I have a WiFi network with several mobile devices/smartphones (e.g.: iPhone, Samsung). I know their IP addresses, but wish to identify them programatically from my PC without installing any app on them (e.g.: "noldS2" - "GT 9100" - "Android 2.3.5" .. friendly name - device name - os)
There were various methods described on the internet, but ActiveSync seems to be the best. I've investigated and attempted to connect to the devices using OpenNETCF, RAPI [...] without luck. (I've also investigated other methods like port scans which seem less accurate.)
How could I use ActiveSync to programatically identify the mobile devices connected to WiFi from my PC without needing special apps or permissions from them?
Presumably you're going down this path because ActiveSync clients must pass the server a Device ID string during their session handshake, I don't see any way to accomplish that because that conversation will always occur over HTTPS and will therefore be protected from snooping. Even if you could get the device ID it won't tell you the operating system version or anything like that.
I think you'll have to use another technique, and I'm not sure what that might be.
Every mobile device connected to ActiveSync should store quite some information: http://msdn.microsoft.com/en-us/library/ee202944(v=exchg.80).aspx including: http://msdn.microsoft.com/en-us/library/gg675629(v=exchg.80).aspx
As mentioned by #brian-kelly you should be able to get the needed information from the devices HTTP request user-agent string. Put your PC's wifi card in promiscuous mode and process the collected data.
Related
I am trying to develop an Android (server) app that will accept TCP connections directly from the Internet. I tried this a couple of years ago with no joy. Is this even possible?
I asked this question differently way back then, on StackOverflow and elsewhere, and never got a satisfactory answer. The answers fell into two categories:
No, you can't
Most authoritative answer given: Most carriers won't route connection requests to mobile devices.
Yes, you can
These answers did not provide details or examples to help me.
What I Tried
I can successfully get my mobile device's external IP through various means. But this is only part of the puzzle. See Note 1 below.
I created a ServerSocket that listened on a port (e.g., 2000). But the app would not accept connections from the Internet on this socket. Apparently, this socket was listening on the local (internal) network of the device (i.e., 192.168.1.0).
I was able to connect from other apps on the device (which are on the same subnet).
I was also able to connect through a NAT router in my shop that translated Internet addresses to my device's local net. But this doesn't help me in the field (where no router is available). See Note 2 below.
I tried asking AT&T customer-support-type people but I don't think they understood my question.
Notes:
Yes, the device's IP address can vary with time or location, but I can always get the correct and current IP through various means (e,g., whatmyip.com, etc.). Nontheless using the current device IP doesn't work either. BTW - my public IP has never changed. Thus, for all intents and purposes, my IP is static. In any case, the IP issue is a well-flogged horse, I am fairly sure that this is a ROUTING issue, not an IP address issue.
I can connect via WiFi because my Internet modem/router offers DHCP connections on the back side via Wifi on the device's local subnet (192.168.1.). My device has address 192.168.1.65, therefore I can connect to it without ever going through my carrier.
AT&T tells me that I cannot buy a static IP for a mobile device (update 9/23/19).
My Current Theory (9/23/19)
It is my current humble belief that there is a NAT-like entity at play here. Either:
The public IP actually points to a NAT router at AT&T HQ.
The device has a built-in NAT-like router
In either case, under this theory, inbound TCP connections are not forwarded to the device's local net, but outbound connections pass through just fine.
Summary
Maybe the answer's still the same, but I thought I'd ask again in case things have changed or somebody's got some better insight nowadays,
It's true that you can't establish any TCP or UDP connection which is listening behind the main network (i.e. behind the NAT). Nowadays all the ISP allocate a private IP to every device (due to shortage of IP) connected to it hence creating a private network of devices behind NAT. (After the complete adoption of IPv6 the situation will change with every device becoming the part of main network)
Since NAT doesn't allow an inbound connection, the problem is solved using some of the NAT traversal technique such as:
Port forwarding
TCP/UDP Hole punching
In the Port forwarding process, we need to deal with the router setting which will forward the connection on a specific port to the same port on the internal network node. It is mainly used in gaming, VoIP, and p2p application.
