Legally Track Smartphones users with ESP8266
With a vast majority of the world population owning a smartphone, being able to track someone through their phone is not such a bad idea after all, especially if it is done within legal limits. This is the end result of a recent project developed by engineering student Amine Mehdi Mansouri, whose initial efforts on creating a quick project to check the connection status of plant sensors, has resulted in the development of a tiny little custom device that is able to track over 500 people legally.
Speaking on the project and its morphing, Amine said his curiosity heightened when he discovered that devices use probe requests frames sent by mobile devices to announce the SSID they were connected to. So, phones, laptops, and WiFi devices constantly search for all WiFi networks that you must have connected with in the past and share the information with anyone who is listening for those public packets, well except if you changed as “saved”. Else, anyone can get access to where you have been before and your unique device MAC address.
The tracker board, according to Mansouri, is made up of 12 components, all of which are surface mount and easy to solder with an 0805 package. For proper device operation, Mansouri had to create a mesh-like network with eight of these boards, along with a series of Kortex Xtend Lite NAT (Wi-Fi) repeaters used to get the list of those connected to the Wi-Fi.
For tests, Mansouri used his local library, with the boards set up in different places. The devices were used to collect addresses from mobile phones based on which of the devices they were connected to or had been connected to. In two days, Mansouri had been able to target 526 MAC addresses, with their respective RSSI values that indicated the proximity of each person to the nearest device.
“I just had to sit and watch how my database was getting filled with new unique (not randomized) MAC addresses,” says Mansouri.
A perfect hacker device, the device comes in a very small form factor and can fit into hidden places like pockets, books, or shelves. To indicate its status the board comes with a green led that indicates when the device is on and a reset button that can be used to update SSID and pass.
While Mansouri acknowledges that the device at its current state could be useful to people, he mentioned the need to still carry our some coding and that the project will be made open-source on GitHub when all of that is done.
You can get more details about the project and follow his build process via the project’s page on Hackaday