Jump to content

Search the Community

Showing results for tags 'investigator'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 2 results

  1. Hello Community, Staff: If i'm not in right section sorry and could you move it please Just few words about wi-fi .... Smartphones, tablets, laptops, raspberry pi's,arduino's,consoles, etc ..., many devices around us emit wifi. But when we analyze datas (frames) issued by all these devices, we realize that they are constantly seeking the access points(ISP box) on which they were connected, this is what the we call "Probe Requests". If you have already connected to the wifi of a mcdonald,a supermarket or in a friend's home, you will notice that each time you are near a network to which you have already been connected, and that your wifi is activated, your device will automatically connect to it without asking for a security key again. The probe requests issued by your device are automatically recognized by the access point, so you are automatically connected! Interesting so far ... and ?? And if we could get all its probe requests in real time, classify them by mac address, identify the device that emits them and even observe the power of the device to get an idea of the distance to which it is located from ourself.. and all with a device holding in your pocket !! It would be great indeed ... We could know which device connected to where, so we would have crucial information about our target, such as where she lives, what other places she connected to (hotel, coffee-shop,etc ..) and all with a lightning precision up to its exact address with a live view with street view! Prerequisites: 1 Android device / Smartphone or tablet An internet connection: 3G / 4G or WiFi 1 Micro-USB cable 1 OTG adapter Wifi of device you want to track must be activated. THAT'S ALL! For these investigations i built 2 android apps. Respectively called "AP Sniffer" and "AP Tracker". Where "AP" is Access Point. We need also a piece of cheap hardware to get the job done,a NodeMCU v3.0 module is your guy! Some arduino code to sniff and display results with AP Sniffer app. We need to connect our module with an OTG adapter as in the following image: Once plugged in,we launch the AP Sniffer app. As soon as the connection is made with your module this one will immediately sniff all the devices around you, identify them in real time thanks to their addresses mac (Apple, Samsung, etc ..), determine the power of the signal emitted and especially what are all the access points to which they have already been connected! Let's see this in detail: RSSI: Power of the signal emitted by the devices around you. Measuring in dBm, the more you climb to the -90 plus the device in question is far. Conversely, the lower you get to -50 dBm, the closer the device will be to you. To give you an idea, if the box of your home is in the room next to where you are, you will average -60 dBm. The dBm is an abbreviation of the power ratio in decibels (dB) between the measured power and a milliwatt (mW). DEVICES: You guessed it, these are the devices that surround us. Note that sometimes there may be some latency to appear devices, because the module must first wait for the probe requests so that the application can make a lookup in a text file internally. An up-to-date list of more than 23,000 manufacturers to determine which mac address matches which manufacturer. Also note that some devices issue probe requests every X minutes depending on the model ... Sometimes it can take several minutes to get all the probe requests around you! Each device is different!! You must also take into account the limit of the wifi antenna of your module! If we gain in discretion by the size of the module, we lose in signal range, do not expect to recover all the probe requests of a whole street without moving, be realistic! ACCESS POINTS: As its name implies, it is all access points to which all devices have already connected at least once. These famous probe requests transformed here into mac addresses! You can see how easy it is to see all the requests made by the devices around us. And ?? It's fine but what we do with these mac addresses ?? How do I know where the guy lives with his samsung near me ?? All sweet we come. Now you know which device you want to track, you just have to open our second app AP Tracker. Once started you just have to type the chosen mac address and press Track! I let you observe the impressive result! Now you know the exact address from where this device were connected at least one time! In addition you will have a live view with street view API and GPS coordinates! You are able to track all the probe requests of all the devices that your module will have sniffed ... you now understand the dangers... We reach the end of this story,hoping it will be useful for your own security. Cheers!
  2. Hi all, I was recently talking with someone regarding Private Investigator work, and the discussion included ways in which one could tell which direction a tailed vehicle/person had turned when you get to a junction and are not certain whether they turned left or right etc. This has given me an idea regarding using the Station MAC of their mobile phone to determine which direction they went. Kind of like a poor-mans GSM Directional Finder, but using the target's WiFi signal instead of the actual phone signal. I would like your thoughts on the following, whether you think this would be feasible, and possible best methods if it is. Minimum 2 x directional WiFi antennas in the PI vehicle, one facing forwards and left, one facing forwards and right. Beam widths set so that they are close to each other, but not actually crossing, at the front of the vehicle. A device (RPi / laptop) with both antennas connected. Both antennas in Monitor Mode, using airodump-ng to monitor nearby Station MACs. A script created on the device to read which antenna is picking up a Station MAC with a higher signal strength than the other, and then output this to a screen / phone. Now, presuming the PI is able to get the mobile phone Station MAC of the person being investigated (not massively difficult) and the target has their phone WiFi on (happens often), in theory this method could make following them easier, as even without obvious sight of the vehicle/person ahead, the PI could have at least a rough idea of which direction they are in, in relation to their current position. It could perhaps also be possible to add more antennas, such as in each corner of the vehicle. Would this work? I'm tempted to have a play. Thanks.
  • Create New...