Why is the MAC address returned from nmap different from real MAC address on iPhone? - iphone

I am using nmap to discover devices on my network. I ran nmap -sn 192.168.1.100/24 and it printed out multiple hosts, one of which is my iPhone. However, the MAC address returned from nmap is different from the one on my iPhone (from going to Settings -> About -> Wifi address).
Which one is the real one and how can I discover it?
Also I would like to compare the IP address. I was able to find the IP address for my iPhone using nmap but not able to find it anywhere in the settings next to Wifi address despite websites which shows them next to each other. Where can I find out my phones IP address?

Actually your Iphone has hidden the real MAC address.
You should check Setting -> WiFi -> Info icon next to WiFi icon.
You will see the Private address is turning on.
WiFi-Address field is your result of nmap command.

Related

How do I detect iPhone on network?

I am trying to detect if my iPhone is in the same network as my Raspberry Pi. I would like to execute a script when I am at home and my iPhone's presence is registered in my LAN.
It seems that when the phone is in standby not even the iphone-sync port (6207/tcp) is found. "/usr/bin/nmap -n -sT -p62078 [my phone's local IP]" shows no host. I wonder what else I could scan for. Obviously the phone is online and ready to accept facetime calls (data via 3G is deactivated). Could I accomplish something with avahi which I am using on my Raspberry Pi, or are there other ways.
I've just spent a week beating on this problem so I can refrain from sending SMS home alarms to my wife when she's at work.
Pinging won't work because the iPhone won't respond to ICMP when asleep. Reading the ARP cache won't work because a sleeping iPhone will come and go (check it every 30 seconds for a few minutes).
The only way I have found to 'reliably' determine when my two iPhones are on my local (home) network is to use the PCAP dotnet library to look for any packets originating from either of the phones' MAC addresses. For example, if you run Wireshark with the capture filter
ether src <iphone-mac-address>
you will see a surprising amount of network discovery/announcement traffic from the phone. It still has quiescent states, but so far the longest interval I have seen between captured packets is around 10 minutes. You would have to wait until you have not heard from the phone for some interval (I use 15 minutes) before declaring it not-home.
With this technique you will find a phone quickly when it rejoins the home network, assuming your phone is configured for DHCP. I also use port mirroring on my main Ethernet switch to include traffic from my wireless access points.
I don't have a Raspberry Pi solution for this, because my linux expertise is very limited, but someone else may be able to help you along those lines. I have a Windows Service using the PCAP library and so far it works reliably, with the limitation of waiting 15 minutes before deciding an iPhone has left the network.
* update 2-3-2018 *
I have this detection algorithm down to about 5 minutes, using a combination of ping/arp messages directed to each phone, about once per minute. Seems to work great.
You can find a list of devices on your network by investigating your arp cache.
arp -a
Simply write a bash script to run arp -a at a regular interval, and search for the mac address of your phone.
You could go even further with this and perform different actions depending on what brand of device is connected.
The first 3 hexadecimal digits of a mac address are the vendor id.
Take the following mac address:
00:19:E3:AB:CD:EF
00:19:E3: is one of the registered mac address for apple devices.
By comparing the devices on your network with this list, you could detect when for example a '3com' device, or a 'dell' device attaches to your network.
http://www.coffer.com/mac_find/?string=apple
You can do "arp-scan -l -r10" for that (tested this myself), but the problem is if mobile data enabled the iphone will go and suspend wifi if screen is locked to safe battery. so you need to disable mobile data .. then arp-scan will work.

