Hi, my name is Alex Lines, this is my talk on So You Want to Build Your Own Hacking Device.
So just a basic structure of what this talk is essentially going to go.
I'm going to introduce myself, why I'm giving this talk, and then we're going to go into the different components of what you would actually do when you're trying to build your own hacking device.
A little bit about devices that you can purchase currently on the market, and then points of considerations for the different components and just everything about them, down to software.
And then lastly, we're going to build a test project together that, spoiler alert, looks like this.
And it can be even smaller.
So, who am I?
To keep it short, I'm essentially a senior penetration tester for a company called Prescient Security.
One of my specializations is that anything that touches pretty much port 80 or 443, I pen test.
So that includes ATMs, augmented reality glasses, actual websites, mobile devices, both Android and Apple, along with APIs, I've pretty much hacked for my company.
I've worked on both the blue team and the red team.
Obviously, red team is what I currently do, but I used to do essentially network intrusion stuff, so whenever someone would go into a network, I would be there and say, hey, are you supposed to be doing that, or is this a security incident?
Super fun to do.
Certifications, I have so many.
Please don't be like me.
I have this thing where I like to play Pokemon with them, and that has made me spend so much money.
The ones of note that kind of are fun, the SISP, the GXPN, so that one is the Exploit Researcher and Advanced Penetration Tester, GWAPT is just a web app one, and then PIPA is TCM's IoT actual test.
That one is a lot of fun, if y'all haven't tried it, would recommend it.
For programming, this comes up in a little bit.
One of my specialties are Python, Golang, and JavaScript, with an interest in C languages and Java.
I also enjoy creating automations, learning about my random fixations for the month, which for this month and quarter is video game hacking, and then tying in with video game hacking, is I like to play video games.
Arguably, a little bit too much.
So, why am I giving this talk?
Why, I imagine, most of y'all are here.
Making your own stuff is fun.
Personally, I like tinkering with devices and making them do whatever I want.
It's part of the reason why I also got into hacking.
Again, tinkering with different components, seeing how they all interact with each other can be a lot of fun, and if you do it right, can be really, really cheap, and you can also learn how to make stuff do exactly what you want.
I'm a big fan of taking some device that's supposed to, let's say, check on the weather, and then saying, hey, if it's too dark outside because it's cloudy, let's make my whole house turn like a nice dark red to kind of fit the mood.
Or if it's really bright outside, turn off all the lights because it's too bright and the house is probably also really bright.
Another part of it, for this talk, is IoT is life, unfortunately.
IoT devices reside within all buildings.
It's around us.
The signals penetrate us, and it binds us through technology sometimes.
In many ways, IoT devices have become like midichlorians.
Lastly, well, not necessarily lastly, but IoT devices can also be really cheap, and that kind of ties into another reason why I'm specifically giving this talk is because last year, not necessarily here at different conferences, I gave a talk using drones to augment red team engagements,
and in those engagements, when you have a drone, in case some of y'all don't know, drones can fly about 140 miles per hour.
I would rather not have a device on that that cost me $300 because if it crashes, and I have crashed quite a few of them, I lose a $300 device.
Or, I crash this, and I'm out maybe $17 if for some reason it all explodes, and it doesn't.
It's very nice.
So, to go a little bit over some background about hacking devices, some of the most popular ones I've seen, I'm sure everyone recognizes it, the Flipper Zero.
It was about $160 when I came out with this presentation.
Right now it's about $169.
They are super cool because you can do a lot of things with them, as I'm sure most of y'all are aware of.
But, their downside, while they can do a lot of things really well, they don't necessarily do one thing amazingly.
So, when you're making your own devices, you kind of want to have it more purposeful and not so generic, because the same device I'm doing, let's say, RFID scanning on, I'm probably not doing RF scanning on, and I'm definitely not using it as a bad USB.
Another device that I'm a fan of, and is actually one of the people that inspired me to make a bunch of different things, is the creator of the Wi-Fi USB Nugget.
