Hi, friends I noticed some unrecognized devices connecting to my wifi hotspot lately, sometimes my wifi router and other times my phone's hot spot.
So I thought we could host a program that deploys reverse shells onto every connected hot spot device as a trap to identify who it is. is this possible?
I want to try it first on ESP32
What happens when you change the WiFi passwords?
This is not an Arduino Installation and Troubleshooting problem.
first of all sorry, I could not find a relevant category.
When I change the passwords, for about a week it's quiet but after that again I see these unrecognized devices logging in. I guess they are cracking the password. So I wanted to set a trap for them.
Once you detect them, what is the plan? How would you even establish their identity? Doesn't a "reverse shell" depend on a system login?
Fair point, I'm hoping that on connect I can set a trigger to push a file or a data packet dressed as internet traffic onto every connected device. This can contain Netcat and deploy it.
I just wish I knew how to do it
There are certainly example sketches to set up an access point. Just use one, set the wifi login password to "1234" or "password". Or you could "dress up" an open connection to emulate a naive user or restaurant system. e.g. "joes-cumputer", "Maxwell's Demonic Coffees" or something.
But the thing you are talking about now, is not your original question. So you need to ask elsewhere, as methods of "hacking a hacker" are beyond the scope of this forum.
Do you have working experience with "reverse shells" or is it just a phrase you've read and wonder if it is something you might be able to use? Have you done any research on the topic?
Why do you care? If you have a decent password, the black hats won't be able to get in any time soon. Not since WEP died.
Consider upgrading to a most secure encryption option offered by your router. If WPA3 is not offered, a new router would.
Offense is more difficult than defense.
Yeah, I would say, attempting to crack the password. They are likely depending on social engineering, e.g. the fact that a lot of people use feeble combinations of street address and names that can be guessed or hunted down.
I once impressed some fellow employees on a night watch, by providing wifi to everyone via an adjacent restaurant, the password was the name of the restaurant. 
I would think repeatedly cracking your password.....
What brand / model router do you have?
What’s your password? 
The password is "password".
Pffft. I have them completely fooled - "drowssap".
In all seriousness, the wifi password where I last lived, was "password" followed by the street number. 
Not my doing...
Your topic has been moved to a more suitable location on the forum as this is not a question related to the IDE.
Years ago, the company that I worked for started enforcing strong paswords; min. length 8 characters with at least one uppercase, one lowercase, one special character (e.g. exclamation mark) and one digit. Allowed alternative was a password with a minimum of 15 characters.
Nearly
It's passwordX followed by the alt-code for backspace. Not many people will have the backspace literally in their password 
I used to have a password like that in those days.
So, this subject begs the question:
How many people do you know that have their broadband router on the window sill with the back facing outwards..
I am sure most of you know that the passwords are usually on the back of the router.
Chris
That's not the case man, a router will have at least 25 meters range . There is about -75 dBm to use it.
Guys can anyone tell me how to make this bait trap work, the moment they log in to my router drop a payload to all connected devices with RAT. After that, you get the picture.
21 days later, and you still have not given up on your ill-advised idea?