Repository files navigation

WiFi Hash Purple Monster, store EAPOL & PMKID packets in an SD CARD using a M5STACK / ESP32 device.

90% of the code is based on the greatPacketMonitor32 from   and the port toM5Stack frommacsbug. It was a challenge to see if I could mimic the operation ofpwnagotchi in an ESP32 SoC.

When a wifi device connect to an AP with WPA2/PSK instead of sharing the wifi key they exchange 4 EAPOL messages, this method is known as the 4-way handshake, capturing these 4 packets is possible to guess the password using dictonary attacks or brute force attack, recentely there is a more efficent way to calculate the wifi key using just one PMKID packet.

Purple Hash Monster capture all the EAPOL / PMKID packets on the SD Card for further analysis.

Short press on first button will change enable incognito mode (Display and leds off) long press will enable the SD Card and all EAPOL / PMKID will be stored on the SD-Card.

Short press on the second button will change the display backlight brighness, long press will change the LED bars brightness.

Short press on the third button will change WiFi Channel, long press will enableAuto-Channel orSmart-Channel modes.

Auto-Channel hop between channels 1,6 and after 15 seconds.

Smart-Channel cover all the channels sequentially, but only hop if there is not new SSID, EAPOL or DEAUTHS after 15 seconds.

When a deauth packet is detected left LED bar will became red and for every EAPOL / PMKID detected right LED bar will became green, also de Purple Hash Monster behaviour will change depending on the WiFi trafic and packets detected.

Use Arduino IDE to compile it, tested with (ESP32 version 1.0.4) M5stack-fire.

Note: Cracking an WiFi password using brute force attack for a long WiFi password without GPUs or Cloud help, will be a nightmare but if the password is short or you know the key pattern it will be "easily" cracked.

Here you have a small guide for linux (Ubuntu) to crack the WiFi password using the files stored on the SD_Card of the Purple Hash Monster using your computer.

First we need to installhashcat

 sudo apt-get update sudo apt install hashcat

EAPOL/PMKID stored on the SD-Card arepcap files, we have to convert tohccapx format to work with hashcat. In terminal from the directory were we have thepcap file from the SD-CARD:

 wget https://raw.githubusercontent.com/hashcat/hashcat-utils/master/src/cap2hccapx.c gcc -o cap2hccapx cap2hccapx.c ./cap2hccapx 1.pcap 1.hccapx

For example if we know that the wifi password has a lenght of 8 digits we can run the following command, and in few seconds we will have the WiFi Password :)

 hashcat --force -m 2500 -a 3 -1 ?d -o cracked 1.hccapx ?1?1?1?1?1?1?1?1