It's essentially a device that's sole purpose is to mess with Wi-Fi signals, whether that be deauth attacks, whether that be different types of scanning.
That is one of the really cool devices, and you can actually get it at DEF CON last year and create your own from the actual creator of it.
And one of the nice things about those devices is they look like a Tamagotchi, if y'all are aware of what those are.
And it's super cute.
Whereas the Flipper Zero, since a lot of people are aware of them, they have the issue of customs agents and different law enforcement agencies actually recognize this as a hacking device.
And it's not as common as it was back a couple years ago, but there was actually legislature for the Flipper Zeros to get banned in Canada due to them being used for car hacking.
Now, can they really car hack?
Not necessarily.
Rolling codes make it harder to do that, but they can be recognized.
Versus making your own device, no one's going to stop me for this.
They're just going to be like, oh , you barely know what you're doing.
Whatever, please leave me alone.
Don't talk about it.
So, when you're making your own device, one of the things that you have to decide very quickly is what kind of device are you going to use as its base.
For me, to make it really simple, I have three different devices that I would typically consider.
An ESP32, which is similar to what you see here.
A Raspberry Pi Pico, which, if you have one of these badges, there's a device at the very top.
That's actually a Raspberry Pi Pico.
And then an Arduino Nano.
You don't really see those that much, to be honest with you, but they do exist, and you can actually add stuff to them.
As you can see, there's a lot of pros and cons with each of them.
They have varying price points, and the power requirements are different, and sometimes similar.
But to keep it really, really high level, ESP32s and some Picos allow wireless capabilities, whereas the Nano and then the other Picos require additions to be added to the chips to make them wireless.
That is really a huge thing to consider when you're making your devices, if you want it wireless or not.
So, now that you see those three options, what board should you get?
In my opinion, you really have two options here.
The ESP family, or the Picos.
You can use an Arduino, but keep in mind, you will have to add peripherals to it.
That can be simple, or that can be rather difficult.
I personally don't use that, because it's a lot of extra steps, and an ESP is pretty cheap, and they're readily available.
Last year, actually, they had a vendor that was giving out these.
I'm not too sure if they have those, or anyone's giving them out, but these are really easy to come across.
And then, also, Picos.
Again, simple projects.
They're not as powerful as an ESP32 or an 8266, but if all you're wanting to do is basic information, they're very helpful for that.
ESPs, a bit stronger.
They have Wi-Fi, they have Bluetooth capabilities.
If you're wanting to do more advanced wireless things, I would personally highly recommend using one of those.
So, as I'm sure most of you all are aware of, those are not all the devices you can get.
Like, what about a Raspberry Pi?
What about the Pi Zeros, a Zima, UNOs, and devices like that?
So, the purpose of this presentation, I'm actually not going to include those for a very simple reason.
When you're trying to put stuff on a drone, this is very small.
If I keep it under 250 grams, I don't have to register it with the FAA.
If you want to put a Raspberry Pi on a drone, and then give it a power source that lasts more than five minutes, it's going to be over 250 grams.
Mostly because of that power bank.
Those power banks can get small or really heavy.
So, ESPs and microcontrollers are better, in my opinion, for this than a microcomputer.
That being said, I don't think that they are completely useless.
If you want to use, let's say, Kali for ARM, because you want to use already-made tools, you can definitely go with a Raspberry Pi, because those are way stronger, they have USB support, and those devices, just quite honestly, can do things that ESP can never do.
But you have the considerations of, hey, this is a lot heavier.
This is going to keep it over 250 grams.
If I want to legally fly the drone, I have to register it.
And then a bunch of technically other things, but those are the highlights that I like to think about when deciding the device.
So, now that we have a basic idea of what board we are going to use and what kind of technology, if we're sticking to the microcontroller, what language should we use?
A lot of text, to be honest with you all.
A lot of pros and cons.
Keep it really short.
MicroPython and CircuitPython are essentially a flavor of Python.
