Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,742,027 Members 47,750 Now Online
XDA Developers Android and Mobile Development Forum

Patched wpa_supplicant to scan for APs passively

Tip us?
 
steadyeddy
Old
(Last edited by steadyeddy; 16th March 2014 at 10:39 PM.)
#1  
Junior Member - OP
Thanks Meter 2
Posts: 3
Join Date: Mar 2014
Default Patched wpa_supplicant to scan for APs passively

I patched wpa_supplicant to do wildcard access point scans passively, because **** tracking. (Wildcard means you're not looking for a particular access point, especially not one with a hidden SSID.) Seems to work perfectly, except it takes a few seconds longer to list all the access points around you. And it's a very simple patch too.

Just apply inside all the ~/android/system/external/wpa_supplicant* folders and build. Then look at the air traffic before and after installing the new binary (and resetting Wifi) with this Wireshark filter expression: wlan.addr == ph:on:em:ac:ad:dr

https://gist.github.com/anonymous/9589807
Attached Files
File Type: patch wpa_supplicant.passive-wildcard.patch - [Click for QR Code] (424 Bytes, 92 views)
The Following 2 Users Say Thank You to steadyeddy For This Useful Post: [ Click to Expand ]
 
ryanbg
Old
#2  
Senior Member
Thanks Meter 800
Posts: 357
Join Date: Jan 2008
Location: Minnesota
Quote:
Originally Posted by steadyeddy View Post
I patched wpa_supplicant to do wildcard access point scans passively, because **** tracking. (Wildcard means you're not looking for a particular access point, especially not one with a hidden SSID.) Seems to work perfectly, except it takes a few seconds longer to list all the access points around you. And it's a very simple patch too.

Just apply inside all the ~/android/system/external/wpa_supplicant* folders and build. Then look at the air traffic before and after installing the new binary (and resetting Wifi) with this Wireshark filter expression: wlan.addr == phn:em:ac:ad:dr

https://gist.github.com/anonymous/9589807
Is this a true monitor mode (rfmon) patch? Either way, very nice work!
 
h4waii
Old
#3  
h4waii's Avatar
Senior Member
Thanks Meter 3
Posts: 602
Join Date: Nov 2007
Location: Toronto
Quote:
Originally Posted by ryanbg View Post
Is this a true monitor mode (rfmon) patch? Either way, very nice work!
No. It removes directed probes to stop leaking stored network SSIDs. This is not for on-device RFMON.
 
steadyeddy
Old
#4  
Junior Member - OP
Thanks Meter 2
Posts: 3
Join Date: Mar 2014
Quote:
Originally Posted by h4waii View Post
It removes directed probes to stop leaking stored network SSIDs.
Actually it's the opposite, probe requests looking for specific SSIDs still go through, but with or without this patch they only happen when your Android system remembers APs with a hidden SSID (check your wpa_supplicant.conf). And they need to happen, because it's the only way to connect to those APs. If you don't want to send out such probe requests, just don't connect to APs with hidden SSIDs, or at least "forget" them after you're done.

What the patch really does is remove nonspecific (=wildcard) probe requests. They do not leak SSIDs, but they do leak your device's current MAC address. (And more broadly, the radio characteristics of your device.)
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


XDA PORTAL POSTS

[OTA Captured] Verizon LG G Pad 8.3 Finally Gets Official KitKat Update

It’s been almost nine months since the LG G Pad … more

Enjoy Wallpaper Overload with PhotoPhase

We don’t usually feature live wallpapers on the XDA Portal unless they are somewhat innovative … more

Monitor What Your Phone’s Camera Sees with Android Wear

Having a smart device strapped to your wrist certainly has its merits. A … more

Mod Lets You Have Stereo Speakers on Your Sony Xperia Z1 (Sort Of)

The stereo speakers onthe Sony Xperia Z2areprobably a relatively large … more