458

00:25:DF:*

top 50 comments
sorted by: hot top controversial new old
[-] Gormadt@lemmy.blahaj.zone 98 points 5 months ago* (last edited 5 months ago)

I too would like to know how to make a hog finder

Edit: Okay I think I figured it out. Using an app called BLE Radar (F-Droid Link and Google Play link) you can scan nearby Bluetooth devices passively. You can use the app to setup filters to send notifications when specific devices or addresses are nearby.

[-] ackshewally@lemmy.blahaj.zone 83 points 5 months ago* (last edited 5 months ago)

Yup, that's it. BLE Radar is the best app I've found so far. Someone go make a PR for playing a sound when a profile matches though...

Tasers, bodycams and holsters among other things made by Taser are constantly spamming advertising packets over BLE in order to be able to link to each other quickly (ie if a taser or gun is drawn, turn on the body cam). These devices are almost all made by one company and per the Bluetooth specification, the manufacturer ID is the first three bytes of the device ID, 00:25:DF: the address for Axon International Torture Devices.

Credit to Nullagent/rfparty for discovering the vulnerability. https://www.engadget.com/how-hackers-are-using-bluetooth-to-track-police-activity-140012717.html

A couple notes in practice: without dedicated hardware BLE advertising packets are very random, your phone can only sense one of the three advertising channels at once and it rotates though them. Additionally local band conditions (how many innocuous BLE devices are also around, WiFi, unrelated ISM stuff, other factors) can change sensitivity. BLE is a chaotic spammy protocol that likes to shout over itself. As a result, detections can happen the instant someone gets within ~100m of you, or they may not be detected for several seconds. Some departments may not even use Axon hardware at all, though the majority seem to. You may be able to use the WiGLE database to get a sense for your locale, but I haven't dug into that yet.

Further research: This has a lot of potential for protest/protected first amendment activities. As stated, the ability to cue an audio alert. Apps that can trigger audio/video recording when cops are very close (high RSSI). Apps that can alert a friend that lots of cops are very close and the user is unable to halt a countdown. Apps that can wipe/lock/turn off a phone if lots of cops are very close or around for an extended period of time (in custody).

[-] Gormadt@lemmy.blahaj.zone 31 points 5 months ago

One thing I'm curious about is of using a micro controller with a much larger receiver would extend BLE sniffing capabilities.

Or setting up some LoRa equipped micro controllers to do sniffing in an area and syncing that data using a LoRa mesh to an active database of some kind. (Like utilize something similar to (or in fact) Meshtastic)

[-] ackshewally@lemmy.blahaj.zone 24 points 5 months ago* (last edited 5 months ago)

Meshtastic is awesome, everyone go play with it, it's getting more accessible by the day.

There's a lot you can do on the hardware side. A device with three BLE chips supporting the appropriate modes would be able to sniff all three advertising channels at once, greatly increasing acquisition speed. High gain directional antennas would massively increase range. If you were especially squirrelly you could build in a GPS with high precision timing (~$25-100) and geolocate the packets via MLAT (https://en.m.wikipedia.org/wiki/Pseudo-range_multilateration). Moving up to a GPSDO you could start to do things like determine the speed and direction of travel of the sender.

[-] princessnorah@lemmy.blahaj.zone 12 points 5 months ago

I'd love a community here on lemmy for Meshtastic.

[-] cypherpunks@lemmy.ml 15 points 5 months ago

I’d love a community here on lemmy for Meshtastic.

There are two:

  • /c/meshtastic@mander.xyz
  • /c/meshtastic@lemmy.ml
[-] princessnorah@lemmy.blahaj.zone 8 points 5 months ago

Sorry, I should have been more specific. I'd love an active community here on lemmy for Meshtastic. One of those hasn't had a post for 2 months and the other has a single post from an admin and that's it.

[-] cypherpunks@lemmy.ml 5 points 5 months ago* (last edited 5 months ago)

yeah, they aren't very active, but (presumably due to federation bugs) there is more there than your instance is showing you: from my perspective the most recent post on the mander community is from one month ago and the lemmy.ml community has three posts including one that isn't from a mod.

you might be able to pull those posts into your instance by searching for their permalinks there (which you can find from the fediverse icons on each post in the web view of those communities on another instance).