How many of you all know Python?
Or at least can read it a little bit?
Awesome.
I have great news for you all.
You all can probably program in MicroPython or CircuitPython.
Very, very simple.
There's a nice documentation page that goes over the differences and the big thing you have to do is learn how to do pip differently.
After that, you're off to the races.
Other options is Arduino and things like C and C++, Rust, and other compiled languages that you can technically use.
But they have a lot more limitations and they're harder.
If you all took computer science classes, especially the last, I want to argue, 10 years, because that's when I took them, C is hard.
Compiling stuff is harder, especially when they give you an error message about a semicolon out of place 35 lines up.
That made me cry a lot of nights right before the assignment was due.
So I prefer Python.
And another thing with Python that I like to use for it is Python typically gives you a file system.
That can be exceptionally helpful for collecting information and storing it on the device.
Versus C, I imagine it is theoretically possible to do that.
I don't know how to do that because that's a lot of extra steps.
Again, with compiling, not the best.
But there are trade-offs and one of the biggest trade-offs is with C and Arduino, the issues you get is with them, you usually have an all-in-one experience.
If any of you have programmed with Arduino, you know it has that very particular IDE.
That IDE is something that is going to keep all the libraries together, upload it to the device, and flash it for you.
That is an amazing tool to have.
MicroPython technically has one as well called Thorney, but if you are like me and like to use Visual Studio Code, or Visual Code Studio, it doesn't come with that natively.
You have to do a lot of steps and download some questionable add-ons to get it working.
And even then, I've never got it working on Python, but I got it working on Windows, but it kind of sort of, 50% of the time, works on Linux.
So that's another thing to consider about the pros and cons of those.
So, now on to the next fun part.
What board should you use?
If y'all have messed with these before, this is a breadboard.
These are very cheap.
Dirt cheap.
But they're not the best.
It's kind of hard to see at this distance, but as you can see, this red wire is not plugged in.
That's because it is too loose, and I can't connect it to this board at all, because it's not soldered, it's not secured.
It's actually probably because it fell off a drone.
So, it messed with the wires.
So, it's not the best for things that you need to do, stuff that is going to be experiencing, like, a lot of change in velocities, or falling.
But, if you need a quick and dirty proof of concept , these are great.
And , you don't have to worry about soldering, you don't have to deal with all those tiny, annoying details.
Perfboards.
They're a little bit better.
You can use them, and you can secure stuff to them.
However, they require a little bit more effort.
They're a little bit more expensive.
And, on top of that, they're a lot harder to use.
For example, these breadboards, if I put it on a row, it connects all of that row.
Some perfboards do not have that.
You actually have to bridge those connections.
And it is not fun.
Especially when you try to bridge it, and you have an incomplete connection.
That makes it super difficult.
Then, lastly, the nicest option for professional stuff, you can actually use fabricated boards.
Fabricated boards for stuff like PCBWay, and I am sure there's a bunch of other ones, but the YouTubers I all use, they love PCBWay.
You can design and then get those boards shipped to you.
It's great.
Only issue is, when you're waking up at 3 o'clock in the morning thinking I have a genius idea, you can't use that board because you have to put a lot of designing and effort into that board before you can even upload it, and then shipping takes quite a bit of time.
So that's why I kind of like these breadboards.
So, this actually came up last time I spoke about this.
There's an in-between between the breadboard and the perfboard.
You can have a happy medium from ElectroGlueCookie, my bad, called their boards.
One of the nice things about these is it takes the two boards, a breadboard and a perfboard, and they put some functionality together.
You still have to solder, but you don't have to bridge connections as much anymore.
They come in a variety of sizes, and they come in a variety of colors, which can be super nice to make your presentation again, look better than this.
So, let's go to the very specific, why would I use one over the other?
Breadboards.
Again, rapid development.
I don't have to spend five hours learning how to solder and how to do it correctly.
I can just put pins together, and I have something that's functional.
Perfboards.
