PwnPower is an open source firmware designed and built for generic smart plugs, transforming everyday IoT devices into powerful network security research tools. This firmware is designed to demonstrate the importance of hardware security by showcasing how easily accessible smart home devices can be repurposed for WiFi network analysis and penetration testing.
Built using ESP-IDF specifically for the ESP32C3 chip, PwnPower is a simple yet effective scanner with deauthentication and in-memory handshake capture capabilities. The firmware is designed to be implanted within generic smart plugs, making it a stealthy platform for authorized security research and testing.
Key Features
PwnPower v1.0 includes a suite of basic WiFi security testing tools accessible through an intuitive web interface. The firmware features deauthentication and disassociation attacks, passive handshake capture with EAPOL detection, and general 802.11 capture capabilities with in-memory PCAP export functionality. It also includes firmware upload support through the web interface for easy updates and simple smart-plug GPIO control endpoints.
WiFi Recon
The WiFi Recon section provides real-time network scanning and analysis capabilities. Users can monitor nearby access points, track client stations, and analyze network traffic patterns through a clean, responsive web interface. The system captures essential network metrics including channel information and encryption types.
Security and Responsible Use
This project serves as a demonstration of why hardware security matters. By showing how easily a common smart plug can be transformed into a sophisticated security research tool, we hope to encourage both manufacturers and consumers to take hardware security more seriously.
For more information about the firmware, visit the open source repository on GitHub.