Bashny.Net
Your wi-fi will tell me where you live, where you work and where you are traveling
Bashny.Net
Many people know that your mobile devices are spreading information about their previous connections. Most of them have no clue.
Sample Wi-Fito connect to already known networks that don't report their presence, all your mobile devices send trial packs to find the known network. These packets can be intercepted when the phone is switched on, or when it is disconnected from the network. For this purpose, conventional instruments — airodump / tcpdump. Example:
# airodump-ng -w wifi-dump wlan0 # tcpdump -n-l -e-r Wi-Fi-dump.cap | grep 'Probe Request ([^)]' the Output contains the MAC address of the device and the network name. Example:
16:32:26.628209 BSSID:ff:ff:ff:ff:ff:ff DA:ff:ff:ff:ff:ff:ff SA:50:ea:d6:aa:bb:cc Probe Request (SUBWAY) [1.0 2.0 5.5 11.0 Mbit]That is, the device 50:ea:d6:aa:bb:cc checking whether the SUBWAY network within the availability.
Moscow vipina
Well, what's wrong?Well, they emit these packages with the names of the networks. Think.
Note that the majority of local networks a unique name. Of course, you will come across the common names like SUBWAY. But in many homes the network is called either the automatically generated names ProviderNameDEADBEEF or specified by users.
That is, a list of test packet contains approximately such names of networks:
home: ProviderNameXXXXX, StreetNameWifi, etc.
workers: Company, CompanyCity, etc.
adaline: standard
hotels: different unique names, except for network hotels
So what if you suddenly grab a trial pack with the name of the network FooProvider123456, BlahProviderABCDEF, ACME-Fooville, CafeAwesome? Of course, you can guess what the person is the provider and where he eats. But it's just names. No BSSID, coordinates and other things. Well. But not very much.
Because there is light at WiGLE!WiGLE (abbreviation "engine to record information about wireless networks") is a service running under the motto "All the networks, which find people." Most of the urban networks do can be found in this service. Moreover, you are interested in network you can find by searching by their name. So you will receive information about the networks by their names.
Network in the area of the Kremlin
[note. transl.] Large scale networks the location on the map displayed only to registered users.
You can make some assumptions. For example, if Wigle returns more than 3-4 networks with the same name, it is likely some standard networks that can be ignored... Unless one of them are not close to the unique that we found. You can filter the networks that were not visible more than a year. Unless they are unique and does not move in time, otherwise it would mean that the access point was moved.
Information gatheringWhat information we can gather on the basis of the list of networks? Look at the map, which was created in automatic mode from the search results Wigle. They were downloaded with the library wiggle and mapped:
Green I have outlined the encrypted network, red – open. Blue – unknown. Each marker has actually shown in some certain building. We can immediately understand that the person most likely lives and works on the East coast of the United States (multiple markers), flying to Japan (the token is encrypted corporate network) and the rest in Thailand (the network names of the hotels), as well as travels around New Zealand (the network names of the campsites). From the name of a corporate network can be calculated.
Then you and social engineering, and search person and search of employees of company X... And MAC address you can find out the model and thus to find this man in the crowd.
Chief, what to do??On linux, you can configure networking wpa_supplicant and point scan_ssid=0. So it is set by default and this setting overrides sending the trial packets. On other systems – I don't know.
Of course, you can delete the saved network, or disable wi-fi when you don't need. But this is not the solution. You can call your home network a common name – but problems with the names of other networks that you use, it doesn't solve.published
Author: Vyacheslav Golovanov
P. S. And remember, only by changing their consumption — together we change the world! ©
Join us in Facebook , Vkontakte, Odnoklassniki
Source: habrahabr.ru/post/253335/
Sample Wi-Fito connect to already known networks that don't report their presence, all your mobile devices send trial packs to find the known network. These packets can be intercepted when the phone is switched on, or when it is disconnected from the network. For this purpose, conventional instruments — airodump / tcpdump. Example:
# airodump-ng -w wifi-dump wlan0 # tcpdump -n-l -e-r Wi-Fi-dump.cap | grep 'Probe Request ([^)]' the Output contains the MAC address of the device and the network name. Example:
16:32:26.628209 BSSID:ff:ff:ff:ff:ff:ff DA:ff:ff:ff:ff:ff:ff SA:50:ea:d6:aa:bb:cc Probe Request (SUBWAY) [1.0 2.0 5.5 11.0 Mbit]That is, the device 50:ea:d6:aa:bb:cc checking whether the SUBWAY network within the availability.
Moscow vipina
Well, what's wrong?Well, they emit these packages with the names of the networks. Think.
Note that the majority of local networks a unique name. Of course, you will come across the common names like SUBWAY. But in many homes the network is called either the automatically generated names ProviderNameDEADBEEF or specified by users.
That is, a list of test packet contains approximately such names of networks:
home: ProviderNameXXXXX, StreetNameWifi, etc.
workers: Company, CompanyCity, etc.
adaline: standard
hotels: different unique names, except for network hotels
So what if you suddenly grab a trial pack with the name of the network FooProvider123456, BlahProviderABCDEF, ACME-Fooville, CafeAwesome? Of course, you can guess what the person is the provider and where he eats. But it's just names. No BSSID, coordinates and other things. Well. But not very much.
Because there is light at WiGLE!WiGLE (abbreviation "engine to record information about wireless networks") is a service running under the motto "All the networks, which find people." Most of the urban networks do can be found in this service. Moreover, you are interested in network you can find by searching by their name. So you will receive information about the networks by their names.
Network in the area of the Kremlin
[note. transl.] Large scale networks the location on the map displayed only to registered users.
You can make some assumptions. For example, if Wigle returns more than 3-4 networks with the same name, it is likely some standard networks that can be ignored... Unless one of them are not close to the unique that we found. You can filter the networks that were not visible more than a year. Unless they are unique and does not move in time, otherwise it would mean that the access point was moved.
Information gatheringWhat information we can gather on the basis of the list of networks? Look at the map, which was created in automatic mode from the search results Wigle. They were downloaded with the library wiggle and mapped:
Green I have outlined the encrypted network, red – open. Blue – unknown. Each marker has actually shown in some certain building. We can immediately understand that the person most likely lives and works on the East coast of the United States (multiple markers), flying to Japan (the token is encrypted corporate network) and the rest in Thailand (the network names of the hotels), as well as travels around New Zealand (the network names of the campsites). From the name of a corporate network can be calculated.
Then you and social engineering, and search person and search of employees of company X... And MAC address you can find out the model and thus to find this man in the crowd.
Chief, what to do??On linux, you can configure networking wpa_supplicant and point scan_ssid=0. So it is set by default and this setting overrides sending the trial packets. On other systems – I don't know.
Of course, you can delete the saved network, or disable wi-fi when you don't need. But this is not the solution. You can call your home network a common name – but problems with the names of other networks that you use, it doesn't solve.published
Author: Vyacheslav Golovanov
P. S. And remember, only by changing their consumption — together we change the world! ©
Join us in Facebook , Vkontakte, Odnoklassniki
Source: habrahabr.ru/post/253335/
Tags
See also
KOHAUZING - Danish OPTION ecovillage
How to find new business ideas!
«Mille et Une Heures» (one thousand and one hour)
How dangerous workers who know too much
Motorola and LG is preparing a smart clock on the OS from Google
Hong Kong from a height
The FLIR One: that the imager is able to phone?
Today, computer mouse turned 46 years