If I want to put something on a drone, if I want to put this on a car, if I want to move it around and not keep it in a protected Tupperware case, it can take some hits because, again, you are soldering it to the board.
But again, soldering takes effort.
Fabricated board.
If I wanted to sell this product, or this board as a product, I probably want something that looks nicer than something that has duct tape on it.
And then, best part, if you like little cats, you can get a board that looks like a cat and make it look like a tomogato.
I'm a huge fan of making cool little designs, and you can label it.
Can't exactly label a breadboard.
So, that's awesome.
Now that we have the idea of what boards we want to use, what device we want to use, the next part about making your own hacking device is what is the goal of this device?
Because that drastically changes things.
For example, do I want to just have this board where I will physically look at it?
Awesome.
That means I need to have some way to show data.
Whether that be LED lights on the actual board itself, a little screen, or you know, WiFi so I can connect somewhere else to it, or let's say you want to be really cool and use encrypted LoRa so that that way you can send the data and have it encrypted over 10 miles at least.
You have to figure out how you're going to get the data from it, whether it be physically looking at it or pulling it from another device.
Next is how do you want to interact with it?
That can be something that becomes really important because if you're interacting with your device, how are you going to change settings?
For example, if I want to change the WiFi that I'm trying to clone, am I going to have a screen and buttons?
Am I going to have a touch screen that has a touch board keypad?
Am I going to use little joysticks?
Or am I going to use a web page to do that?
Things to consider for that device.
And then lastly, how are you going to interact with the world around you?
Are you going to measure it?
If you are going to measure stuff, like let's say distance, you need a range finder of some kind.
Whether it's via sound or lasers , you need a measuring device.
And then also for stuff like temperature, humidity, and light levels, another helpful thing to have is the appropriate devices.
And then lastly, what if you want to actually interact with stuff?
For example, if something was within 20 centimeters of you, you want to click a button, congratulations, now you need a motor or a servo.
And then, let's say 20 centimeters again, but this time I want to turn on my TV, I need an IR blaster now.
I don't need a motor.
So that's one of the things that you really need to consider when you're trying to make your device.
How does it work?
How does it interact with the world?
And what do I need?
Now, personally, when I started out doing this, I didn't know what an IR blaster was.
I didn't know what a lumen detector was.
So how do you get these devices?
Well, you have two options.
You can go onto something like Amazon, SparkFun, or Adafruit, and you can actually order the individual components.
Really cool ideas, but if you're just starting out, I would not recommend that.
There's a much easier way, a much more fun way, and that's by getting a STEM or a project starter kit.
I'm down in Texas, so down there we have micro centers.
Micro centers sell these really cool inland packages that give you a bunch of components and a bunch of documentation for those components.
And with that, you can actually take it, build their projects, and then build up from there.
Do I want to, you know, just take this little motor that spins, or do I want to take that motor and tie it onto, like, a stick so it can now press a button?
That is a lot better options than going on there, ordering 15 different parts, and then wondering, all right, what now?
Because you can run into a lot of issues, like we're going to discuss in the next slide, about why that isn't the best case always.
And then if you don't have a micro center, Amazon has Elegoo.
If you look up STEM starter kits or, you know, what is it, ESP32 robotics kits, usually, Elegoo is up there because they make a lot of products like that, and they have huge kits ranging from, I believe, $30 all the way up to $80, with just all the components you could ever use.
And it's actually a really nice starting point.
Because it comes with documentation.
Documentation, believe it or not, while it is the bane of a lot of people's existence, it is super helpful when dealing with these tiny parts.
The reason for that is if you are coding something and you're getting the readings back from these sensors, unless you have something like electrical engineering degree, which I do not, I'm not going to know what these values mean.
I need something to take these values and make it interpretable.
Another nice thing about these documentations is sometimes they'll have it in multiple languages.
For example, MicroPython.
They'll probably have something for there if it says on the kit itself, hey, you can program in MicroPython, C, and Arduino.
