Password Encryption - AT Command (AT+CWJAP)
Posted: Thu Jun 06, 2024 10:30 am
I am working on a project that includes an STM32 microcontroller, an ESP32 module, and other components. The application code scans for available Wi-Fi networks and prompts for the SSID and password to connect to a network. The password is collected and then sent to the ESP32 module via AT commands to initiate the connection. The issue is that the Wi-Fi credentials are not secure. If someone probes the UART pins, the data over UART will be transparent, allowing anyone to extract the password.
To solve this problem, I have tried multiple approaches. I have successfully built the ESP-AT firmware (https://github.com/espressif/esp-at) and flashed it onto the module. My approach was to locate the password string or the AT+CWJAP command within the code so I could modify these strings for testing if the password can be encrypted. However, I was unable to find any AT commands in the code, as they seem to be part of the ESP-AT core, which is not accessible to users. It appears some of the information may be transmitted over-the-air.
Alternate approaches I have tried include:
Intercepting the AT commands over UART and accessing the buffers that hold Wi-Fi credentials, which I was unable to locate.
Using custom AT commands to override the AT+CWJAP command, allowing me to access and encrypt the command parameters before sending them to the module, and decrypt them at the other end. I was unsuccessful in passing a custom command.
If a solution to this problem has been found or if there are any suggestions on the approaches I have tried, I would greatly appreciate any advice. Thank you.
Kind regards,
To solve this problem, I have tried multiple approaches. I have successfully built the ESP-AT firmware (https://github.com/espressif/esp-at) and flashed it onto the module. My approach was to locate the password string or the AT+CWJAP command within the code so I could modify these strings for testing if the password can be encrypted. However, I was unable to find any AT commands in the code, as they seem to be part of the ESP-AT core, which is not accessible to users. It appears some of the information may be transmitted over-the-air.
Alternate approaches I have tried include:
Intercepting the AT commands over UART and accessing the buffers that hold Wi-Fi credentials, which I was unable to locate.
Using custom AT commands to override the AT+CWJAP command, allowing me to access and encrypt the command parameters before sending them to the module, and decrypt them at the other end. I was unsuccessful in passing a custom command.
If a solution to this problem has been found or if there are any suggestions on the approaches I have tried, I would greatly appreciate any advice. Thank you.
Kind regards,