DEFCON 33 RF Village Layer-2 Liberation: Weird & Wonderful Things Your AP Never Dreamed Of

Presented by Allan Riordan Boll Allan wrangles cloud infrastructure by day, and radio waves by night. An early SDR devotee from the sub-$20 RTL-SDR era, he can often be found between a hex editor and an FFT waterfall, tinkering with the invisible. "What if you bypass SSIDs, association handshakes, IP, and every ""normal"" layer of Wi-Fi, and just sling raw 802.11 frames? With Scapy and two USB WiFi adapters, I'll demonstrate four bite-sized hacks that treat Wi-Fi as a blank RF pipe. No access point required. Raw 802.11 File Drop: A wink to the fruit company's file-beam trick. Hurl a PDF into the airwaves and catch it on a friend's laptop. No pairing or IP required. Walkie-talkie: Embed a PCM audio stream in raw broadcast frames. No association needed. Meshtastic-over-Wi-Fi: Repackage the popular LoRa mesh-chat protocol into 802.11 frames for hop-to-hop messaging at Wi-Fi speeds. WiFiFS: A FUSE filesystem mapping RF traffic to files. You can cat, cp, or grep packets as they fly by. Each script is short enough to skim while your espresso shot pulls, light on dependencies, and leaves ordinary clients blissfully unaware of the mischief on channel 6. You'll walk away with working code, a new mental model of 802.11 as raw clay, and plenty of inspiration to craft your own oddball protocols. No access points, just DIY frame-level fun."