If they don't, I would recommend getting a different pack, because if you don't have documentation, you run into the issue of I have this part, now how do I use it in the language that I am currently programming in?
C doesn't really have this issue, or Arduino doesn't have this issue as much, because that's what most people use.
But if you want to go the easy route with Python, you definitely need that.
From there, another fun issue is, is that product actually end of life?
I, with the route of actually purchasing a multi-axis stabilizer, not stabilizer, but sensor to detect the rotation, and I actually got a model that was five years out of date, that everywhere notated it, except for where I looked at it.
When I went to go and look up documentation for it, I only found it in C, not even Arduino, just in C, which is really inconvenient when you're programming in MicroPython.
Then I looked up the latest version of it, turns out, if you add 100 to the actual name of the product, you get a more modern version, way more features, has way more documentation on it, and in that documentation, included in MicroPython.
So another reason why these kits can be super helpful.
So, when you're getting these kits, you also have another issue, and this is something that I struggle with, and if y'all can actually wait, that is awesome, and I am proud of you.
I can't.
I honestly will spend the three dollars to get it tomorrow.
And that is the time.
And that also correlates into pricing.
So if you get something, at least for now, on AliExpress, it is usually about five to ten times cheaper than if you get it on Amazon.
But it takes how much you're saving, that's how much more time it takes to actually get the product.
And again, I want to make this project tomorrow, I don't want to make it in five months when I decide, oh yeah, I was trying to make that.
I don't care about it anymore.
I try to do stuff as soon as I can, so for me, the timing is something that's super important.
And then lastly, when you're getting these components, a large thing that kind of was shown a couple slides back, with these power requirements, for example, 5 volt, 3.3 volt, and 5 volt, how are you going to power these devices?
Because some, the energy requirements are not the same for everything.
So on here, there's actually a screen.
The screen is really nice, it's really pretty, it requires 5 volts.
Issue comes in, if I use a Raspberry Pi Pico, by default, it only provides 3.3 volts.
So when I tried to use it, unless I made a workaround or I overpowered the Raspberry Pi Pico, that screen was never turning on.
And that becomes an issue, because if you need the screen, and it doesn't power on, no matter what you do with that closed system, it's not going to work, which is why I switched over to an ESP32.
So that's something also that you need to take into consideration when you are selecting the parts.
So, in my opinion, at this point, we now have a basic idea of everything we need to do to make our own hacking project.
We know what board we want to use, we know what device we want to use, and we have a basic idea of components that we might need to get, and the considerations for those components.
Now , let's all, let's put it together and actually make something.
For example , for the project that I used last year , I made an Evil Twin , essentially, device with an ESP32.
What it would do is it would launch a Wi -Fi access point that said, if you have, also, please don't do this in real life.
I did this on the ground, away from an airport, and away from an airplane.
I decided I wanted to clone American Airlines in-flight Wi-Fi.
Because, why not?
So, I made a device that would, it would launch, it would actually show AA in-flight.
And it would copy a random MAC ID, so that that way it could say, hey, I'm American Airlines.
You would log into it, it would say, hey, welcome to American Airlines.
What is your password?
You type in the password, and if it was for the fake actual American Airlines, because for this one, I had a password on it, it would try to log in, and if it logs in correctly, it turns itself off, so that way you can actually connect to the real American Airlines.
Once it did that, it would then throw up a new access point that would then actually clone the SSID and something called a BSSID, and it would use the same security level.
So why that can be a little bit important, is if you're familiar with a device called a Wi -Fi pineapple, that is actually how you make evil twins.
And you can, I actually was able to compromise my computer by using the BSSID, SSID , and the security level to actually make my computer auto-connect, which has a lot of interesting implications if you're trying to do red team engagements.
So, while that sounded super complicated, and it can be, we can break it down into six easy steps.
I need to clone something with a Wi-Fi I don't know the password for, I need a way for someone to submit a password, and then I need to get those credentials remotely, because if I am throwing this somewhere on a client spot, I don't want to walk up to this,
constantly checking, hey , did you grab credentials?