Is it possible to get the SSID & MAC Address of Currently connected WiFi Network in an App

I am looking for a way to get both the MAC Adress and the SSID of the currently connected WiFi Network in my project. I have used Tony Million's Reachability to decide when the user is on a WiFi network or not and was testing Kenial's NICInfo only to find out that it only provides the iPhone's WiFi MAC Address. Although both projects helped greatly in there own way, they do not get the job done.
I am wondering if there is a public API (for certain Apple App Approval) or some back door to achieve this.
This involves a few different things:
Getting SSID - This is independent of the MAC address issue. For this, check this SO answer: iPhone get SSID without private library. I don't know what the etiquette is regarding re-posting code from other answers so I'll just link.
Getting MAC address - since the majority of networking operates at Layer 3 (which is called, who would have guessed, the Network Layer - http://en.wikipedia.org/wiki/OSI_model) and the MAC address is at Layer 2 (the Data Link layer) you'll first need to get the IP address of the gateway of the WiFi interface. Just a side note - the question should be phrased as 'How do I get the SSID of the currently connected WiFi network and the MAC address of the WiFi router/gateway'. Anywho, to get the gateway address, see this SO answer: How to get the WIFI gateway address on the iPhone?
Once you have that, you need to convert it to a MAC address using ARP (Address Resolution Protocol, which is the protocol that all networks use to convert IP addresses to MAC addresses). Network interfaces don't communicate via IP, they communicate via MAC, so this actually happens everywhere, all the time. It's actually pretty easy to access the ARP table on a PC/Mac. For iOS, I found this SO answer to convert an IP address to a MAC address: Getting ARP table on iPhone/iPad

