placeholder
thoughts and learnings in software engineering by Rotem Tamir

Build a homemade spying machine with a Raspberry-Pi, Firebase and some Python

My favorite characters in spy movies were always the gadget-making-mad-scientists building crazy little machines which help the spy-hero to pull off his amazing feats. Q has always been a much more appealing character than Bond to me, as was Donatello over Leonardo as my favorite Ninja-Turtle.

Cheap new hardware and the quickly-growing “maker” mindset give us a small opportunity to step into the shoes of such childhood heroes.

In this article, I will show you how to build a nifty little device that will allow you to monitor which wifi-enabled devices are present in your home, even when you’re away. We’ll be building a web-based app which we’ll use to view this data from anywhere we have an internet connection. This way you have your Bond-like little device in which you can check up devices which are close to anywhere where you can give it some electricity.

Disclaimer: this article is created for educational purposes, do not spy on your friends and family as it is unfriendly and immoral! (it may also be illegal)

As you may well know, your smartphone or tablet are constantly looking for known WiFi networks as they do so they send over radio waves unencrypted messages known as “Probe” messages to check if any of the wifi networks which they are already familiar with are around. Different devices behave differently, some probe for networks constantly in the background, while other do this only when you open the screen and try to use the internet. The thing that’s interesting to us in this project is that while your device probes for wifi networks it broadcasts it’s MAC-address (a uniqe number identifying itself). If we’re able to listen to these communications, we’ll be able to log who is physically around us, since most people constantly carry their smartphone with them.

Our setup

This is how we’re going to pull this off:

  • We will set up a Raspberry Pi B+ with a WiFi dongle
  • We will run airodump-ng on our Pi in the background to listen for probe messages
  • We will write a small python program to process the out from airodump and send it to a Firebase database
  • We will write a small web-client to read realtime data from Firebase and show us which devices are near our Pi or have been recently.

Setting up your Pi to monitor for probe messages

In order to monitor probe messages we’ll be using a tool called airodump-ng, which is a part of the aircrack-ng suite used for all sorts of wifi-related functions (such as cracking the key of password-protected wifi networks). Let’s install it.

For the purpose of this article, I assume that you have a Wifi dongle which supports “monitor-mode” and that it’s set up on the interface “wlan0”. We create the following shell script which will basically put your wifi dongle in monitoring mode and then activate airodump-ng and tell it to save all output to a .csv file in your /tmp folder.

You can run this in the background, using screen for example.

Use Python and Firebase to make realtime data available

Firebase (recently acquired by Google) is a pretty cool product that allows your to create realtime apps very easily. In our project we’ll be using python to write data about devices (called “Stations”) our Pi will discover using airodump-ng, to a Firebase database and later we’ll write a little angularjs-based app to pull this data and display it in realtime. Cool thing about Firebase is that it lets you create save and read data from the cloud without needing to build a server-side cloud-hosted app, say using Django or Rails.

Go ahead and open a new account at Firebase, they have a free “hacker” plan which is more than enough to get you started.

With airodump-ng running in the background, we will use the following python script to continuously poll the .csv file created by it, format it and then use Mike Huynh’s python wrapper for the Firebase RESTful API to push the data to our Firebase database.

This script should be running in the background on your Pi as well.

Create a simple client to show the data in realtime

In order to view all the data collected by our Pi via the Internet, we’ll create an angularjs based webapp which will display information about devices seen by our Pi. It will only take a few minutes to do with yeoman’s angular-firebase generator.

We won’t go step by step in actually creating the app, for which you can get the code at : https://github.com/rotemtam/pi-mac-monitor (see instructions in the README), but here’s some information about how it works.

The web-app only has one view and a single controller. The controller uses the angular-fire plugin, which allows us to have realtime data in our angular $scope, and have the view be update when the data changes on the server.

View:

Controller:

Summary

That’s it! in less then an hour you can be spying on your house members from afar! Just kidding, respect people’s privacy!