Hey, did you grab credentials?
I want it remote so I can be in a car saying, okay , cool, nothing's happening.
And then something that I would like is to have it actually check the password for me, show me what the password was if it was submitted successfully, and then lastly , a history of everything that was done, or submitted.
The reason for that is, let's say you have a client that wants to actually or that has multiple passwords, what if it was their Active Directory password that they tried instead of their Wi-Fi password?
What if they submitted a bunch of random passwords that they know, I don't know whatever this is, let me just submit all my passwords and see which one works.
Well, I can take that information and then pass it to the rest of my team and say, hey, here's a password list that I've found, use a program like Crunch, add stuff in there like 2025, 2026, 2024, and go nuts.
So that's why grabbing all the possible passwords could be helpful versus just the ones that were successful.
So, let's design this.
This is actually the price breakdown of this board.
One of the key things to note that you didn't really see, on the back it has a battery.
That battery is good for about 8-10 hours, and it is relatively cheap, and you can recharge these pretty easily.
But again, a lot of information, there's a lot of reasons why I chose the parts, but end of the day to make everything easier, $17.48 to make this one device per unit, $77 in total to actually buy all the parts in bulk.
All via Amazon, so you could do it for cheaper.
So, to break down some of the ideas, essentially what we need to do.
We need a wireless access point.
We need to make a web page.
On that web page, we need to have it so that way you can submit data and act as a captive portal, and then you need an obscure endpoint so that that way if someone's trying to access this device, they're not going to be like, oh, well, my company uses Wi-Fi passwords for whatever reason as a valid web page.
If they go there and they see all the passwords, they're going to think something is up if the device is asking for a password, and then it lists everything.
For the likes, we need an access point that can switch to a client.
The reason for that is while we have the access point that you can connect to, I want it to check the password for me that is technically a client.
A way to see it from a distance.
These ESP devices have actual LED lights that are obscenely bright when they're really close to you.
That is helpful for seeing them at a distance.
And then lastly, saving all the data.
It would be nice to have them in a text box or a text page.
So for me, before I commit to any real projects or making any real devices, I need some simple proof of concept to make sure that I'm not actually wasting my time.
So it is a little bit harder to read than expected, but in short, the code there shows that I'm setting up an access point, I am setting it up so that way other people can connect to it, and then after they connect to it, it shows on the screen saying,
hey, your setup is complete.
After the setup is complete, it turns on a DNS server to catch everything so that that way when you connect, you don't go to some random place that's like, hey, no, please connect here so that that way you're not just trying to go to Google, you're trying to access myself,
and that becomes helpful later for that, for actually grabbing information and making it auto-connect.
Then underneath it, we have a place where I can actually grab the data.
This becomes helpful, because again, I don't want to have to plug this in to grab all the passwords.
So, now that we have an idea that this is possible, we can now move forward with it.
Because again, it is hard to see the size at times and how small this is, here it is next to a mini-muffin and an orange to really show it is small.
It can go in a lot of different places.
So, what you really need for this project is just this ESP32 device.
You do not... there we go.
All you need is this and a power source.
You don't need the rest of this board.
The board is nice and it has a battery, but you can have the small device, tape a battery on it, and then throw it anywhere.
That can be super helpful when you're trying to make these devices very obscure for putting them in like a parking lot or a parking garage.
And after that, we can go through and see what the software for these devices actually, or this device actually is because, well, it is super cool that I said, hey, we have a device that can clone Wi-Fi's, it can take them, the ID, and then throw it back up.
Like, you know, proof or it did not happen.
So, for DNS capturing, one of the main things that you do here is depending on the device that you are using, captive portals react differently.
For Android, they actually want you to check and grab a generate underscore 204.
Apple devices actually look for hotspot detect.html.
For different hosts, let's say you're trying to resolve google.com, you can tell it, hey, wrong host, you did not actually resolve to 192.168.4.1, I need you to go there.
