#include "freertos/FreeRTOS.h" #include "esp_wifi.h" #include "esp_system.h" #include "esp_event.h" #include "esp_event_loop.h" #include "nvs_flash.h" #include "driver/gpio.h" #define LED_GPIO_PIN GPIO_NUM_4 #define WIFI_CHANNEL_MAX (13) #define WIFI_CHANNEL_SWITCH_INTERVAL (500) static esp_err_t event_handler(void *ctx, system_event_t *event); esp_err_t event_handler(void *ctx, system_event_t *event) { return ESP_OK; } static wifi_country_t wifi_country = {.cc="CN", .schan=1, .nchan=13, .policy=WIFI_COUNTRY_POLICY_AUTO}; typedef struct { unsigned frame_ctrl:16; unsigned duration_id:16; uint8_t addr1[6]; /* receiver address */ uint8_t addr2[6]; /* sender address */ uint8_t addr3[6]; /* filtering address */ unsigned sequence_ctrl:16; uint8_t addr4[6]; /* optional */ } wifi_ieee80211_mac_hdr_t; typedef struct { wifi_ieee80211_mac_hdr_t hdr; uint8_t payload[0]; /* network data ended with 4 bytes csum (CRC32) */ } wifi_ieee80211_packet_t; static void wifi_sniffer_init(void); static void wifi_sniffer_set_channel(uint8_t channel); static const char *wifi_sniffer_packet_type2str(wifi_promiscuous_pkt_type_t type); static void wifi_sniffer_packet_handler(void *buff, wifi_promiscuous_pkt_type_t type); // hackmag.com/security/esp32-sniffer/ void app_wifi(void) { uint8_t level = 0, channel = 1; /* setup */ wifi_sniffer_init(); gpio_set_direction(LED_GPIO_PIN, GPIO_MODE_OUTPUT); /* loop */ while (true) { gpio_set_level(LED_GPIO_PIN, level ^= 1); vTaskDelay(WIFI_CHANNEL_SWITCH_INTERVAL / portTICK_PERIOD_MS); wifi_sniffer_set_channel(channel); channel = 3; // (channel % WIFI_CHANNEL_MAX) + 1; } } void wifi_sniffer_init(void) { nvs_flash_init(); //tcpip_adapter_init(); ESP_ERROR_CHECK( esp_event_loop_init(event_handler, NULL) ); wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT(); ESP_ERROR_CHECK( esp_wifi_init(&cfg) ); ESP_ERROR_CHECK( esp_wifi_set_country(&wifi_country) ); /* set country for channel range [1, 13] */ ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) ); ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_NULL) ); ESP_ERROR_CHECK( esp_wifi_start() ); esp_wifi_set_promiscuous(true); esp_wifi_set_promiscuous_rx_cb(&wifi_sniffer_packet_handler); } void wifi_sniffer_set_channel(uint8_t channel) { esp_wifi_set_channel(channel, WIFI_SECOND_CHAN_NONE); } const char * wifi_sniffer_packet_type2str(wifi_promiscuous_pkt_type_t type) { switch(type) { case WIFI_PKT_MGMT: return "MGMT"; case WIFI_PKT_DATA: return "DATA"; default: case WIFI_PKT_MISC: return "MISC"; } } void wifi_sniffer_packet_handler(void* buff, wifi_promiscuous_pkt_type_t type) { if (type == WIFI_PKT_MGMT) return; if (type != WIFI_PKT_DATA) return; const wifi_promiscuous_pkt_t *ppkt = (wifi_promiscuous_pkt_t *)buff; if (ppkt->rx_ctrl.sig_len < 50) { return; } printf("Length of packet: %u Type:%s\r\n", ppkt->rx_ctrl.sig_len, wifi_sniffer_packet_type2str(type)); const wifi_ieee80211_packet_t *ipkt = (wifi_ieee80211_packet_t *)ppkt->payload; const wifi_ieee80211_mac_hdr_t *hdr = &ipkt->hdr; printf("PACKET TYPE=%s, CHAN=%02d, RSSI=%02d," " ADDR1=%02x:%02x:%02x:%02x:%02x:%02x," " ADDR2=%02x:%02x:%02x:%02x:%02x:%02x," " ADDR3=%02x:%02x:%02x:%02x:%02x:%02x\n", wifi_sniffer_packet_type2str(type), ppkt->rx_ctrl.channel, ppkt->rx_ctrl.rssi, /* ADDR1 */ hdr->addr1[0],hdr->addr1[1],hdr->addr1[2], hdr->addr1[3],hdr->addr1[4],hdr->addr1[5], /* ADDR2 */ hdr->addr2[0],hdr->addr2[1],hdr->addr2[2], hdr->addr2[3],hdr->addr2[4],hdr->addr2[5], /* ADDR3 */ hdr->addr3[0],hdr->addr3[1],hdr->addr3[2], hdr->addr3[3],hdr->addr3[4],hdr->addr3[5] ); if (ppkt->payload[26] != 0xAA || ppkt->payload[27] != 0xAA) { return; } if (hdr->addr2[4] != 0x46 || hdr->addr2[5] != 0xA6) { return; } for (int i=0; i < ppkt->rx_ctrl.sig_len; i++) { printf("i=%u-%02X ", i, ppkt->payload[i]); } printf("\r\n\r\n"); } void app_main(void) { //blapp_main(); //return; app_wifi(); return; nvs_flash_init(); tcpip_adapter_init(); ESP_ERROR_CHECK( esp_event_loop_init(event_handler, NULL) ); wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT(); ESP_ERROR_CHECK( esp_wifi_init(&cfg) ); ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) ); ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) ); wifi_config_t sta_config = { .sta = { .ssid = CONFIG_ESP_WIFI_SSID, .password = CONFIG_ESP_WIFI_PASSWORD, .bssid_set = false } }; ESP_ERROR_CHECK( esp_wifi_set_config(WIFI_IF_STA, &sta_config) ); ESP_ERROR_CHECK( esp_wifi_start() ); ESP_ERROR_CHECK( esp_wifi_connect() ); gpio_set_direction(GPIO_NUM_4, GPIO_MODE_OUTPUT); gpio_set_direction(GPIO_NUM_2, GPIO_MODE_OUTPUT); int level = 0; while (true) { gpio_set_level(GPIO_NUM_4, level); gpio_set_level(GPIO_NUM_2, level); level = !level; printf("testing2\r\n"); vTaskDelay(300 / portTICK_PERIOD_MS); } } |