WiFi Deauth Demonstration

The DSTIKE Deauther Watch V2 provides a great tool to demonstrate some of the weaknesses of WPA2 protocol but due to the ESP8266 chipset the testing is limited to the 2.4Ghz band.

This watch can demonstrate the deauth weakness as well as flooding beacon packets. The beacon attack has two modes, first it cludders the wifi networks with upto 600 random wifi SSIDs and second can clone a real SSID then present that same SSID 600 times making it impossible to find the real wireless network.

Security concerns are the watch will broadcast a default SSID of "pwned" with the passphrase "deauther", once connected you can access a web interface at 192.168.4.1 which gives you full control over the watch and its functions. Its a must to change the default SSID and passphrase to avoid countermeasures.

Remediation suggestions are to use WPA3, monitor for deauth. Switching to 5Ghz will help avoid the ESP chipset attacks.

Upgrading the watch on OSX was straight forward: Download CP210x USB drivers https://www.silabs.com/developers/usb-to-uart-bridge-vcp-drivers Download latest bin file from https://github.com/SpacehuhnTech/esp8266_deauther I used this one, not the v2 esp8266_deauther_2.6.1_DSTIKE_DEAUTHER_WATCH.bin Install the ESPTool https://github.com/espressif/esptool Identify the com port: ls /dev/tty.usb* Command used: python -m esptool -p /dev/tty.usbserial-0001 write_flash 0x0000 esp8266_deauther_2.6.1_DSTIKE_DEAUTHER_WATCH.bin

References: https://dstike.com/products/dstike-deauther-watch-v2 https://github.com/SpacehuhnTech/esp8266_deauther https://www.banggood.com/DSTIKE-Red-or-Black-Deauther-Wristband-or-Deauther-Watch-NodeMCU-ESP8266-Programmable-WiFi-Development-Board-p-1561694.html