Android/Sniff

From charlesreid1

This is a step-by-step for installing the things you'll need to meet people over wifi and bluetooth with a rooted android phone.

Root Your Phone

The first thing you'll want to do (not strictly necessary for all steps, but useful for most) is to root your Android device.

I'm using the Android Evo 4G. Notes for rooting this device are here: Rooting_Android_Evo_4G


Install Software

In order to start sniffing the wifi and bluetooth traffic around you, you'll have to first install some apps on the Android phone.

Option A: Use the Play Store (Recommended)

The first option is to install all of the software that you'll need using the Play store. This requires creating a throwaway Google account. Create the Google account, and sign in to Google Accounts on the Android device. You will now be able to open the Play store and browse/download apps from the Play store.

NOTE: I had an issue with the Evo 4G connecting to the play store. Since it was an old phone, there were no updates, and I had rooted the phone, I was out of luck for getting the Play store to work. However, I was able to transfer APKs directly onto the Evo 4G (see below for details), but not after dealing with some super sketchy web sites.


Option B: Use APKs Directly (Not Recommended)

You might get a virus doing this, so watch out.

You can turn a Play store link into a directly-downloadable APK. This is impossible to do through the Play store, for some incomprehensible reason. This means all users with outdated devices that can't connect or download software through the Play store are forced to go elsewhere for the APK files (basically like .exe files for Androids).

This creates an opening for evil, malicious people to package viruses along with the APK, giving helpelss users viruses and spyware along with their APK.

You can avoid this by going through the Play store, or by only installing APK files that you've sent to yourself through Gmail, letting Google scan the APK for viruses. Or, you can use a trusted, clean site like https://f-droid.org/ to get APKs (although they have a more limited selection).

Download the APKs on your laptop or desktop, and then email the apk file as an attachment to your throwaway Google account that you set up for this Android phone. Open the Gmail app (after running sync) on your Android phone, and you should see your .apk file. You should be able to push an "Install" button.

The Apps

Wigle Wifi

Wigle Wifi is a superb wifi sniffing app. The interface couldn't be easier, it stores everything as a database, and it's a breeze to import and export data, and to upload it to Wigle.

The Analysis

From a quick walk down to the grocery store and back, I picked up 1800 different observations of wireless access points during a 15 minute walk.

THAT IS COMPLETELY MIND-BLOWING.

Diving Into the Data

I dumped all the data collected into a CSV file, and then opened the CSV file in Python to analyze the results.

Looking at column "type":

"CDMA" and Wifi

CDMA (Code Division Multiple Access) and GSM (Global System for Mobiles) are shorthand for the two major radio systems used in cell phones. http://www.pcmag.com/article2/0,2817,2407896,00.asp

A Python Script

import csv
import numpy
import numpy as np
import pandas as pd

filename = 'WigleWifi_20150812210408.csv'

df = pd.read_csv(filename,skiprows=1)

print "Information collected:"
print df.columns.values
print ""

print "Total observations:"
print len(df)
print ""

print "Found",len(df['MAC']),"MAC addresses."
print "Found",len(df['MAC'].unique()),"unique MAC addresses."
print ""

print "It looks like HOME is a pretty popular name for your router."
print "Searching for string 'HOME' in SSIDs:"

home_count = df['SSID'][df['SSID'].str.contains('HOME')].values
print home_count
print ""

print "CDMA vs WiFi:"

cdma_count = df['Type'].str.contains('CDMA').sum()
print "CDMA signals:",cdma_count

wifi_count = df['Type'].str.contains('WIFI').sum()
print "WIFI signals:",wifi_count

print ""

print "MAC addresses of form 4186_ABC_VWXYZ all have the same type:"
print df['Type'][df['MAC'].str.contains('4186')]
print ""
# 
# see https://www.ietf.org/rfc/rfc4186.txt
# 
# 
print "And it turns out they're all Sprint phones:"
print df[['SSID','Type']][df['SSID'].str.contains('Sprint')]
print ""




f1 = plt.figure()
ax1 = f1.add_subplot(111)
sns.distplot(df['AltitudeMeters'],hist=True,ax=ax1)
ax1.set_title('Histogram of Signal Altitudes')

f2 = plt.figure()
ax2 = f2.add_subplot(111)
sns.distplot(df['RSSI'],hist=True,ax=ax2)
ax2.set_title('Histogram of Signal Strengths')

plt.show()



Manufacturer Info from MAC Address

See OUI


Flags

Retrieved from "https://charlesreid1.com/w/index.php?title=Android/Sniff&oldid=16834"