In Hole punching technique (no need to deal with the router setting) we use an external server which is not behind any NAT to get the IP address (both public and private) of the devices which are behind NAT. Further, the two hosts create there own outbound session among each other in their respective NAT devices. Since the NAT devices allow the outbound session, the session is stored, and this same session is used for further two-way communication.
More information about Hole punching.
(UPDATED 9/26/19)
I am posting this "answer" not so much as an answer per se but rather to solicit constructive criticism and/or affirmation. Any statements I make below should definitely be implicitly prefixed by "I humbly believe that...".
Yesterday, I had a personal epiphany. I finally got it through my thick skull what some responders were saying. I present my new understanding below.
Heretofore I believed that AT&T's Mobile Data Network was just a direct extension to the Internet implemented with cell sites and trunk lines. Now I realize that it is a closed, private data transport mechanism. Since it is owned by AT&T, they can implement whatever protocols they choose to, including "private" data connections from their head-end to my registered phone. These connections are analogous to the LAN-side ports on a typical desktop NAT router. The head-end (i.e., their NAT router) is the only entity that can be accessed from the Internet.
The head-end connections between the Internet and my phone are over these AT&T-private connections. The "public IP" reported for my device (and, I believe, nearby devices) actually points to the AT&T head-end, in my case a 150 miles away in Miami). The head-end fowards outbound connections from my phone to the Internet, but does not forward inbound connection request.
About my "Public IP"
I believe that this doesn't exist and is, in fact, a meaningless concept. What would be the point of such an address if you cannot connect to it.
Summary
I now believe that the answer to my original question is "No way, Jose". This is not due to an addressing issue, but rather AT&T will not route incoming connections to devices. They also do not offer static IPs for devices over their private network (this wouldn't make much sense anyway given the above).
IF ANY STATEMENTS IN THIS PROTO-ANSWER ARE INCORRECT, PLEASE PLEASE LET ME KNOW WHICH ONE AND WHY IT IS INCORRECT
It depends on what type of IP your mobile phone provider assigns you
For your mobile device to accept TCP connections from the outside, it is only possible if your provider assigns you a public IP, but this is increasingly unlikely since given the shortage of available IPs many providers assign a private IP, like if your phone were inside a LAN, in this case your TCP port is unreachable from the outside.
Websites like whatsmyip tells you the public IP with which your provider finally connects you to the internet but it may be different from the one your provider assigns to your phone.
To know if you are in a private network install from Play Store an app called "PingTools Network Utilities".
When you start it you will see the IP of your phone, if it is different from the whatsmyip IP or is an IPV6 one that means that your provider assigns you a private IP, an unreachable one.
... always talking about connections through the cellular network and not through WiFi
Write a simple client for DynDNS or alike, in order to provide it with name resolution. Then you can serve pages with NanoHTP - or raw sockets. If you're behind a DSL router, you may need to read the external IP with TR-604 (unless DynDNS might eventually return the source IP) and setup a NAT port-forward for the incoming traffic on port :80. At home this is easier to setup than through UMTS, because some UMTS networks don't have public IP addresses, but may have private IP addresses.
I want to give a non - technical answer as I myself am not very proficient with network theory.
One thing is that Internetproviders usually expect extra cash if you want to run a server - hence the forced disconnects on consumer subscriptions like DSL(changing IP in the process).
Next thing is that establish a connection and send data out to a server is very unreliable on a mobile device. You can have android check if you have network. If it says no you don't need to try it - no means no. But yes doesn't mean a thing!
I write software for asset tracking using android. Usualy I want to send like one location per minute to that server. So I try to open a port. Android blocks on new Socket and it can go for like 2 Minutes until a timeout occurs even if I checked with ConnectivityManager right beforehand and it got me isConnected() == true.
And if I have a socket and even received something a second ago: I can write to that socket and get no error but get no answer, write again, no error no anser again and again.. And after like 2 minutes I get a whole bunch of errors in the log all at the same time.
When sitting in the bus visiting my mother is like driving through a 3rd world country judging by the internet connection. It might say 4g and 3 bars but chrome won't load page OR it says 2g and only 2 bars yet browser has no problems at all..
The whole android network-os (and I guess apple has to do it quite the same) is programmed more like: "here android I want to send this" and android saying "Ok" but thinking "I will send it as soon I feel fit to do so" :D
you need a static ip(public ip) address for that .
