This repository contains proof-of-concept code that uses an ESP32-S2 based WiFi Nugget to phish for user credentials over WiFi, by appearing as an inconspicuous network attached camera. You can watch the full demo here (coming soon)!
Nugget SSDP Phisher
SSDP is a protocol that allows devices to broadcast their presence on a local network, allowing for easy discovery and management. Network attached storage devices (NAS), smart-home cameras, printers and other network-connected devices utilize this protocol to make themselves easily found and configurable.
Using SSDP, the ESP32 / WiFi Nugget broadcasts itself as an inconspicuous network device that appears to be a web camera. When the user tries to log in and "configure" it, their credentials get phished and logged instead.
This code serves as a simple POC of how SSDP can be used in an "evil twin" type of attack, and also is a simple demo to create your own SSDP device.
All you need is an ESP32 WiFi microcontroller! If you want to support our project and follow along with cute cat graphics, you can also buy a WiFi Nugget.
WiFi Nugget
Since you'll need to tweak the program to run with your own WiFi credentials, you'll have to compile the Arduino program from scratch. To do so, you'll need to following libraries:
- SH1106 Screen Library
- Adafruit NeoPixel Library
- ESP32 SSDP Library
- ESP Async WebServer
- Async TCP Library
You'll also have to the WiFi credentials.
On some devices or operating systems like Windows, you can easily see broadcasting SSDP devices on your network from your file manager.
SSDP devices
If you're running Linux, you can scan for SSDP devices by installing gUPnP:
sudo apt install gupnp-tools
and running
gssdp-discover -i wlan0 --timeout=3