Pwnagotchi, the tamagotchi to hack WiFi networks


Surfing the net I came across a piece of news that caught my attention and that I would like to share with our readers. the first stable version of the Pwnagotchi project was recently released, which unfolds as a tool for hacking wireless networks.

The project Pwnagotchi differs from other projects with the same purpose from the part of its design, since Pwnagotchi is designed as an electronic pet that resembles the famous Tamagotchi. The main prototype of the device is based on the Raspberry Pi Zero W board, but it can also be used in other Raspberry Pi boards, as well as in any Linux environment that has a wireless adapter that supports operation in monitoring mode and management is done through an LCD screen or web interface. The project code is written in Python and distributed under the GPLv3 license.

About Pwnagotchi

pwnagotchi has a very particular mode of use as the user has to interact with it just as they would with a tamagotchi, since the pet must be fed with packages that are intercepted from the different wireless points in the stage of negotiating a new connection (the well-known handshake).

Otherwise, the device finds the wireless networks that are available and will try to intercept handshake sequences. Since the handshake is sent only when the client connects to the network, the device uses various methods to disconnect current connections and force users to reconnect to the network.

During the interception, a database of packages is accumulated, including hashes that can be used to select WPA keys.

The project stands out for the use of training methods compatible with AAC (Actor Advantage Critic) and an LSTM memory-based neural network, which were used to create bots to play computer games. The training model is carried out while the device is working, taking into account past experience to select the optimal strategy to attack wireless networks.

Through machine learning, Pwnagotchi dynamically selects intercept parameters of traffic and select the intensity of the forced termination of user sessions. Manual operation mode is also supported, in which the attack is performed.

The bettercap packet is used to intercept the types of traffic required to select WPA keys. Interception is carried out both in passive mode and with known types of attacks that force clients to forward PMKIDs to the network.

Intercepted packets covering all forms of hashcat-compliant handshakes are stored in PCAP files with one file computed for each wireless network.

By analogy with the Pwnagotchi, supports determination of other nearby devices and it is also optionally possible to participate in the construction of a general coverage map. To connect Pwnagotchi devices via WiFi, the Dot11 protocol is used. Nearby devices exchange received data on wireless networks and organize joint work, dividing channels for an attack.

Pwnagotchi functionality can be extended through plugins, in the form of functions such as automatic software update system, creation of backup copies, captured handshake packets to GPS coordinates, publication of data about hacked networks on,, wigle .net and PwnGRID, additional flags (memory consumption, temperature, etc.) and the implementation of dictionary password selection for intercepted handshakes.

How to get the image of Pwnagotchi?

Finally, for those who have a Raspberry Pi Zero, even a Raspberry 3 or 4 can get the system image by going to the following link.

The image can be recorded on your SD card with Etcher, which is a multiplatform tool. To know more details about the configuration and how to use it, you can do it this link.

The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published.



  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.