And you change it to a 302, so that that way it actually goes to that location.
And then lastly, just a general catch-all.
So, if it's not looking for my 192.168.4.1, I need it to redirect there.
And that bottom portion is actually what controls that.
Next is the HTML.
One of the fun things about this is this html.index is not as simple as it normally is.
So, there are variables at the top.
Essentially, it's looking for a status.
If it doesn't have valid credentials because it couldn't connect to the WiFi, it is, by default, false.
Which is going to serve the main page, and it's going to say, hey, please insert this page.
And on the device, you can't really see it because it's really html, and html kind of sucks to look at.
But it just shows, hey, welcome to American Airlines online WiFi.
Please insert your password so that that way we can connect you to the actual WiFi.
In this attack scenario that I made, the scenario is essentially, it's a WiFi extender.
Well, in reality, I'm sure most of y'all will know, WiFi extenders don't work like that.
You don't need to put in your password.
There's going to be some people at that company that you're targeting that won't realize that, and they'll say, hey, this has a stronger signal.
Let me connect.
So that is what the main page does.
And then if they actually show compromise, then it goes to another page.
Again, because I play, unfortunately, way too many video games, it shows a GG page, which essentially, for me, is to show, hey, you got compromised.
I want you to feel bad about this because now I have your password.
I have access into your actual network.
So to fix, or to show the credentials, one of the issues with these devices is when you're checking a connection, you have a WiFi access point.
You have to turn off the access point, make it a client, connect, and then find out if it works, come back, and then show, hey, it worked, or it didn't work.
The issue with that is that takes some time.
So on the page, there's actually a JavaScript that what it will do is it will wait 15 seconds and then reload the page.
That's about five or six seconds more than it needs to make all the requisite checks and come back.
It loads you back into the index page so that that way it can find out, hey, which page am I serving?
Am I serving the phishing page?
Or am I serving the, you know, you got caught page?
And then it just loops over and over again until it shows, hey, you've been compromised.
So for the checking, again, if y'all are aware of how the access point works, there's the code for it.
Short version of it, again, access point turns off access point, connects, checks password, then comes back with an answer.
It can be really annoying getting that to work, but shorter version of how that one works.
And then for the last one, I needed, again, a name that makes it so that no one is going to check this by default.
If for whatever reason they're running DurrBuster or using SecLists to get the actual page, you want a page that doesn't show up.
So I chose the fun phrase run it down mid, hence why Teemo is there.
This page, when you go to it, will actually show every single password that was submitted.
Obviously the last one is going to be the actual password that was correct.
So you can use that for using stronger devices, or you can just hand over that password list remotely to someone and they say, hey, cool, I'm going to grab all these passwords, throw them into a processing tool, now if I want to use Hashcat, if I want to use Cruel,
or I want to use other things with these passwords, I now have a list and I don't have to go to Alex and find out what these passwords were.
Then lastly, upgrades, people.
Upgrades.
Again, this ESP device, super cool, super cheap.
Issue kind of comes in, it is not that powerful.
It can do more.
This case, really flimsy.
It would be really nice if instead I had a 3D printed case on Perfboard, or if I just fabricated a board and had 3D prints on it.
What if I want the board to update itself?
Another project that I've made, actually when it connects to the Wi-Fi, it will go out to GitHub, grab code based on the client, and then rewrite itself.
So instead of serving a phishing page, now I have a light C2 framework where I have a shell on this device and I know the password.
So I can reach out and say, hey, now that you're here, ping the whole network, see who's there.
Or, hey, you know, I'm using Laura, let's go over to the device that we have on-prem that's a little bit stronger, like a Raspberry Pi, and here are the password credentials to log in.
Now please log in and run the script.
It is a lot nicer than just having this device and assuming, oh, okay, we're good.
Because if this device gets caught, and you know how to interact with it, you can just give up your whole operation just because now they have the source code.
