Skip to content
Discover what your phone does on the Internet.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
misc
openwrt
src
www
LICENSE
Makefile
README.md

README.md

Device Observatory

The Device Observatory shows the activities of WiFi devices on a network on a local website. It is meant to raise the awareness for private data leaking from devices such as smartphones.

This also includes a package for OpenWrt. The package will create an WiFi Access Point for your phone to connect to. You can track your devices activity on a website on the router. External devices will only see their own data for privacy.

Pull Requests are welcome!

logo

Features:

  • Devices accessing the info page only see own data (except for the local host)
  • Shows MAC address, DHCP device host name, device manufacturer
  • Shows accessed domains, IP addresses and ports
  • Shows first/last time a website was accessed
  • Show SSIDs from active scanning
  • Show traffic by destination

Usage

  • --dev device
    Device to parse war ethernet packets from.
    This option may occur multiple times.
    E.g. wlan0

  • --mdev device
    Device to parse raw wifi packets from.
    This option may occur multiple times.
    E.g. mon0

  • --mac-db file
    MAC to manufacturer database.
    E.g. macdb.txt
    Default: disabled

  • --port-db file
    File to map port numbers to human readable names.
    E.g. /etc/services
    Default: disabled

  • --json-output file
    Ouput all data as JSON file.
    Default: disabled

  • --device-timeout seconds
    Timeout device data after last ethernet activity.
    Default: never

  • --track-localhost [1|0]
    Track localhost as an device.
    Default: on

  • --webserver-port port
    Port of the build-in webserver. Set to 0 to disable webserver.
    Default: 8080

  • --webserver-path path
    Root folder for the build-in webserver. Usually not needed as all files are included into the binary.
    Default: internal

  • --help
    Show these options and help text.

Build On Linux Based Operating Systems

Install dependencies for compiling:

apt install libpcap-dev libmicrohttpd-dev vim-common
  • package libpcap-dev allows to capture pakets
  • package libmicrohttpd-dev is an embeddeable webserver
  • package vim-common contains the xxd tool

Get source code:

git clone https://github.com/mwarning/device-observatory.git
cd device-observatory

Compile:

make

Start program:

./device-repository --dev eth0

Here, eth0 is an example interface. Normally you would create an Access Point WiFi interface (e.g. --dev wlan0) and an optional monitoring interface (e.g. --mdev mon0).

To see the data captured by the program, go to localhost:8080 or 192.168.1.1:8080 if the program runs your router.

Create WiFi Access Point

TODO

Create monitor mode interface

A monitor mode interface can be used to get all raw packets from the air on a specific channel. This is needed to detect SSIDs from scanning by phones/devices. Do iw dev to get a list of physical wireless devices.

iw phy phy0 interface add mon0 type monitor
ip link set dev mon0 up

On OpenWrt, this can also be done via the create_monitor setting in /etc/config/device-observatory. The mon0 device will be appended as --mdev mon0.

Build for OpenWrt

See the OpenWrt build instructions page.

Update macdb.txt

Console command to load the official database and create a stripped down database that is more usable:

curl http://standards-oui.ieee.org/oui/oui.txt | awk -F'[[:space:]]+' '/^[A-F0-9]{6}/{ printf("%s", $1); for(i=4; i < NF; i++) printf(" %s", $i); printf("\n"); }' > macdb.txt
You can’t perform that action at this time.