Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,733,372 Members 39,339 Now Online
XDA Developers Android and Mobile Development Forum

Patched wpa_supplicant to scan for APs passively

Tip us?
 
steadyeddy
Old
(Last edited by steadyeddy; 16th March 2014 at 10:39 PM.)
#1  
Junior Member - OP
Thanks Meter 2
Posts: 3
Join Date: Mar 2014
Default Patched wpa_supplicant to scan for APs passively

I patched wpa_supplicant to do wildcard access point scans passively, because **** tracking. (Wildcard means you're not looking for a particular access point, especially not one with a hidden SSID.) Seems to work perfectly, except it takes a few seconds longer to list all the access points around you. And it's a very simple patch too.

Just apply inside all the ~/android/system/external/wpa_supplicant* folders and build. Then look at the air traffic before and after installing the new binary (and resetting Wifi) with this Wireshark filter expression: wlan.addr == ph:on:em:ac:ad:dr

https://gist.github.com/anonymous/9589807
Attached Files
File Type: patch wpa_supplicant.passive-wildcard.patch - [Click for QR Code] (424 Bytes, 89 views)
The Following 2 Users Say Thank You to steadyeddy For This Useful Post: [ Click to Expand ]
 
ryanbg
Old
#2  
Senior Member
Thanks Meter 781
Posts: 355
Join Date: Jan 2008
Location: Minnesota
Quote:
Originally Posted by steadyeddy View Post
I patched wpa_supplicant to do wildcard access point scans passively, because **** tracking. (Wildcard means you're not looking for a particular access point, especially not one with a hidden SSID.) Seems to work perfectly, except it takes a few seconds longer to list all the access points around you. And it's a very simple patch too.

Just apply inside all the ~/android/system/external/wpa_supplicant* folders and build. Then look at the air traffic before and after installing the new binary (and resetting Wifi) with this Wireshark filter expression: wlan.addr == phn:em:ac:ad:dr

https://gist.github.com/anonymous/9589807
Is this a true monitor mode (rfmon) patch? Either way, very nice work!
 
h4waii
Old
#3  
h4waii's Avatar
Senior Member
Thanks Meter 3
Posts: 602
Join Date: Nov 2007
Location: Toronto
Quote:
Originally Posted by ryanbg View Post
Is this a true monitor mode (rfmon) patch? Either way, very nice work!
No. It removes directed probes to stop leaking stored network SSIDs. This is not for on-device RFMON.
 
steadyeddy
Old
#4  
Junior Member - OP
Thanks Meter 2
Posts: 3
Join Date: Mar 2014
Quote:
Originally Posted by h4waii View Post
It removes directed probes to stop leaking stored network SSIDs.
Actually it's the opposite, probe requests looking for specific SSIDs still go through, but with or without this patch they only happen when your Android system remembers APs with a hidden SSID (check your wpa_supplicant.conf). And they need to happen, because it's the only way to connect to those APs. If you don't want to send out such probe requests, just don't connect to APs with hidden SSIDs, or at least "forget" them after you're done.

What the patch really does is remove nonspecific (=wildcard) probe requests. They do not leak SSIDs, but they do leak your device's current MAC address. (And more broadly, the radio characteristics of your device.)
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


XDA PORTAL POSTS

LG G Watch Tool is a Toolkit all Owners Need

The LG G Watch is one of the first two devices hitting the market rocking the highly anticipated … more

Benchmark Your CPU Performance with Mini CPU Integer Script

When it comes to device testing, there are two types of people on XDA. The first … more

Rid Yourself of Charging Annoyances with No Wake on Charge Xposed Module

Almost every OEM has skinned and otherwise modifiedAndroid to suit … more