International Journal of Pure and Applied Mathematics

Volume 118 No. 22 2018, 871-878

ISSN: 1314-3395 (on-line version)
url: http://acadpubl.eu/hub
Special Issue
ijpam.eu

WI-FI JAMMING USING RASPBERRY PI

1
Chithambarathanu.M , 2Chellappa.K, 3DeepanVijay.V
1
Assistant Professor, 2,3UG Scholar
1,2,3
Department of Computer Science of Engineering,
Rajalakshmi Engineering College, Thandalam, Chennai, Tamilnadu, India.
1
chithambarathanu.m@rajalakshmi.edu.in,2kannabiranchellappa@gmail.com,
3
deepanvijayv@gmail.com.

Abstract: The idea of this project is to turn a sensed or controlled remotely across existing network
Raspberry Pi2 into a Wireless network attack tool. This infrastructure, creating opportunities for more direct
continuously jam all Wi-Fi clients and access points integration of the physical world into computer-based
within range. To jam the network this first identifies systems, and resulting in improved efficiency, accuracy
the most powerful wireless interface and starts to and economic benefit in addition to reduced human
identify the access points (APs) and the clients intervention. Experts estimate that the IOT will consist
connected to those APs by sequential hopping of of about 30 billion objects by 2020. It is also estimated
channels. The network gets intervened by sending that the global market value of IOT will reach $7.1
deauth packets to clients for targeted jamming. This trillion by 2020.
can also be the access point's MAC so all clients
associated with that AP would be deauthenticated and 2. Block Diagram of Raspberry Pi
effective access point saturation can be achieved. The
Raspberry Pi is an open hardware, the system on a chip
(SoC) runs many of the main components of the board–
CPU, graphics, memory, the USB controller etc. The
raspberry pi projects are open and can be modified.

1. Introduction

As mentioned earlier in the abstract the main purpose

of this project is to jam the available IEEE 802.11
standard wireless networks using raspberry pi. The
Raspberry Pi is a series of small single-board
computers developed in the United Kingdom by the
Raspberry Pi Foundation to promote the teaching of
basic computer science in schools and in developing
countries. TRAI (Telecom Regulatory Authority of
India) is taking steps to combat terrorism by securing
Wi-Fi networks. This project aims to be a low cost Wi-
Fi jammer. The Internet of Things (IOT) is a system of
interrelated computing devices, mechanical and digital
machines, objects, animals or people that are provided
with unique identifiers and the ability to transfer data Figure 1. Block Diagram of Raspberry Pi
over a network without requiring human-to-human or
human-to-computer interaction. The Internet of things 3. Applications
(IOT) is the network of physical devices, vehicles,
home appliances and other items embedded with Since the raspberry pi is small and highly portable it
electronics, software, sensors, actuators, and network can be used at any remote places. Some of the
connectivity which enables these objects to connect applications of the Wi-Fi jammer are,
and exchange data. The IOT allows objects to be

871
International Journal of Pure and Applied Mathematics Special Issue

• Law Enforcements: Jamming devices were originally Download an ip scanner like ‘Angry ip scanner' to
developed for law enforcement and the military to identify the ip address of the pi board. In the ip scanner
interrupt communications by criminals and terrorists. enter the range of ip address for it to scan
• This can be used in any hostage situations to prevent (Eg:192.167.132.1 to 192.167.132.255).After
communications of terrorists and protection against identifying the ip address of the pi board, download
bomb blasts using open wireless networks can be done. vnc viewer. Enter the ip address in vnc viewer and
• Institutions can use this jammer to control the access the pi board. The raspberry pi has a dedicated
devices that connect to their wireless network. memory slot. Insert a memory card in the pi board
containing the raspberrian operating system and the
4. Architecture Diagrams needed python code.

