffed, or anything else basically. Especially useful in those cases when you need to wait for said event for a while to happen or when it's simply impractical to have your eyes glued to screen all the time. Of course, it should be a configurable and optional feature.
If I open the plugin, start the rickroll attack, stop the attack, exit the app, and then restart the app again, the flipper crashes and restarts due to "NULL pointer dereference".
Tested on Eng1n33r's Unleashed firmware, build un1-12a629.
Summary:
Sniff PMKID mode spams broadcast deauth packets from every AP it sees even when selecting any of the "passive" modes in the flipperzero menu.
Steps to reproduce:
Flipperzero running Unleashed Firmware 069e with version 0.6.6 of the wifi-marauder companion app.
ESP32 wifi dev board running the ESP32 Marauder firmware installed using FZEasyMarauderFlash
Nearby computer with wifi interface in monitor mode
(optional: phone attached to wifi network)
On the nearby computer, open a wireshark session on the wifi interface in monitor mode, and observe raw wifi traffic. Set the wireshark filter to "wlan.fc.type_subtype == 0x000c" to filter for deauth frames.
On the flipperzero, navigate to the wifi marauder app, select "sniff" for PKMID, then select "Passive".
EAPOL messages should start appearing on the flipperzero.
Deauth Broadcast Frames appear in wireshark.
Expected Behaviour:
Passive mode should not be expected to transmit any signals to other devices. It should be listen only. Sending deauth frames should be under the "Active" option.
This would be a helpful feature to utilize.
Love the program!
It would be very practical to have Sniff button right bellow Attack button because for EAPOL you need to death and then sniff raw...
Would it be possible to add this change to new release or could you point me out where should I change the source code and rebuild it myself? Thanks for the response!
beacon spam using a selected list of SSIDs only produces one beacon using first SSID name in list. Selecting multiple SSID names using select -s 0,1,2,etc. Does not result in any SSID beyond the one at [0] index being created when running #attack -t beacon -l
Hello!
Your [ESP32] WiFi Marauder app version 7.0
fails to build with the SDK version 0.99.0-rc f7
. Please update the app in your repository and create a new pull request to the catalog repository with the updated manifest file.
IMPORTANT: Don’t forget to update the app version and commit version in the manifest file.
Flipper Team
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.