1

Problem Statement

I am trying to make an application for Android that can detect nearby smartphone devices. I need to discover smartphone devices regardless of their connection to a WLAN or their operating system. The only requirement is that their bluetooth or wifi setting is enabled. I am trying to capture the MAC Address and maybe RSSI of these devices. An example of an application I am trying to emulate is Meshlium.

Methods Already Considered

  1. Android Classic Bluetooth:

    • I have followed the guide to discover devices that aren't currently paired with my device.
    • The smartphones I am trying to discover need to be in "discovery" mode in order to be found. For most modern phones that means they need to be on their bluetooth settings page.

  2. Android P2P (Wifi Direct):

    • I have followed the guide again and can't discover smartphones nearby.
    • Similar to bluetooth, both devices (mine and the device I am trying to find) need to be both trying to discover wifi direct devices.
    • Also it seems iOS doesn't support wifi direct anyways.

  3. Google Nearby:

    • Nearby Connections works only with devices running an application that is using the nearby connections api. So only devices with the app currently running the advertising or discovery feature will be available for detection.

  4. Wifi Network Service Discovery:

    • This lets me see devices that are currently advertising services on a network and not the actual devices themselves.

Device Specifications

The device I am using is running android version 6.0.1 and Model number rk3368-box. The device also has root permissions.

Question

Is there a way on my android device to discover the nearby smartphones with the only requirement being their wifi or bluetooth is enabled? Perhaps packet sniffing the probe requests of the devices? I have researched packet sniffing but can't find any solid resources for Android. Also I would love to be able to do so in c# and Xamarin.Android if possible.

Update

Is a custom ROM an option? I am not looking to make an application for the play store, but one for custom hardware. Perhaps when I enable the wifi hotspot on the device it logs the probe requests from the devices nearby and saves as a file to export later?

Community
  • 1
  • 1
Trevor Woods
  • 38
  • 1
  • 8
  • Also realize that `Meshlium` has a hardware component which puts their solution outside of a software only Android app based on standard Android hardware/OS. – Morrison Chang Jul 18 '18 at 17:11
  • @MorrisonChang please see my above update. I am looking to develop for custom hardware, so a custom ROM is possible. Would that be able to provide a solution? – Trevor Woods Jul 19 '18 at 15:56
  • I don't think you understand the scale of your project if you aren't comfortable in building custom ROMs or reverse engineering driver software. If you already have existing detection hardware your problem just becomes how does the Android app communicate with the device, i.e. Android Open Accessory protocol or other USB connection. If you have no such detection hardware, you'll need to build it and I would suggest skipping Android and stick to RaspberryPi/Linux based solutions - and look at what 'Black Hat' researchers have done to achieve similar. Good luck. – Morrison Chang Jul 19 '18 at 16:50

2 Answers2

3

There is no way to do this. And there shouldn't be- unless I'm working with you (in which case multiple of the above will work) its a massive invasion of my privacy for you to be able to detect my device.

Gabe Sechan
  • 90,003
  • 9
  • 87
  • 127
  • I was starting to come to that conclusion on my own, but then how do companies commercialize similar products? [Meshelium](http://www.libelium.com/products/meshlium/smartphone-detection/) advertises that it detects smartphones just based on proximity and their wifi setting enabled. Is it their custom hardware that enables them to do so? – Trevor Woods Jul 18 '18 at 17:51
  • Yes. Its basically a WAP. Its detecting attempts to scan for a wifi signal (or bluetooth signal). So if your phone has wifi off, it won't be detected. You could go a level higher by using a stingray like device, if you don't mind breaking a few federal laws. – Gabe Sechan Jul 18 '18 at 18:00
  • Thanks for the help! I appreciate it. – Trevor Woods Jul 18 '18 at 18:02
  • Can I configure my Android device to be a WAP? – Trevor Woods Jul 18 '18 at 18:16
  • Yes, but not at the level you'd need it. Turning on wifi hotspot makes it a WAP, but there's no API to interact with it. Its all OS level stuff. – Gabe Sechan Jul 18 '18 at 18:18
  • Yikes! I'm an intern and the company I work for is looking for a way to do it. Well if there's nothing I can do, there's nothing I can do haha. – Trevor Woods Jul 18 '18 at 18:22
  • Custom build of the Android OS? Are they trying to put this in an app for the play store, or for custom hardware? If its the first, it isn't happening. And might even be considered malware. If its the second, a custom ROM is an option. – Gabe Sechan Jul 18 '18 at 18:25
  • It's for custom hardware. What would a custom ROM solution look like? – Trevor Woods Jul 18 '18 at 18:25
  • If you're working for the retailer I'd highly suggest paying an existing solution. You'll spend a lot of money/time trying to make it yourself. If you're trying to write that solution, I'd be doing custom hardware rather than a phone/tablet app. A router with open source firmware would be a possible solution. – Gabe Sechan Jul 18 '18 at 18:27
  • Can I chat with you? Through skype or another service to discuss more? – Trevor Woods Jul 18 '18 at 18:34
0

If you are able to find mac address for WLAN adaptor of a device than try to search for bluetooth devices having mac address same as WLAN adaptor but last digit changed by 1. This way you can find a Bluetooth device even if it's visibility is hidden

nandubhadu
  • 31
  • 1
  • 9