Next up in the series of v2.0.0 alpha releases is version alpha.4. It comes with several new features and a ton of
improvements based on feedback from users.
Let’s take a look at the updates and changes!
Changelog
- New Feature: WiFi 6E support
- New Feature: Channel list configuration template generator
- New Feature: WiFi deauthentication and disassociation overview
- New Feature: Custom WiFi bandits
- New Feature: Configurable signal track detector parameters
- Netlink kernel IPC communication improvements and stability
- MFA TOTP setup screen now also offering TOTP URL for devices that can’t take photos of their own screen
- Re-organization of navigation structure for organization events and actions
- Plugin POMs now available on Maven Central: Everyone is now able to build
nzyme-nodefrom source - Several bugfixes and smaller improvements
New Feature: WiFi 6E support
WiFi 6E is a new standard that is starting to become more prominent. Our initial expectation was that this should be an easy change because nzyme doesn’t really care about the frequencies in use, as long as the WiFi adapter supports them.
It turns out that we were very wrong: Frequencies on the 6 GHz spectrum re-use channel numbers. For example, Channel 13 can now mean a frequency of 6015 MHz on the 6 GHZ band or 2472 MHz on the 2.4 GHz band. On top of that, the lists of channels supported are now so long that our Netlink kernel IPC communication logic broke.
This ended up being a ton of effort, but now we support WiFi 6E. The list of known to be well-supported WiFi adapters is already updated with some WiFi 6E devices that work great.
New Feature: Channel list configuration template generator
The nzyme-tap binary now has a new flag -g/--generate-channels that prints out a configuration template with all
channels supported by your WiFi adapters automatically inserted. This makes the process of configuring channel hopping
much easier because you don’t have to copy supported channel numbers from iw output anymore.
New Feature: WiFi deauthentication and disassociation overview
Deauthentication attacks are often part of large malicious WiFi campaigns. Nzyme is now collecting and analyzing deauthentication as well as disassociation frames.
For now, the web interface only offers a simple overview of how many frames were observed. The coming alpha releases are adding intelligent detection and analysis methods.
Checkout this GitHub issue to see what the current plans are.
New Feature: Custom WiFi bandits
The previous alpha release re-introduced WiFi bandits: Known fingerprinted attack platforms that are immediately detected they moment they come into range of your taps.
This release adds the option to add your own bandits. You can create as many bandits with as many fingerprints as you wish.
New Feature: Configurable signal track detector parameters
The WiFi signal track detection is a powerful and really hard to evade detection method of nzyme. The standard parameters used to isolate single signal tracks based on RF characteristics do often work, but are sometimes either missing a track or creating multiple tracks for a single signal source, leading to false positives or missed alerts.
You can now configure the parameters for each BSSID/SSID/Channel/Tap combination to work around such situations.
Netlink IPC kernel communication improvements and stability
Nzyme talks to WiFi adapters through direct Netlink IPC communication with the Linux kernel. We discovered a few issues that have been fixed now.
Please give this release a try if you had issues with crashes related to kernel communication.
Download & Upgrading
All packages are available for download on the downloads page. Upgrading is easy. Please follow the release notes on the downloads page.
New installations should follow the installation documentation.
How can I help?
You are some of the first users to try out nzyme v2.0.0, and we are looking for any kind of feedback:
- What didn’t work, what bugs did you experience?
- What was confusing or seemingly unnecessarily complex?
- What is missing?
- What do you think should be changed?
Again, this is an early release and no feelings will be hurt.
You can file issues on GitHub, join the nzyme Discord or post in the discussion forums to provide your feedback or ask questions.
