Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,768,772 Members 52,226 Now Online
XDA Developers Android and Mobile Development Forum

Patched wpa_supplicant to scan for APs passively

Tip us?
 
steadyeddy
Old
(Last edited by steadyeddy; 16th March 2014 at 10:39 PM.)
#1  
Junior Member - OP
Thanks Meter 2
Posts: 3
Join Date: Mar 2014
Default Patched wpa_supplicant to scan for APs passively

I patched wpa_supplicant to do wildcard access point scans passively, because **** tracking. (Wildcard means you're not looking for a particular access point, especially not one with a hidden SSID.) Seems to work perfectly, except it takes a few seconds longer to list all the access points around you. And it's a very simple patch too.

Just apply inside all the ~/android/system/external/wpa_supplicant* folders and build. Then look at the air traffic before and after installing the new binary (and resetting Wifi) with this Wireshark filter expression: wlan.addr == ph:on:em:ac:ad:dr

https://gist.github.com/anonymous/9589807
Attached Files
File Type: patch wpa_supplicant.passive-wildcard.patch - [Click for QR Code] (424 Bytes, 102 views)
The Following 2 Users Say Thank You to steadyeddy For This Useful Post: [ Click to Expand ]
 
ryanbg
Old
#2  
Senior Member
Thanks Meter 880
Posts: 374
Join Date: Jan 2008
Location: Minnesota
Quote:
Originally Posted by steadyeddy View Post
I patched wpa_supplicant to do wildcard access point scans passively, because **** tracking. (Wildcard means you're not looking for a particular access point, especially not one with a hidden SSID.) Seems to work perfectly, except it takes a few seconds longer to list all the access points around you. And it's a very simple patch too.

Just apply inside all the ~/android/system/external/wpa_supplicant* folders and build. Then look at the air traffic before and after installing the new binary (and resetting Wifi) with this Wireshark filter expression: wlan.addr == phn:em:ac:ad:dr

https://gist.github.com/anonymous/9589807
Is this a true monitor mode (rfmon) patch? Either way, very nice work!
 
h4waii
Old
#3  
h4waii's Avatar
Senior Member
Thanks Meter 4
Posts: 604
Join Date: Nov 2007
Location: Toronto
Quote:
Originally Posted by ryanbg View Post
Is this a true monitor mode (rfmon) patch? Either way, very nice work!
No. It removes directed probes to stop leaking stored network SSIDs. This is not for on-device RFMON.
 
steadyeddy
Old
#4  
Junior Member - OP
Thanks Meter 2
Posts: 3
Join Date: Mar 2014
Quote:
Originally Posted by h4waii View Post
It removes directed probes to stop leaking stored network SSIDs.
Actually it's the opposite, probe requests looking for specific SSIDs still go through, but with or without this patch they only happen when your Android system remembers APs with a hidden SSID (check your wpa_supplicant.conf). And they need to happen, because it's the only way to connect to those APs. If you don't want to send out such probe requests, just don't connect to APs with hidden SSIDs, or at least "forget" them after you're done.

What the patch really does is remove nonspecific (=wildcard) probe requests. They do not leak SSIDs, but they do leak your device's current MAC address. (And more broadly, the radio characteristics of your device.)
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


Intel Partners with Unity to Support Android on Intel-Based Devices

Intel, largely known for their long-standing reputation as the king of … more

Device Review: Samsung Gear Live

Recently, Google announced Android Wear to the world. Android Wear is the Android-based initiative from … more

Forums Added for the Nvidia Shield Tablet and Sharp Aquos Crystal

Just a few days ago, wetook an in depth look at theNvidia Shield Tabletand … more

[OTA Captured] Android 4.4.3 Lands on European HTC One M7

The secound release of the Android L Developer Previewmay be the new hotness for … more