Sunday, April 10, 2011

Wifon 2.0

Wifon is back! Smaller and better!

Here's an upgraded version of my "Handheld Fonera pentesting device".
This time I was working alone, so I don't have anyone to blame for the outcome. :P
Wifon 2.0

New features:
- Color 320x240 LCD screen with touch panel
- Fast STM32 microcontroller for a more advanced user interface
- Smaller custom case - 150 mm x 100 mm x 28 mm
- External battery pack


Hardware:

Case opened
This time the construction is much simpler, with almost no custom parts.
I'm still using the La Fonera router, but this time with a much better screen and uC - the MINI-STM32 devkit I've posted about earlier.
There are no buttons, everything is controlled by the touch panel.

The screen and micro are powered from the 3.3V supplied by the fonera's linear voltage regulator.
This isn't very efficient, but makes the construction much simpler - all you have to do is connect the UART and power pins from the fonera to the micro.
Everything is powered through the fonera's power socket - accepting 5V nominally.
I built a lithium battery pack supplying 5V  using a 4xAA holder and a switching voltage regulator from wifon 1, it can be attached to the back of the device to make it portable.

Battery pack inside
I've tried adding an SD card to the fonera for additional storage (http://deve.loping.net/files/fon_mmc/), but it's too slow to be of any use.

Software:

The firmware on the microcontroller uses ChibiOS/RT real time operating system, which allows for multitasking and made the whole project a lot easier.
The user interface is controlled entirely by the uC, which makes it much more responsive - it's not slowed down by apps running on the router.

Just like in wifon 1, a set of Ruby/shell scrpits for communicating with the display run on the fonera's serial terminal, but I had to write them from scratch because of the different approach to the user interface.

I'm using the Jasager firmware for the fonera (http://www.digininja.org/jasager/index.php) to be able to demonstrate the Karma attack.

So far I've only managed to implement some simple apps demonstrating that the device works - displaying wifi status and a couple of attacks using mdk3. Doing everything alone is harder than I thought! :P
I hope to add more software in the future.

Main screen with a graph displaying WiFi interface usage
Unfortunately, hardware limits of the fonera are showing - running too many apps at once makes the device run out of RAM and restart. I have to consider doing the RAM upgrade mod...


Sources:
https://sites.google.com/site/emeryth/files/wifon2_source.zip