Figure 2. Deauthenticate Clients From Access Points

Figure 4. Finding The IP of Raspberry Pi

6. Flooding the Client

This jammer can be used for targeted jamming. For this

the jammer identifies the client and then starts to flood
it with deauth packets which causes Wi-Fi clients to
stop using an access point and attempt to reauthenticate
themselves. Hence the client is never allowed to pass
any data because they will always be tied up with
Figure 3. Flooding With Packets And Targeted authentication phase. In 802.11 authentication is the
Jamming first step in network attachment.802.11 authentication
requires a mobile device (station) to establish its
5. Setting Up of Raspberry Pi identity with an Access Point (AP) or broadband
wireless router. No data encryption or security is
Connect the raspberry pi to the system using ethernet available at this stage. This will find the most powerful
cable. The raspberry pi is powered via a dedicated type wireless interface and turn on monitor mode. If a
B charging port. USB cable (type B) can also be used monitor mode interface is already up it will use the first
to connect the system and the pi board for powering the one it finds instead. It will then start sequentially
raspberry pi. After observing the green and red lights in hopping channels 1 per second from channel 1 to 11
the pi board and the Ethernet light in the system. Open identifying all access points and clients connected to
command prompt. Type 'ipconfig' in the command those access points. On the first pass through all the
prompt and note down the ipv4 address of the Ethernet. wireless channels it is only identifying targets. After

872
International Journal of Pure and Applied Mathematics Special Issue

that the 1sec per channel time limit is eliminated and MAC here to target that one client and any other
channels are hopped as soon as the deauth packets devices that communicate with it.
finish sending. Note that it will still add clients and
APs as it finds them after the first pass through.

Signal Description Range

Strength
Maximum achievable
-30 dBm signal strength. Amazing
Minimum signal
strength for Very Good
-67 dBm applications that require
very reliable
Minimum signal
-70 strength for very Okay
dBm reliable packet delivery
Minimum signal
-80 dBm strength for basic Not Good
connectivity
Approaching or Figure 5. Access Points
-90 dBm drowning in the noise Unusable
floor 8. Working

Table 1. Signal Strength of Wi-Fi This will find the most powerful wireless interface and
turn on monitor mode. If a monitor mode interface is
7. Access Points already up it will use the first one it finds instead. It
will then start sequentially hopping channels 1 per
An access point is a device, such as a wireless router, second from channel 1 to 11 identifying all access
that allows wireless devices to connect to a network. points and clients connected to those access points. On
Most access points have built-in routers, while others the first pass through all the wireless channels it is only
must be connected to a router in order to provide identifying targets. After that the 1 second per channel
network access. An access point connects to a wired time limit is eliminated and channels are hopped as
router, switch, or hub via an Ethernet cable, and soon as the deauth packets finish sending. Upon
projects a Wi-Fi signal to a designated area. The AP hopping to a new channel it will identify targets that
usually connects to a router (via a wired network) as a are on that channel and send 1 deauth packet to the
standalone device, but it can also be an integral client from the AP, 1 deauth to the AP from the client,
component of the router itself. An AP is differentiated and 1 deauth to the AP destined for the broadcast
from a hotspot, which is the physical location where address to deauth all clients connected to the AP.
Wi-Fi access to a WLAN is available. Hopping to a targeted jamming is used to deauth a particular client
channel it will identify targets that are on that channel from an access point.to deauthenticate all the clients
and send 1 deauth packet to the client from the AP, 1 from an access point it becomes the MAC of that AP
deauth to the AP from the client, and 1 deauth to the and hence all the clients are deauthenticated. We can
AP destined for the broadcast address to deauth all also set a max number of client/AP combos that the
clients connected to the AP.This would mainly be an script will attempt to deauth. When the max number is
access point's MAC so all clients associated with that reached, it clears and repopulates its list based on what
AP would be deauthenticated. Upon hopping to a new traffic it sniffs in the area. This allows you to
channel it will identify targets that are on that channel constantly update the deauth list with client/AP
and send 1 deauth packet to the client from the AP, 1 combos who have the strongest signal in case you were
deauth to the AP from the client, and 1 deauth to the not stationary. We can also set a max and not have the
AP destined for the broadcast address to deauth all deauth list clear itself when the max is hit.If it is used
clients connected to the AP. Many APs ignore deauths in an organisation it shows all the available hotspot
to broadcast addresses. This would mainly be an access which is not in a frequency range of your mobile, so
point's MAC so all clients associated with that AP the frequency range is higher than the mobile phones,
would be deauthenticated, but you can also put a client thus it is one of the finest way of jamming a wifi.

873
International Journal of Pure and Applied Mathematics Special Issue

development and/or packaging, it may be of use to

specify a path that is dynamic in nature. The
environment variable ‘aircrack_libexec_path’may be
used to specify the location of the SIMD-optimized
binaries.

