SCAN (Fixed) MAC Address inside network through esp32

Hi
Through ESP32 , I want to scan (know) the Mobile devices MAC Addresses (FIXED Not Dynamic) that are available in a place e.g. (My restaurant) connected to the internet either through:
1-the wi-fi network on the place.
Or
2-Connceted through 4G or 5G through their own telecom provider.

Please note that I want the MAC Address (Fixed No) not the dynamic one , if there is a suggested number other than the MAC address , there is no problem but It should be Unique number to the device.

Thank you

In your TUTORIAL, can you please explain in detail how you did this?

Or ask the mods to move this thread to a different caterpillar.

This might be a solution to your request:

https://github.com/ESP-EOS/ESP32-WiFi-Sniffer

I have not tested it, but it should scan the WiFi channels and report MAC addresses.

You may have mixed up in your post MAC and IP addresses, didn't you? MAC addresses are usually fixed (can be changed by software ofcourse) and IP addresses may be fixed or dynamic in case of DHCP usage.

@maabdullah47, welcome. Your topic has been moved to a more suitable location on the forum. Introductory Tutorials is for tutorials that e.g. you write, not for questions. Feel free to write a tutorial once you have solved your problem :wink:

:+1:

Thank you @ec2021 for your replay , actually the one you mentioned is not bringing the MAC addresses of the mobiles , we did a try by the following code , here is it :

/*
   Based on Neil Kolban example for IDF: https://github.com/nkolban/esp32-snippets/blob/master/cpp_utils/tests/BLE%20Tests/SampleScan.cpp
   Ported to Arduino ESP32 by Evandro Copercini
*/

#include <BLEDevice.h>
#include <BLEUtils.h>
#include <BLEScan.h>
#include <BLEAdvertisedDevice.h>

int scanTime = 5; //In seconds
BLEScan* pBLEScan;

class MyAdvertisedDeviceCallbacks: public BLEAdvertisedDeviceCallbacks {
    void onResult(BLEAdvertisedDevice advertisedDevice) {
      Serial.printf("Advertised Device: %s \n", advertisedDevice.toString().c_str());
    }
};

void setup() {
  Serial.begin(115200);
  Serial.println("Scanning...");

  BLEDevice::init("");
  pBLEScan = BLEDevice::getScan(); //create new scan
  pBLEScan->setAdvertisedDeviceCallbacks(new MyAdvertisedDeviceCallbacks());
  pBLEScan->setActiveScan(true); //active scan uses more power, but get results faster
  pBLEScan->setInterval(100);
  pBLEScan->setWindow(99);  // less or equal setInterval value
}

void loop() {
  // put your main code here, to run repeatedly:
  BLEScanResults foundDevices = pBLEScan->start(scanTime, false);
  Serial.print("Devices found: ");
  Serial.println(foundDevices.getCount());
  Serial.println("Scan done!");
  pBLEScan->clearResults();   // delete results fromBLEScan buffer to release memory
  delay(2000);
}

We got a list of addresses but I didn't find in the results any number related to the actual mac address on my mobile device and/or Bluetooth but instead I got another hex decimal numbers , please take look at the screen-shot result:

the numbers we got it is dynamic number for the mobile devices , to make sure our assumption is correct, please check the number circled by red color in the screen shot ends with (a2) when I switched off my Mobile Bluetooth and back switched it on the previous number (ends with a2) of the Mobile changed to another number ( I don't remember it) and the one ends with (a2) never displayed again after I switch the Bluetooth on again , we need your help to get the mac address on the mobile device (Unique number) is that possible ? do we need to edit our code?

:clap: :ok_hand:

In your post #1 you wrote:

connected to the internet either through:
1-the wi-fi network on the place.
Or
2-Connceted through 4G or 5G through their own telecom provider.

However in your sketch you do not use WiFi but BLE (Bluetooth Low Energy) technology! See here regarding changing MAC addresses on BLE:

https://www.lairdconnect.com/support/faqs/why-does-ble-mac-address-keep-changing-my-smartphone

Mobile phones use WiFi and not BLE to connect to WiFi Access Points. The link in my previous post refers to an ESP32 WiFi Sniffer so the results are not comparable. WiFi on mobiles usually does not have changing MAC addresses (unless explicitely initiated by the user).

So you may still try the WiFi Sniffer ...

good point @ec2021 I have small question , if the Mobile is not connected to the Wi-fi inside the location e.g.: My restaurant but connected to 4g through his telecom provider does the code mentioned in your post work ? I mean is it mandatory the mobile connected to the wi-fi inside the location to sniff it by the ESP 32?

The ESP32 can only check available WiFi packets. If the mobile's WiFi is off it can not be received.

Direct connection via 4G or 5G will require other devices.

But you can of course use the BLE functions in parallel to detect further mobiles as a certain part of the BLE MAC address will not change (see my link regarding BLE above).

The EP32 does not have a receiver for 4G and 5G signals so it has no way to receive any information from cellphones.

Thank you @johnwasser Is their any other Card other than ESP 32 can receive 4G and/or 5G signals?

Good morning @ec2021 which card devices other than ESP 32 can receive 4G or 5G Signals?

There are several that can act like a 4G or 5G telephone but that won't let you scan for nearby phones. You need a device that can emulate a cellular tower. I don't know of any module you can hook to an Arduino to emulate a cellular tower.

Like @johnwasser already wrote, you would need a device which is called "IMSI catcher":

https://en.wikipedia.org/wiki/IMSI-catcher

But as you can read there

IMSI-catchers are used in a number of countries by law enforcement and intelligence agencies, but their use has raised significant civil liberty and privacy concerns and is strictly regulated in some countries such as under the German Strafprozessordnung (StPO / Code of Criminal Procedure).

Depending on the legal situation in your country, you might not be allowed to make use of them.

Not everything that is technically possible is also permitted by law .... So take care, even the tracking of devices via WiFi or Bluetooth without explicit allowance might be subject to prosecution depending on local regulations!

Hi @ec2021 @johnwasser thank you for your replies and clarifications , the fact is I have misunderstanding for the (wi-fi) & (4G or 5G) I was thinking that in order to sniff a Mobile MAC address through (Wi-Fi) the mobile user should be Login to the Wi-fi Network to be sniffed by ESP 32 for that reason I were using (BLE) but now after I realizing the case it became easier I will use wi-fi sniffing not BLE, anyway when I tried the code submitted earlier by @ec2021 I didn't find any of the numbers related to my mobile ( iphone 11 SW Version 15.5 ) from the extracted devices numbers related to the wi-fi NW , Is the MAC address any of the Numbers shown in the Mobile (About) screen-shot below?

image

Or the MAC address somewhere other than Mobile (About) section?

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.