I wrote this thing as a gimmick for a conference to show how much information some mobile devices leak over wifi. People asked for the source code, so here it is. Enjoy!
warning: there are vulns!
It's a tool that shows you (real time) which wifi clients that are nearby, and which network they are searching for (probe requests). It shows you something like this:
[strength] [mac] [oui] [seen]
-53 aa:bb:cc:dd:ee:ff Manufacturer 5s ago
(Probe request) -53 seen 6s ago: NETGEAR71
(Probe request) -53 seen 6s ago: Starbucks
(Probe request) -53 seen 6s ago: eduroam
(Probe request) -53 seen 6s ago: Tivoli Hotel & Congress Center
(Probe request) -53 seen 6s ago: FREEWIFI_OLEARYS
(Probe request) -53 seen 6s ago: hideyokidshideyowifi
In this example above, it shows us that the wifi device with mac address aa:bb:cc:dd:ee:ff was "heard" 5 seconds ago, and it has in the past searched for a list of wifi network names, as shown in the list. These wifi network names can subsequently be used with e.g. wigle.net.
- Plug in as many wifi dongles as you can. The scripts do not channel hop, but instead prioritizes popular channels. Due to channel overlap, 5 interfaces should cover the entire 2.4GHz band.
- Run
./maclogger.py
- Open new terminal, cd to vicinity/
- Run
watch -n 1 --color ./vicinity.py
PRs are welcome!