This Arduino sketch transforms an ESP32 into a Pwnagotchi trainer, helping Pwnagotchis improve their ability to detect, deauthenticate, and capture handshakes from Wi-Fi networks in a dynamic, ever-changing environment.
The sketch as of now focuses mainly on association training (Still trains other areas, but minimally) but I'm working on deauth training and a few other features.
-
"Invalid JSON" message fix: This helps limit messages in serial monitor.
-
Send beacon MAC address fix: Ensures the MAC address string is always correctly formatted with two characters per byte.
-
Random RSSI: Set random transmission power between 0 and 82 (max 19.5 dBm) This feature makes sure the Pwnagotchi gets exposure to all tyes of signal strengths.
-
Channel Hopping: Every 10 seconds, the ESP32 switches to a new Wi-Fi channel. This ensures that the Pwnagotchi gets exposure to networks on various channels, enhancing its training by scanning across a wider range of frequencies.
-
AP/SSID Hopping: Changes network every 60 seconds. This simulates a constantly changing Wi-Fi environment by dynamically switching between different SSIDs. This keeps the Pwnagotchi actively scanning, analyzing new networks, and attempting to capture handshakes in a variety of conditions.
-
Beacon Broadcasting: Broadcasts beacon every 5 seconds containg the randomly generated SSID, channel and MAC address for the pwnagotchi in training to discover/associate/deauth.
-
Promiscuous Mode (Sniffer) & Beacon Frame Interaction: The ESP32 operates in promiscuous mode, capturing Wi-Fi management frames, particularly beacon frames sent by Pwnagotchis, extracts the Pwnagotchi's name from the JSON payload, and displays it. This helps identify specific Pwnagotchis in training.
-
A corresponding plugin: The Training_Block plugin aids in allowing wpa-sec plugin to skip uploading pcap files containing "PT_" in the filename. This eliminates useless uploads and work for wpa-sec. More info coming soon on this plugin...
-
Detection of Access Points: The Pwnagotchi passively scans for networks. When it detects the SSIDs broadcast by this ESP32 trainer, it analyzes and interacts with the networks, learning how to deauthenticate and potentially capture handshakes.
-
Interaction with Beacon Frames: The Pwnagotchi detects beacon frames sent by the ESP32, which contain SSID, channel info, and MAC addresses. This interaction helps the Pwnagotchi practice passive handshake capture, improving its ability to detect vulnerable networks.
-
Name Recognition: If a Pwnagotchi sends out beacon frames with its name embedded in the metadata, the ESP32 recognizes and displays it on the screen, showing which Pwnagotchis are actively training.
-
Training Pwnagotchi AI: The randomization and constantly changing network environment forces the Pwnagotchi to work harder in recognizing patterns and interacting with networks, enhancing its learning and automated penetration testing capabilities.
-
Real-World Simulation: By generating random SSIDs, passwords, and beacon frames, the trainer creates a dynamic Wi-Fi environment similar to what Pwnagotchis would encounter in real-world scenarios.
Successfully tested on these devices:
The Training_Block plugin is to be uploaded to your pwnagotchi in the respected location of plugins. After uploading the plugin add "main.plugins.Training_Block.enabled = true" to your config.toml file without the quotes though and save it. Reupload your config.toml and reboot the pwnagotchi.
https://github.com/Roalkege: Added feature to turn on/off channels 12 & 13.
This project is licensed under the GNU License. See the file for details.
Feel free to contribute or report any issues you find!