Mobile device ip address are not static so u cant .
To make it work .
Run a web server on a static ip & route the queries to your app (tunnelling).
When android app starts ,you android app needs to register with web server .
Now server knows your android device availablity ,the queries from other end will be be rediredcted.
can someone confirm, that it is possible to create a web server on android device ( which uses 3G or 4G internet ) and access it via internet ( from the remote PC connected to the internet, not from the same local network ).
I know there already are some web servers for android ( iJetty, nanohttpd ) and the programms like ksweb, so it seems, that it should be possible.
However, I've done some searching in the internet and some people warn, that mobile devices work using NAT protocol, so it would be impossible.
Can somebody resolve the ambiguity?
Thank you in advance.
No, it is generally not possible. The dealbreaker problem is not with Android, but rather that just about any mobile network provider is going to block incoming connections.
For special purposes, you can do things like have the phone contact a publicly visible remote machine and create a tunnel with something like ssh through which inbound connections can then be sent if there is a server program listening on the loopback interface of the Android device. But this tends to be only useful for things like remote testing.
Were you using wifi you could do this, but you'd need to accept that Android is not designed to promise a high availability of any 3rd-party program. You would need a wakelock to keep the processor running. And you may even need to do things like periodically initiate outbound traffic from the device in order to keep the wifi stack/radio in a fully active mode so that it can accept connections.
Generally speaking, data you want to make remotely available from the device should be proactively uploaded to a mutually visible server. If you want to send requests to the device, look at using something like Google Cloud Messaging which is designed to wake up the device and a recipient application on it in order to deliver a brief message.
Some background information:
I have a certain yet to be released tablet and sadly the people who designed it seemed to have removed TelephonyProvider.apk
Here's how I've reached that conclusion :
When I go to More... in WIRELESS & NETWORKS there are no options to change APN, VPN or access Mobile networks. (Please note that the table has no facility to lodge a SIM card) However, on my Karbonn ST10 (Android 4.1.1) all these options are found. The certain tablet is currently on Android 4.2.2
When I used an app called APN shortcuts I was able to launch the APN configuration screen, however every time I changed the MCC or MNC number, the APN could not be saved and was deleted.
When I tried to read the contents of content://telephony/carriers I received a NullPointerException.
Questions:
What is the purpose of TelephonyProvider.apk?
Will it be possible to install it without root access? If so, how? (I'm pretty sure this can't be done, but if someone else knows a magical method please enlighten the world)
Can 3G data connections via dongles be established on this device which seems to be missing TelephonyProvider? Or will the ROM have to be edited and TelephonyProvider be installed.
I'm pretty sure this is a programming question, but if it belongs on Android Enthusiasts, please move it.
It's just an apk... you should be able to sideload it with adb without root with adb sideload <your apk>. It would just be removable since its not it /system/app, ie built in with the ROM. If the makers of your device disabled certain features on the device, which would explain possibly why those menus do not display in the Settings app, then TelephonyProvider may not be all that you need to get the connections you want to establish working.
Hope this helps.
Update:
These features are probably disabled on the device you are using. based on what you described.
From the PackageManager documentation.
FEATURE_TELEPHONY Feature for getSystemAvailableFeatures() and hasSystemFeature(String): The device has a telephony radio with data communication support.
FEATURE_WIFI Feature for getSystemAvailableFeatures() and hasSystemFeature(String): The device supports WiFi (802.11) networking.
I have been reading a number of posts here on stackoverflow about android not having unique identifiers. But could I not use the MAC address of the device as a unique id? If not, why not? If yes, does anyone know how to get it programmatically (i.e. a piece of code [please])?
FYI:
My app requires network so devices without networks won't be able to install it.
But could I not use the MAC address of the device as a unique id?
Not 100% reliably.
If not, why not?
Here is what Google has to say on the subject:
It may be possible to retrieve a Mac address from a device’s WiFi or Bluetooth hardware. We do not recommend using this as a unique identifier. To start with, not all devices have WiFi. Also, if the WiFi is not turned on, the hardware may not report the Mac address.