Figure 6. Deauthenticate All The Clients

9. Outline of Raspberry Pi
Figure 8. WPA Wordlist Mode

11. Finding the Password

This aircrack will help in installing the needed

packages in the system to find the password. It can be
done only using kali Linux. Once the kali linux is
installed, the air crack packages are installed through
which the password is found. Then the dictionary file
is downloaded to find the combinations of the
password. With the help of the packages we installed
we get the outlayer of the password and with the help
of the dictionary file the password is found. Here the
finding of password may take more time to generate the
correct password. This time taken is based the strength
Figure 7. Outline of Raspberry Pi of the password. For the process of finding the
password, that is downloading the packages, the pi
10. Installing Aircrack board 3 is needed with the latest version of wifi adapter

Aircrack-ng is an 802.11 WEP and WPA-PSK keys

cracking program that can recover keys once enough
data packets have been captured. It implements the
standard FMS attack along with some optimizations
like KoreK attacks, as well as the all-new PTW attack,
thus making the attack much faster compared to other
WEP cracking tools. It can attack WPA1/2 networks
with some advanced methods or simply by brute force.
It can also fully use a multiprocessor system to its full
power in order to speed up the cracking process. To
build aircrack-ng, the Auto tools build system is
utilized. Auto tools replaces the older method of
Figure 9. WEP Cracking
compilation. Automatic detection of CPU optimization
is done at run time. This behaviour is desirable when
12. Nodogsplash
packaging Aircrack-ng (for a Linux or other
distribution.)Also, in some cases it may be desired to
We can use nodogsplash to provide a free hotspot (Wi-
provide your own flags completely and not having the
Fi).This provides restricted access to an internet
suite auto-detect a number of optimizations. Typically,
connection. This also provides secured local Wi-Fi and
the full path that is compiled in to the aircrack-
shares a portion of our bandwidth as a free hotspot. We
ng binary is /usr/libexec/aircrack-ng. However, during

874
International Journal of Pure and Applied Mathematics Special Issue

can use the splash page of nodogsplash for

advertisement. The hotspot provided by the
nodogsplash is separate and isolated from the available
local network.

13. Using splash page for acknowledgement and

advertisement

In our project the raspberry pi board is configured to Figure 12. Bandwidth Control
host a local network. Nodogsplash is hosted in
raspberry pi to handle PHP and HTML for 16. Firewall
advertisement purposes. Since raspberry pi consists of
several ports, one such port is configured to send Nodogsplash uses iptables to handle, mark, monitor the
acknowledgment and advertisement to the devices that packets that it sends we have to turn off the built-in
connect to this network. firewall.

17. Restricting Access to Domain’

Since we are hosting a local network we can restrict the

domains that the devices connected. Using the netfilter
command we can restrict the access of particular ip
address. For example, we can redirect the devices
connected to the network to the nodogsplash server.

Figure 10. HTML of NODOGSPLASH Figure 13. Restricting Access to Domain

14. Customizing the splash page 18. Restricting access to dns vpns

The splash page can be customized according to the The default config opens tcp and udp port 53 without a
network provider’s need. Images can be included to the redirecting it to a DNS. These ports can be used by any
splash page externally using .css file. We should add a VPN software and exploit it. We can limit it by
link for authentication somewhere in splash.html. changing them.

Figure 14. Restricting Access to DNS VPN

Figure 11. Customizing Splash Page
19. Working on nodogsplash
15. Bandwidth control
Nodogsplash can provide controlled and reasonably
Since this provides a portion of its bandwidth as secure public access to an internet connection. But we
hotspot, we can control its bandwidth such as do not need the complexity of maintaining user account
download limit and upload limit according to the names and passwords in a separate database-backed
provider’s preference. authentication server. For this we can give some
acknowledgement of service that is being provide.
When the nodogsplash is installed and running it

875
International Journal of Pure and Applied Mathematics Special Issue

implements a simple authentication protocol. First it 22. Raspberry Pi Captive Portal

detects any device or user attempting to use the local
internet that is being provided by the raspberry pi A captive portal is a screen that is initially shown to the
board. It captures the request and serves back a ‘splash user who is connected to our Wi-Fi access points.
‘web page using its own built-in web server. The Before the user begins to utilize they will need to
splash page gives limited access to the user via your complete a specific action, until that they will be
connection. This all begins by redirecting the user to continuously greeted by the captive portal. The
the originally requested page. The access to the user provider of the network can edit the captive portal to
expires after a certain time interval. If the provider do display whatever they need, which can be anything
not want to grant all of the available upload or from displaying provider’s rules for accessing the Wi-
download bandwidth, nodogsplash can be used to limit Fi access points to advertising their products to the
the bandwidth available. Features of nodogsplash are devices connected to the Wi-Fi access points
configurable such as the splash page that is being
displayed to the user can be edited. 23. Setting up Captive Portal

