Pwnagotchi – The Open Source WiFi Hand Shake Hacker

2 minute read
October 13, 2020
Featured image for “Pwnagotchi – The Open Source WiFi Hand Shake Hacker”

… a what now?

Pwagotchi is essentially an A2C-based AI, powered by bettercap. The project runs on a Raspberry Pi Zero W.

So, what does it do?

Great question! Pwnagotchi learns from surrounding WiFi environments in order to maximise the crackable WPA key material that it captures. There’s two methods that it uses to do this:

  • Passive Sniffing
  • Deauthentication and association attacks
Ameen, Haitham & Shahidan, Mohd & Mohammed, Haydar. (2015). An Automated Approach to Detect Deauthentication and Disassociation Dos Attacks on Wireless 802.11 Networks. 

These attacks kick the devices off the network and store the reconnection attempt from that device as it attempts to establish again.

This reconnection attempt is stored on disk as a PCAP file which can then be analysed at your earliest convenience using Wireshark, Hashcat, etc.

Why though?

The Pwnagotchi is an amazing tool to teach people wireless security and it’s a fun little project to do if you enjoy this sort of thing! (And it’s kinda cute!)

Pwnagotchi also have a “PwnMAP”, which is essentially a live data feed from all Pwnagotchis in the world about their stats! Cool, huh? This is an optional feature though, so you can choose not to send your data too them.

Can I make it myself?

Yes! It’s so cheap to do too. What do you need?

  • Pi Zero W With Headers ($14)
  • 32GB Micro SD Card ($8)
  • a USB 2.0 A-Male to Micro B Cable

Optional Extras:

  • An eInk/EPD screen. I recommend the Inky pHAT ($25).
  • USB Battery Pack (if you wish to make it portable!)
  • Case

Cool, I’ve got the kit but no idea….

Watch this helpful tutorial from HackedExistance about how to set this project up!

Pwnagotchi - Pwn all the wifi

Still have some questions?

Pwnagotchi have an awesome FAQ on their website along with everything you need to know!

Happy Pwning guys!

Remember to get permission if you use this on a network that isn’t yours!