Also, you are assuming that all devices will accurately report the MAC address by one means or another. I would assume that custom ROMs, and perhaps rooted devices, might be able to spoof the MAC address. This may or may not be a concern for you -- I'm just pointing it out.
My app requires network
At best, it can require WiFi. It cannot require that WiFi is turned on.
does anyone know how to get it programmatically (i.e. a piece of code [please])?
See this answer.
MAC is unique, but can be spoofed by the user to any value, which would make it very insecure. If that's not a problem, you're probably good to go !
I'm currently doing some research about my project, a smartphone tracking native application, and I have four questions. Links to any material I can read up will be greatly appreciated, and the most useful/comprehensive response will be accepted.
The primary target smartphones are the Android, Blackberry and iPhone models.
For starters I found out here Uniquely Identify an Android Handset that IMEI can be used to uniquely identify Androids but I think I once read that it can be faked. I don't know about the iPhone and Blackberry.
What's the most reliable way to uniquely identify the smartphone device, if any? Can MAC addresses work or is it possible to spoof that? Can IMEIs truly be faked?
Is it possible to "lock" the device with a custom error message remotely via its unique identification, once the device is reported as stolen? This lock state will remain on the phone even when disconnected from the network, until it is reconnected to the network and unlocked remotely once again.
Assuming such a remote phone lock is possible, can such be reversible by the thief? The native app will run in stealth mode so that it cannot be uninstalled.
Can a cross-platform solution work in this case, or will I have to develop various native apps per platform?
EDIT:
Some more context. As Till rightly said, Apple's "Find my Phone" does this exact thing already (I am just finding out about it, but it looks like a perfect fit already). The user who is choosing to install the app is informed that the phone will be uniquely identified if they do install the app. As for locking the device, "Find my Phone" does it (I gather). Now I need to know how that might be possible on the two other platforms.
With regards the iPhone side of things:
You aren't allowed to uniquely identify the iPhone like that. Apple have just forbidden it unless you get the user's permission first. So if they refuse you permission, your app won't function and you'll need to find another way.
No, you can't do that.
See 2. Also you can't run an app in "stealth mode"
See 2.
Only the network operators can talk to the handsets on an IMEI level. The IMEI number IS the MAC address of GSM networks. However, you can't access that unless you have control of the network. Sure you can get the IMEI from the user, but you can't use that to locate the phone. On CDMA networks this address is called the MEID number.
But there are other ways:
You can get location data on either platform with the users' permission. This is the way you should think about developing your application. You'll want to assign a UUID to a user once they download and install your application on their phones. You can then have the phones report to a server every so often (heartbeat). As long as the phone is powered on and connected to a network, the user would be able to locate the phone.
You can also get the phones IP address on the network, among other things -- such as contacts, messages, files, cache data etc..
On Android it's pretty easy to implement this kind of functionality as a service that could would only be visible on the packages page. Further, if you have root access, you can write whatever kind of rootkit you want such that it hides itself from the system. Same with a jailbroken iPhone. I am not as knowledgeabe about iPhone services though.
Either way, the only cross platform compatibility you'd be able to exploit would be perhaps the way data is sent and received from the server. You could use some standard such as JSON to send and receive data (and hence the same server). Although, both platforms have JSON and Apache libraries, the other parts of the apps or services themselves will need to be completely and dependently developed for each platform (UI, Internal Content Handeling, Syscalls, Permissions, etc).
You can remotely lock, wipe, factory reset, etc. Android devices using the security and device administration Android system interface. This still requires the user to grant permission and it asks them an a more.. obnoxious.. way so that they know what exactly they are agreeing to when they give an app device administration permission. If you ever use an exchange server for business or school, it's likely you'll run into this.
I am unsure about remote iPhone device administration on a jailed system.
If you really want something that can't be removed lest you do a factory reset, you'll need to know a thing or two about Unix programming, and a lot about the operating systems that their respective SDK's don't (and probably shouldn't) tell you. You'll need to be comfortable poking around sources and even reverse engineering if called for. If you're still interested, you'll want to hang around the circles that work on custom phone firmware and software for the iPhone, and Android (and Blackberry). I would start with Android. It's probably the easiest since the sources for the AOSP are easily and legally available.