20. Packet filtering The raspberry pi should be running up to date software

before we setup captive portal. To do this we can run
Nodogsplash not only offers the provider to host their the following two lines on our raspberry pi‘s terminal.
own local network, they can also make the network Now that the raspberry pi is updated, we can setup
fairly secure. Each packet is one of the kinds listed nodogsplash. Nodogsplash a light weight captive portal
below: solution that is easily setup and highly configurable. To
compile the nodogsplash in raspbian operating system
i. Blocked we need to install a package. Once the packet is
installed we can compile and install the software. Now
Nodogsplash contains a list of mac addresses named as that nodogsplash is installed we can make some
‘blockedmaclist’.If a packet matches one listed in that modification to the configuration file.
list it is dropped. Similarly it also contains a list
named ‘allowedmaclist’ and if a packet doesn’t match
one listed in this list it is dropped.

ii. Trusted

If the source mac address of the packets matches one

listed in the ‘trustedmaclist’, by default these packets
are accepted and routed to all destination addresses and
ports. If needed this behavior can be customized.

iii. Authenticated

If the packet’s ip and mac source addresses have gone

through the nodogsplash authentication process and has
not get expired, such packets are accepted and routed Figure 15. Setting Up Captive Portal
to a limited set of addresses and ports.
The above mentioned file is what we need to add the
21. Traffic Control information that is to be displayed in this splash page.
This basically tells what interface the nodogspalsh
Nodogsplash can also optionally implement basic software should show up on what address it should be
traffic control. This feature can be done by specifying listening on. To run the nodogsplash we need to enter
the maximum aggregate upload and download the following command in the terminal of our
bandwidth that can be taken by the devices connected raspberry pi. After running the above command if the
to the network. Nodogsplash implements this by user connects to the provider’s network they will be
enabling two intermediate queue line devices (IMQ), greeted by splash page. Similarly we can edit the
one for upload and one for download. Rules are splash page by modifying the file located at file
inserted in the router’s ip table PREROUTING and manager.
POSTROUTING tables to jump to these IMQ’s.

876
International Journal of Pure and Applied Mathematics Special Issue

[5] https://www.metageek.com/training/resources/w
ifi-signal-strength-basics.html
[6] https://pimylifeup.com/raspberry-pi-captive-
portal/
[7] https://wiki.openwrt.org/doc/howto/wireless.hot
spot
[8] T. Padmapriya and V. Saminadan, “Improving
Throughput for Downlink Multi user MIMO-LTE
Advanced Networks using SINR approximation and
Hierarchical CSI feedback”, International Journal of
Mobile Design Network and Innovation- Inderscience
Publisher, ISSN : 1744-2850 vol. 6, no.1, pp. 14-23,
May 2015.
[9] S.V.Manikanthan and D.Sugandhi
Figure 16. NODOGSPLASH “ Interference Alignment Techniques For Mimo
Multicell Based On Relay Interference Broadcast
24. Conclusion Channel ” International Journal of Emerging
Technology in Computer Science & Electronics
This Wi-Fi jammer is inexpensive and uses python (IJETCSE) ISSN: 0976-1353 Volume- 7 ,Issue 1 –
which is fairly easy to understand. In some situations MARCH 2014
jamming wireless networks can be viewed as illegal but [10] S.V. Manikanthan , T. Padmapriya “An
this project aims in legal intervention of networks and enhanced distributed evolved node-b architecture in 5G
in favour of law enforcements. tele-communications network” International Journal of
Engineering & Technology (UAE), Vol 7 Issues No
25. Future Enhancement (2.8) (2018) 248-254.March2018
Since this project is related to jamming it has a huge
scope of future enhancement. With the help of current
concept advertisement can be implemented. Another
future enhancement is that targeted jamming can be
done. If a user decides to register their profile in the
provider’s network, it can be done. Such registered
user can have internet access.

References

[1] https://en.wikipedia.org/wiki/Wi-
Fi_deauthentication_attack
[2] https://en.wikipedia.org/wiki/Network_packet
[3] http://blog.petrilopia.net/linux/raspberry-pi-
install-aircrackng-suite/
[4] https://tools.kali.org/wireless-attacks/aircrack-
ng
.

877
878