Versus if you spill it up, you can actually put some obfuscation behind it, so if they don't interact with the webpage correctly, they won't get to see what the second part of the payload is.
And then, scanning WIFIs and cloning them is also really fun, to be fair.
You can do war droning, and you can actually have this set up so you can go beginning to end and just have it rewrite itself all from a drone and you never have to interact with it.
This has been super fun, but, again, in conclusion, why should y'all care?
In my opinion, if you want to build your own hacking devices, you're not going to go out tomorrow, for example, and build the next Flipper Zero.
You have to take small, incremental steps to get to that kind of goal, so the walk of 500 miles to walk 500 more is just one step at a time .
And in this case, a relatively simple one and a relatively cheap one .
Again, inspections.
If I go, for example, to the security here, they don't care about this.
They don't even know what this is.
But if you show them a Flipper Zero, they might have training on that and seize that device or just say, hey, get out, we know what that is.
And, to be fair, Flipper Zeros can actually be considered a lethal weapon just because when they spam Bluetooth, if you have a medical device that is sensitive to Bluetooth technology, you can actually jam those and brick them lightly.
There were a couple of reports recently, well, not recently, a couple years ago, or a year ago, where someone's actual insulin pump got messed with because people were sending out these smart connects via Bluetooth and it jammed it, and if they didn't fix it quickly,
their insulin pump was just out of commission.
So some of the security guards who would take them are not entirely wrong.
You just need a little bit of fear and that can actually make those devices really hard to get into places.
And then also another reason for these devices is specialization.
Again, I can make this device do one thing, and while it can't do everything that a Flipper Zero can do, it can do one thing really, really well, depending on how I program it, and that can be a lot more useful than a general-purpose device.
So other projects that I would recommend looking into, because not everyone really cares about, you know, cloning Wi-Fi's and putting up fake access points, you can use it for out-of-band communication.
Let's say for whatever reason, you want to communicate with your friends, you all live within ten miles of each other, and you want to use it for lore, and you want to have encrypted, like, secret hacker talks.
That's awesome.
You can put a lore device on this, put it up at a high place, and now you can talk to your friends in those environments, even without cellular, and you can have conversations over an encrypted channel.
You want to do war droning and find out what all the Wi-Fi's are around you, along with their security levels?
You can do that with ESP32 and small devices.
Or, if you want a spoofing device.
My boss did not enjoy that I did this, but whenever I went to SecretCon last year, I crashed at my boss's place, and I decided, hey, let's turn on this device, clone his SSID and BSSID for his Wi-Fi devices, and I managed to accidentally bring down his entire network while he was playing Final Fantasy XIV,
just because this device was too close and it had the wrong values that all of his devices were like, I don't know who to connect to, so we're just not going to connect.
He was less than thrilled about that.
So, thank you so much.
Any questions?
The only issue that you might come across is actually uploading the Python script onto the actual device, but when you're downloading MicroPython, there are different ways to do it, especially over Telnet and TTY.
Yeah, VS Code and Thorney to actually upload code to the devices.
Any other questions?
Yes.
So, if I use batteries or wired-in, I like to use wired-in just because I don't necessarily want to charge all these LiPo cell batteries.
I do FPV flying, so I have the chargers for it, but it's just kind of annoying versus the USB-C connection.
It's a lot easier.
Yes.
So, that is a fun question that I've asked, or I've had for a while.
So, Arduino, for whatever reason, is the FileExtension.ino, as far as I can tell, that is a language that they use for their microcontrollers.
So , it's the same company that made the board, again, as far as I can tell.
So, they are the same words, but...
Not even a totally different product, it's just so much... The implementations of it are like... They're the same, but it's like, let's choose a different name.
I like C, or just pick a C flavor, like C-sharp, C++, Y-use, Arduino for that exact same thing.
Alright.
Any other questions?
Awesome.
Well, if you decide you have questions later, or you want to talk about this later, there's my LinkedIn, and feel free to connect with me on there.
Thank you.