[-] AVincentInSpace@pawb.social 11 points 5 months ago* (last edited 5 months ago)

just installed it and Sweet Lord the Animations

[-] ThisIsAManWhoKnowsHowToGling@lemmy.dbzer0.com 3 points 5 months ago* (last edited 5 months ago)

I just clicked on the scan button and

VWOORP

[-] sandalbucket@lemmy.world 61 points 5 months ago

This is cyberpunk as hell, and awesome.

Unfortunately apple does not expose mac addresses to apps, so iPhone users can’t do it :(

[-] trainwreck@lemm.ee 65 points 5 months ago

Is there anything iphones can do besides scroll social media? Every time I hear about some cool new capability of phones this caveat is always present.

[-] ElectroLisa@lemmy.blahaj.zone 47 points 5 months ago

Falsely identify some meme in your gallery as CSAM and send you to feds

(partially /s)

[-] EvacuateSoul@lemmy.world 8 points 5 months ago

Complain about how blurry their 60 second video came through and blame it on android. I constantly explain how iMessage isn't texting, but there are plenty of ways to get the same abilities.

[-] lepinkainen@lemmy.world 4 points 5 months ago
load more comments (2 replies)
[-] Brkdncr@lemmy.world 44 points 5 months ago

Neat. 00:35:df is assigned to Taser. They make LEO accessories.

[-] seathru@lemmy.sdf.org 23 points 5 months ago* (last edited 5 months ago)

That's how it works. TASER became Axom (maker of most body cams).

[-] trolololol@lemmy.world 9 points 5 months ago

00:25 not 35

Wait could I theoretically go to a UK police station or somewhere with a lot of police and pick up their MAC addresses.

Then if I were to be involved in some direct action I could get alerts that the police are nearby?

If so what device do I need to do this mobile? Like a laptop? Or one of those little orange hacker tools which the name is escapes me right now.

[-] swab148@startrek.website 23 points 5 months ago
[-] dependencyinjection@discuss.tchncs.de 20 points 5 months ago* (last edited 5 months ago)

That’s it. Gone I’m getting old. Flipper Zero init.

Do you have one? I’ve been interested for a minute but not sure if I can loads of fun with it.

I’d be interested in using it to affect digital billboards or taking direct action against companies I don’t think have a moral backbone.

[-] perviouslyiner@lemmy.world 19 points 5 months ago* (last edited 5 months ago)

While flipper is very versatile, it's pretty weak compared to dedicated devices with proper antennas for the signal type you're looking at.

Thanks that helps me make the choice.

I do already have some decent antennas from the last time I was playing around with Kali and Airpdump ng so I’ll get into some studying.

Thanks.

[-] Glitterbomb@lemmy.world 4 points 5 months ago

I looked into maybe getting a flipper a while back and decided the hackRF would be the way to go. I never got either, but from what I was reading, hackRF let's you do all the things people who own flippers wish the flipper did.

Yeah I think GhostStrats on YouTube did an episode on his toolkit and the HackRF was recommended.

What I really want to do is fuck with digital billboards. I have a hatred for adverts and more so in the real world lol.

[-] swab148@startrek.website 5 points 5 months ago

Nah, it'd mostly just end up being another useless gadget to me. It's cool, but I don't have room for gadgets rn.

[-] yetAnotherUser@lemmy.ca 8 points 5 months ago

Interesting idea, but aren't most MAC addresses randomised per connection nowadays?

[-] lost_faith@lemmy.ca 3 points 5 months ago

MAC addresses are assigned to the hardware and do not change with each boot (first 3 pairs are company second 3 pairs are the device), unless you spoof the address then you can make it display any MAC address you wish but the MAC of the device never changes.

[-] Natanael@slrpnk.net 8 points 5 months ago

Advertised WiFi MAC is randomized per AP by most devices these days, and Bluetooth also have equivalent privacy protocols. So unless you can get the device to connect to you then you won't see a static identifier that can be followed

load more comments (1 replies)
[-] Harold_Penisman@lemmy.world 33 points 5 months ago

How does one enable the feral hog radar?

[-] doubtingtammy@lemmy.ml 28 points 5 months ago

This is why I'm on Lemmy

[-] jackemled@furry.engineer 24 points 5 months ago

@ackshewally There's also D4:2D:C5 for i-PRO & a bunch for Motorola Solutions Inc. (different child company from Motorola, seems to make police hardware). Does anyone know any more OUIs? There are a few other Bluetooth police hardware manufacturers I've found that don't seem to have OUIs.

