通过公用免费WIFI搜集登陆手机数据
需要获得telnet到linux的shell(穷举或尝试超级密码)
并且busybox裁剪后/bin /sbin 下有iwevent,iwlist,udhcpd三命令(没有也行,只是不方便).
1. 利用提供iwevent命令实时查看wifi接入连接(默认不能退出):
/ # iwevent& ((+&,可用ctrl+c退出命令,重回shell))
Waiting for Wireless Events from interfaces...
12:11:06.805989 wlan0 Registered node:F0:E5:8E:39:B2:51<--------------------- 接入时间 + 手机物理地址
12:13:34.632241 wlan0 Expired node:F0:E5:8E:39:B2:51
12:14:03.315934 wlan0 Expired node:F1:E6:1E:71:B9:54
2.利用提供udhcpd命令查看历史接入连接:
/ #udhcpd
info, udhcp server (v0.9.7) started
info, Attaching option lease to list
info, Attaching option subnet to list
info, Attaching option router to list
info, Attaching option dns to list
info, ADD 9c:xx:x:ax:5x:xd 192.168.0.101 75178 Computer android-d5d1a1b2243a345d <---------------------手机物理地址 + 设备名(系统)
info, ADD f0:5a:09:ed:5b:2c 192.168.0.103 75175 Computer android-41efe72245a691a1
info, ADD 60:xx:xx:xx:x5:xx 192.168.0.102 75135 Computer android-4fcfe4a41a667a2
info, br0 (our ip) = 192.168.0.1
info, adapter index 24
info, adapter hardware address xx:1x:23:xx:71:xx
info, interface: br0, start : c0a80064 end : c0a800fe
......
3.更有趣的是iwlist命令,能搜索附近的wifi信号~:
/ # iwlist wlan0 scanning
wlan0 Scan completed :
Cell 01 - Address: xx:xx:xx:x2:x7:xx
Protocol:802.11b/g/n
ESSID:"Cx_adfE"
Mode:Master
Channel:1
Quality:26(信号质量值) Signal level:0 Noise level:0
Cell 02 - Address: xx:x1:xx:xB:x:xx
Protocol:802.11b/g/n
ESSID:"CHINANET_xx"
Mode:Master
Channel:13
Quality:26 Signal level:0 Noise level:0
Cell 03 - Address: xx:1x:Cxx:xx:xxx:xx
Protocol:802.11b/g
ESSID:"ChinaNet-xxxx"
Mode:Master
Channel:2
Quality:24 Signal level:0 Noise level:0
Cell 04 - Address: xx:1x:Cxx:xx:xxx:xx
Protocol:802.11b/g
ESSID:"ChinaNet-xxxxx"
......