“Hacking,” at least as the word is used by the general populace, covers a huge range of attacks. The only thing those really have in common is that they involve electronics in some way — and even that has an exception if you count social hacking. But for infosec experts at conferences like DEF CON, wireless hacking is often the most fun. You don’t have to have physical access to the device, and you can utilize a number of known WiFi exploits. For the Hacker Summercamp, El Kentaro decided to build a WiFi packet injector inside of a literal syringe.
This project was constructed mostly as a gag to take advantage of the play on words, but it’s still a real tool. It uses an ESP8266, so a number of different WiFi hacks are possible, but El Kentaro is using it for beacon flooding. Beacon flooding doesn’t give the attacker access to anything, but it does disrupt WiFi access for other people in the area. It works by rapidly creating a large number of fake wireless network SSIDs (Service Set Identifiers). In a black hat attack, the large number of networks can make it difficult for users to find a real network, and could potentially crash some systems. In this case, however, it’s just done for laughs to display song lyrics or whatever else the “attacker” wants.
To build the Packet Injector, El Kentaro used a large 150ml syringe, an Adafruit Feather HUZZAH ESP8266, an Adafruit NeoPixel Ring, an MPL3115A2 barometric pressure sensor, and a LiPo battery. The ESP8266 is running FakeBeacon8266 for the attack, and that code is triggered by the barometric sensor when the syringe’s plunger is depressed and the air pressure increases. The NeoPixel LED Ring is just there to add some nifty lighting effects. Those parts are mounted on a 3D-printed frame inside of the syringe to keep everything stable. It may be a novelty, but the Packet Injector would certainly get a laugh from most hackers.