Hello Community, Staff: If i'm not in right section sorry and could you move it please
Just few words about wi-fi ....
Smartphones, tablets, laptops, raspberry pi's,arduino's,consoles, etc ..., many devices around us emit wifi.
But when we analyze datas (frames) issued by all these devices, we realize that they are constantly seeking the access points(ISP box) on which they were connected, this is what the we call "Probe Requests".
If you have already connected to the wifi of a mcdonald,a supermarket or in a friend's home, you will notice that each time you are near a network to which you have already been connected, and that your wifi is activated, your device will automatically connect to it without asking for a security key again.
The probe requests issued by your device are automatically recognized by the access point, so you are automatically connected!
Interesting so far ... and ??
And if we could get all its probe requests in real time, classify them by mac address, identify the device that emits them and even observe the power of the device to get an idea of the distance to which it is located from ourself..
and all with a device holding in your pocket !!
It would be great indeed ...
We could know which device connected to where, so we would have crucial information about our target, such as where she lives, what other places she connected to (hotel, coffee-shop,etc ..) and all with a lightning precision up to its exact address with a live view with street view! Prerequisites:
1 Android device / Smartphone or tablet An internet connection: 3G / 4G or WiFi 1 Micro-USB cable
1 OTG adapter
Wifi of device you want to track must be activated.
For these investigations i built 2 android apps.
Respectively called "AP Sniffer" and "AP Tracker".
Where "AP" is Access Point.
We need also a piece of cheap hardware to get the job done,a NodeMCU v3.0 module is your guy!
Some arduino code to sniff and display results with AP Sniffer app.
We need to connect our module with an OTG adapter as in the following image:
Once plugged in,we launch the AP Sniffer app.
As soon as the connection is made with your module this one will immediately sniff all the devices around you, identify them in real time thanks to their addresses mac (Apple, Samsung, etc ..), determine the power of the signal emitted and especially what are all the access points to which they have already been connected!
Let's see this in detail: RSSI: Power of the signal emitted by the devices around you.
Measuring in dBm, the more you climb to the -90 plus the device in question is far.
Conversely, the lower you get to -50 dBm, the closer the device will be to you. To give you an idea, if the box of your home is in the room next to where you are, you will average -60 dBm.
The dBm is an abbreviation of the power ratio in decibels (dB) between the measured power and a milliwatt (mW). DEVICES: You guessed it, these are the devices that surround us.
Note that sometimes there may be some latency to appear devices, because the module must first wait for the probe requests so that the application can make a lookup in a text file internally.
An up-to-date list of more than 23,000 manufacturers to determine which mac address matches which manufacturer.
Also note that some devices issue probe requests every X minutes depending on the model ...
Sometimes it can take several minutes to get all the probe requests around you! Each device is different!!
You must also take into account the limit of the wifi antenna of your module!
If we gain in discretion by the size of the module, we lose in signal range, do not expect to recover all the probe requests of a whole street without moving, be realistic! ACCESS POINTS: As its name implies, it is all access points to which all devices have already connected at least once.
These famous probe requests transformed here into mac addresses!
You can see how easy it is to see all the requests made by the devices around us.
It's fine but what we do with these mac addresses ??
How do I know where the guy lives with his samsung near me ??
All sweet we come.
Now you know which device you want to track, you just have to open our second app AP Tracker.
Once started you just have to type the chosen mac address and press Track!
I let you observe the impressive result!
Now you know the exact address from where this device were connected at least one time!
In addition you will have a live view with street view API and GPS coordinates!
You are able to track all the probe requests of all the devices that your module will have sniffed ... you now understand the dangers...
We reach the end of this story,hoping it will be useful for your own security.