Determining which SSID is being sought for

[veonx]

I have been having issues searching for information about this topic mainly because I cannot think of the proper vocabulary and/or terminology associated with it.
I am trying to find information concerning whether or not it is possible to determine what networks are being sought by wireless devices.

For example: A smartphone or laptop has a list of SSIDs that it has saved for itself, so that when the network comes within range it will automatically connect. From what I understand, there are two methods by which the laptop will know if it is able to connect.
A: The network itself is broadcasting its SSID and such (most common case I think)
B: The network has a hidden SSID or the laptop itself might wish to ping its surrounding networks to determine their identities and decide if it should connect.

I would like to be able to detect which SSIDs (and other connection information) the laptop is looking for, and ultimately be able to replicate the network broadcast using a tool such as Rogue AP or something.

What I really would like to know is if terminology exists for such this idea, because I have had a very hard time finding any information at all concerning this topic, so I feel like I'm missing something. Any help/info about this topic would be much appreciated!

[Mindfak]

Take a look at Airodump-ng.
It lists all the AP's a station is probing for.

[rastamouse]

If you run something as simple as airodump-ng, it will show you 'probes' that wireless devices are transmitting. As you describe, this is the wireless client actively sending out broadcast probes for networks it has previously being connected to. Tools such as airbase-ng can automatically create fake APs using SSIDs it detects from these devices, by sending corresponding probe responses to these requests.

[TAPE]

Here's a decent post I found with some further info and a python script based on tshark.
Have been wondering on how best to do this as well and his script actually works pretty well
(except incorrect dates on my system)


http://blog.rootshell.be/2012/01/12/...l-who-you-are/

[veonx]

Thanks a bunch, guys!
I had managed to get airbase and such up and running, but I didn't know about airdump-ng I will check it out, and I'll check out the tshark stuff too~

[veonx]

Thanks a bunch, guys!

I had managed to learn about the airbase-ng suite of tools, but I didn't know about the airodump's functionality. Thanks! They were exactly what I was looking for

I will look into the tshark stuff too! ^^