Also, does using an asterisk like that work? I've been using a regex for it & I would like to turn it into that to make it more readable.

I wish there was something better than BLE Radar for this that could search for things other than just MAC addresses & preset manufacturers.

[-] the_third@feddit.de 3 points 5 months ago

TBF, those Motorola OUIs would constantly throw alerts for the fire station next door as well.

[-] jackemled@furry.engineer 3 points 5 months ago

@the_third I couldn't find anything about Motorola Solutions specifically except that they make police equipment. This isn't the same as the other companies named Motorola, it's a different company.

[-] booly@sh.itjust.works 8 points 5 months ago* (last edited 5 months ago)

Motorola Solutions is a dominant radio manufacturer in the government/first responder space, as well as major infrastructure providers. Yes, that means cops, but it also means firefighters, ambulances, trains, buses, airports, and any fleet of mobile service for mission critical stuff like electric utilities, telecom, and some aviation uses. Back in the day of trunk radio, it used to be common for taxis, too.

Motorola sold its consumer mobile businesses (cell phones) in 2011 in a spinoff as "Motorola Mobility," around the time it was shutting down and selling off pieces of its space/satellite businesses, but kept most of its other businesses. Today's Motorola Solutions is the legal successor to the Motorola that invented the cell phone.

[-] Rhynoplaz@lemmy.world 5 points 5 months ago* (last edited 5 months ago)

Today's Motorola Solutions is the legal successor to the Motorola that invented the ~~cell phone.~~ Motorized Victrola.

Kids today.... Think EVERYTHING starts with their cell phones.

load more comments (1 replies)
[-] Gork@lemm.ee 20 points 5 months ago

What's the range on this thing?

[-] Gormadt@lemmy.blahaj.zone 23 points 5 months ago

From a quick search the BLE specification says it can be greater than 1km. But it has to be a Device that supports the newest Long Range Modes.

Older devices it can be about 100m.

[-] ackshewally@lemmy.blahaj.zone 16 points 5 months ago

In practice it's usually at or more commonly under 100m. Since we're at the mercy of what Axon has graciously provided for us, were unlikely to get BLE long range (coded PHY) type packets out of these devices, they probably have no use case for supporting the extension.

[-] kalimari@lemmy.blahaj.zone 20 points 5 months ago

Unfortunately, this requires your local police department to have the latest axon gear… I’ve actively sat down and listened for signals near my local police and didn’t spot any advertising beacons

[-] itslilith@lemmy.blahaj.zone 33 points 5 months ago

advertising bacons

[-] yournamehere@lemm.ee 19 points 5 months ago

interesting.

i wrote some scripts that runs airodump ng, then clean the csv, send all beacons with timestamp to a database. this helped me to collect mac adresses for some time now and allows me to have alerts if neighbours are back from vacation (e.g. using home assistant i get notifications ob androidTV)

i did not go for bluetooth because espresence for homeassistant does that out of the box. https://espresense.com/

Curious as to why you want to know when your neighbours are back? Or actually the benefit of collecting MAC addresses in general.

[-] ThePyroPython@lemmy.world 9 points 5 months ago
load more comments (1 replies)
[-] yournamehere@lemm.ee 3 points 5 months ago

i stumbled across this project but it wasnt quite working for me since the author uses it in a very remote location with few to zero clients: https://github.com/AgustinPelaez/wifi-presence-detector

This looks interesting thanks for sharing.

Could this be used in my office, for fun, to get my colleagues mac addresses and keep sending de-auth packets to keep them off the network?

Also, interested in whether it could be used to learn any patterns of police gear and notify of presence when out protesting.

load more comments (2 replies)
[-] blindbunny@lemmy.ml 14 points 5 months ago

This is so hot

[-] Crank_it@lemmy.world 11 points 5 months ago

Really cool! I didn't know about this yet

[-] merthyr1831@lemmy.world 7 points 5 months ago

this is why we need ar-15s, for the 30 to 50 feral hog Bluetooth notifications

load more comments
view more: next ›
this post was submitted on 26 May 2024
458 points (100.0% liked)

196

16505 readers
2208 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS