Beacon Spam Random
WiFi>Attacks>Beacon Spam Random
The ESP32 is capable of transmitting specially crafted WiFi packets.
In a beacon spam random attack, beacons are broadcasted to all devices in range as fast as possible to overflow their lists of available network with invalid access points.
The base data required for all beacon frame to transmit successfully is hardcoded in the Marauder firmware.
// barebones packet
uint8_t packet[128] = { 0x80, 0x00, 0x00, 0x00, //Frame Control, Duration
/*4*/ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, //Destination address
/*10*/ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, //Source address - overwritten later
/*16*/ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, //BSSID - overwritten to the same as the source address
/*22*/ 0xc0, 0x6c, //Seq-ctl
/*24*/ 0x83, 0x51, 0xf7, 0x8f, 0x0f, 0x00, 0x00, 0x00, //timestamp - the number of microseconds the AP has been active
/*32*/ 0x64, 0x00, //Beacon interval
/*34*/ 0x01, 0x04, //Capability info
/* SSID */
/*36*/ 0x00
};The /* SSID */ tag is replaced by a randomly generated ESSID of a fixed size.
The bytes placeholder for the BSSID are replaced by randomly generated bytes.
The packet rate is displayed on screen.
This function can be exited by touching the screen. Once exited, the user will be sent back to the menu.