YouTube SummarySee all summaries
Watch on YouTube
Publisher thumbnail
Loi Liang Yang
10:0111/30/24
Cybersecurity

Flipper Zero WiFi Portal [ESP32] Marauder

11/30/24
Summaries by topic
English

This tutorial demonstrates how to set up a fake Wi-Fi portal using Flipper Zero and the ESP32 Marauder firmware, allowing capture of usernames and passwords. The process involves flashing the Marauder firmware, installing the associated application, and configuring a fake access point to mimic a legitimate Wi-Fi network to obtain user credentials. The demonstration emphasizes the importance of ethical use and security awareness in cybersecurity.

Flashing Marauder Firmware

00:01:16 The process starts with downloading the Marauder firmware from GitHub and flashing it onto a Wi-Fi development board connected to a PC. Users are advised to use the 'no SD mod' option. The firmware allows the Flipper Zero to create a fake Wi-Fi access point that can capture login credentials.

Installing Marauder App

00:04:12 Once the firmware is flashed, the Marauder application needs to be installed on the Flipper Zero via the ‘lap.flipper.net’ website. The application provides a user interface to manage the fake Wi-Fi portal and associated functions, including setting up the fake access point.

Uploading Login Page

00:05:43 The tutorial emphasizes the need to upload a fake login page to the Flipper Zero, specifically an 'index.html' file, which will be displayed when someone connects to the fake Wi-Fi access point. Users can download various login pages from the Flipper Zero portal, such as those that mimic Facebook or other services.

Scanning for Access Points

00:07:01 To create a convincing fake Wi-Fi access point, the user needs to scan and identify a legitimate network in the vicinity to mimic. The tutorial demonstrates how to scan for networks and select a target Wi-Fi network, replicating its SSID.

Launching Evil Portal

00:08:00 Finally, the 'evil portal' is launched on the Flipper Zero, creating a fake Wi-Fi access point that mimics a legitimate network. When a device connects to this fake network and attempts to access the internet, the fake login page is displayed, allowing the user to capture the credentials entered.