Is it possible to get the mac address of client devices which are within wifi hotspot range? [closed]

Asked 18/4, 2017 at 10:57 Answered 28/4, 2017 at 10:2

I want to get a list of all the devices(who has their wifi turned on) which are within Wifi hotspot range. However it may or may not be connected to the hotspot.

I am getting the list of connected devices by using this library but I am not sure whether it is possible to get the devices which are not connected to wifi hotspot and are just within its range. It would be really nice if someone could clarify on the possibility of it.

Stegodon answered 18/4, 2017 at 10:57 Comment(0)

No it's not possible, the only way to see not-connected devices is to go on the administration panel of the box (and you will only see previously connected devices). So you will not be able to see them if you're not admin on the box.

Moreover, I suggest you to take a look at nmap tool to discover all the clients of a network. You also have Fing on Android which is a pretty good tool.

Johann answered 18/4, 2017 at 11:2 Comment(5)

Sorry but I want a programmatic android based solution. – Stegodon 18/4, 2017 at 11:8

Well it looks like you already have a working library for connected clients... So I'm sorry to tell you that what you're trying to do is not possible with an Android phone, please take a look at this post : serverfault.com/questions/482825/… – Johann 18/4, 2017 at 11:15

You asked if it was possible to detect non-connected devices, I answered you no. You don't have to downvote just because you wanted a "yes" ;) – Johann 18/4, 2017 at 11:23

@Johann : There has got to be a way of doing so, considering that we get the list of available wifi hotspots on a client device, so to get the the ssid of a wifi hotspot the client device needs to ping it, and in the process the wifi hotspot too would be having some data of the pinging client device. Correct me if i am wrong. – Sabadell 21/4, 2017 at 9:37

It's not how it works unfortunately, it's unidirectional ! Look at en.wikipedia.org/wiki/Beacon_frame for more information – Johann 21/4, 2017 at 9:44

It's not difficult to get a list of all the devices which are connected to the Wi-Fi, for example, ping all possible hosts in your network, then read the ARP cache table to get mac addresses of devices. Here is an app for this. The hard part is the unconnected devices with their Wi-Fi on, it's nearly impossible on general Android phones(BTW, Linux with proper wireless adapter is most suitable to do such a thing) but there're some exceptions, the theory is your phone will keep sending probe requests(active scanning) which contain BSSID, SSID(specify the known network if any) and your phone's MAC address to update available WiFi list for later connection, for example, below is a probe request packet I captured:

Frame 15: 290 bytes on wire (2320 bits), 290 bytes captured (2320 bits)
Radiotap Header v0, Length 25
802.11 radio information
IEEE 802.11 Beacon frame, Flags: ........C
    Type/Subtype: Beacon frame (0x0008)
    Frame Control Field: 0x8000
    .000 0000 0000 0000 = Duration: 0 microseconds
    Receiver address: ff:ff:ff:ff:ff:ff
    Destination address: ff:ff:ff:ff:ff:ff
    Transmitter address: f4:6a:92:23:30:c0
    Source address: f4:ff:92:23:30:c0
    BSS Id: f4:fa:92:23:30:c0
    .... .... .... 0000 = Fragment number: 0
    1010 0011 1101 .... = Sequence number: 2621
    Frame check sequence: 0x7037cad2 [correct]
    [FCS Status: Good]
IEEE 802.11 wireless LAN management frame
    Fixed parameters (12 bytes)
    Tagged parameters (225 bytes)
        Tag: SSID parameter set: someSSID
        Tag: Supported Rates 1(B), 2(B), 5.5(B), 11(B), 6, 9, 12, 18, [Mbit/sec]
        Tag: DS Parameter set: Current Channel: 11
        Tag: Traffic Indication Map (TIM): DTIM 0 of 0 bitmap
        Tag: ERP Information
        Tag: Extended Supported Rates 24, 36, 48, 54, [Mbit/sec]
        Tag: HT Capabilities (802.11n D1.10)
        Tag: HT Information (802.11n D1.10)
        Tag: RSN Information
        Tag: Vendor Specific: 00:50:f2: WPA Information Element
        Tag: Vendor Specific: 00:50:f2: WMM/WME: Parameter Element
        Tag: Vendor Specific: 00:0a:eb
        Tag: Vendor Specific: 00:50:f2: WPS

To capture these packets, your WiFi adapter need support monitor mode which is rare on Android, but not none, see this project to know supported devices and how. Note that in response to these privacy violations, some OSs(Andord 6+, iOS 8+ AFAIK) have implemented different variants of MAC address randomisation.

Program answered 28/4, 2017 at 3:13 Comment(0)

Yes, it is possible to list the WiFi devices which are in the range of WiFi AP. I am not sure that how we can do this in Android but you can take a look at Aircrack-ng application . You can list all nearby devices because every Wireless device search for their already connected AP and at that time they are providing their MAC address (may be) . It will be helpful for you to take a look at github account of Aircrack-ng .

Fenugreek answered 28/4, 2017 at 10:2 Comment(0)

-1

WifiManager wifiManager=(WifiManager)getSystemService(Context.WIFI_SERVIE);
WifiInfo wInfo = wifiManager.getConnectionInfo();

String macAddress = wInfo.getMacAddress();

Profligate answered 27/4, 2017 at 10:52 Comment(1)

also add <uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/> – Profligate 27/4, 2017 at 11:0

-3

please try this.

WifiManager wm = (WifiManager) getSystemService(Context.WIFI_SERVICE);
wm.startScan();
List<ScanResult> scanResult = wm.getScanResults();
for (ScanResult result : scanResult) 
{
    System.out.println("Access Point MacAddr:" + result.BSSID);         
}

Dniester answered 18/4, 2017 at 11:1 Comment(1)

Please read the question properly. It says get the list of devices in range of hotspot not the list of available wifis in range. – Stegodon 18/4, 2017 at 11:7

Recommended topics

Hot tags