Finding IP Address for IPhone

I am working on IPhone. I want to know how to find a ip address of a iphone through USB/3G not on wifi.
I am aware of seeing IP if it is connected through WiFI.(Going through settings and looking under Wifi)
But i need IP through USB / 3G. what i did means i used personal hotspot and i connected my iphone to PC through usb. I got an IP.
But when i added one more Iphone with same hot spot enabled and connected through USB i am getting like unidentified network.
By using whatismyip.com site i am getting an ip . but i cant do anything with it. I am unable to reach my iphone with the provided ip of that site.
So can anyone kindly provide information on how to look for IP of multiple Iphones connected to same PC.
The purpose is to communicate to muliple iphones with their IP's.
Thanks a million in advance.
Unfortunately the responses are not completely correct. In a 3G/4G network every device gets an IP address, but THAT's NOT the IP address that you see when going to sites like www.whatismyip.com. That's the address that the Telco presents to the external world, not the device IP address.
Telcos such AT&t, Verizon, Telefonica and similar assign a "private" IP address that is only valid in their network. This is similar to the internal IP address that you have in your phone when connect to the house wireless, but if you check in www.whatismyip.com you get the external IP address of your wireless router (You can check that those are different addresses). What Telcos do is known as NAT or PAT. The reason is that the current version of IP has a very limited number of available IP addresses, and all those million of devices cannot get public IP addresses (like the one you see in whatismyip.com). Actually several devices share that external IP address.
Unlike Android devices where you can get the IP that the telco assigned to the device, iOS does not present that information to the user (unless you jailbreak the device or have an App).
Although the address that whatismyip presents is not your real IP, it is the one that the external world recognizes so it suffices for most purposes.
What you see on whatismyip.com is the IP address you get from your mobile provider, on which it depends what kind op IP you get. Very often 3G networks are NATted, meaning that you get an IP address from the range 10.0.0.0/8 which cannot be reached from outside.
Using www.whatismyip.com should definitely give you the correct address?
What address did you get when it came back?
How did you verify if this was your iPhone's address? I assume you don't have a firewall installed on your iPhone? Hmm, other thing is your provider is doing some kind of filtering, NAT-ing, or other tomfoolery. If you don't mind me asking, what exactly are you trying to achieve here? Are you trying to run some kind of server-style app on your iPhone? Or do you just want to get a connection between the iPhone and a server - might be easier to initiate the connection from the iPhone side.
You should check if it's at your provider's IP block range - an online whois check should tell you that (www.whois.net).
How did you test whether this was your iPhone's address?
Other option is just to have your iPhone hit a server that you control (using 3G), and check the server logs.
Or just make things easier, and use an app to tell you - e.g. iStat:
http://bjango.com/iphone/istat/
which will give you your cell (3G) IP address as well.
Cheers,
Victor
There are two types of IP addresses:
Private IP address (your device IP that you get it from your home Wi-Fi router or from your Teleco provider router to speak to those two routers).
Public IP address (your home Wi-Fi router and/or from your Teleco provider router which they will use it to allow you to speak to another person on the Internet).
**NOTE: Without Public IP address, you cannot speak to people who are on the Internet.
Now both (your home Wi-Fi router or your Teleco Provider router)they have something called DHCP, or Dynamic Host Configuration Protocol. This protocol is used to allocate private IP address to anyone connected to local network (either home Wi-Fi or Teleco provider).
That means both (home Wi-Fi router and Teleco provider router) have one single IP address called Public IP address to allow you to speak to outside world, but first they need to give private IP address to able you to speak with them (your home Wi-Fi router and your Teleco provider router).
If your iOS connected to your home Wi-Fi, then you will have a Private IP address:
1- Go to settings.
2- Click on Wi-Fi.
3- List of Wi-Fi networks will be appeared.
4- Click on your Wi-Fi network name (known as SSID).
5- Click on the blue circle of the exclamation mark on the right side of your Wi-Fi name.
You will see your Private IP Address there very clearly.
Now if your iOS device is not connected to any Wi-Fi network, but it connected to your Teleco provider, then you cannot see your private IP address.
I am sure there is a way to see your Private IP address that you got it from your Teleco Provider DHCP. You have to search from internet or ruin your device by jailbreak it.
For the Public IP Address (no matter if you are connected to your home Wi-Fi or your Teleco Provider), go to your internet browser (e.x. google chrome) and type: "What is my ip address". The result will be between your hand in fractions of seconds!
Now Back to your question:
If you connected two iPhones to your PC and both have hotspot enabled, that means your PC USB ports will handle two IP Private addresses because your iPhones will act as your home Wi-Fi router.
if you have windows OS in your laptop, then go to windows CMD terminal and type:
ipconfig
the CMD prompt terminal will give you number of IP address, there are your two Private IP addresses from your iPhones.
Now if unidentified network message still there, open RUN in your windows OS and type [ ncpa.cpl ], it will take you to network connection setting section, right click on one of your iPhones networks and disable it, keeping the other enabled.
I hope it is crystal clear now.
When the phone is the hotspot for the Telecom cellular provider it actually being used as a Router therefor if you connect laptop to that hotspot you can open network setting on the laptop to view its tcp/ip settings and see the ip of the laptop and the ip of the Router which is the IP of your Phone.
The Ip is a private one, you can ping to it or do what ever you want.
Example of connecting Iphone to Mac Xcode wirelessly:
share personal hotSpot from your phone.
connect your laptop to your phone private network using wifi, search for the ssid you set in your phone and set a correct password.
in Mac go to System prefences->Network->wifi connected->Advanced->Tcp/Ip
copy Router Ip - this is your Iphone private Ip.
In order to connect Xcode to Iphone wirelessly you first need to connect the phone with usb, open window->device and simulators, select your phone and set checkbox "connect via network"
Now if the phone is disconnected from the Mac and the private network is shared as explained, you know the phone Ip, then you can select the phone in Xcode (it remember phones that were connected), open window->device and simulators, select your phone , click on it to get menu of options, select "connect with ip", provide the ip you saw as "Router" previously.
Thats all, hope it'll help somebody.

iPhone proximity detection using wifi

As my iPhone automatically joins my home network once I get home and press the main button, I thought this could be used as a trigger for some home automation ideas I have,
especially disarming the alarm system for example.
I could detect the iPhone by pinging the broadcast address with a script and then look for it's MAC address in the arp cache, but this would have to be done every 15 seconds or so
to be of any use. This really doesn't seem like the most elegant solution though.
Can anyone think of a better way to implement a check like this? I suppose one could assign an IP address dependent on my MAC address, then I would know what to ping, and could thereafter check the MAC address to keep things secure.
Just suppose I cannot assign a DHCP IP based on MAC address, as the problem
of being able to find the MAC address on the network is the part that really interests me.
Secondly I noticed with tcpdump that the iPhone seems to talk to itself all night, but only some sort of Ethernet frames:
23:59:59.740097 00:26:08:ae:ed:eb > 00:26:08:ae:ed:eb, 802.3, length 70: LLC, dsap Null (0x00) Individual, ssap Unknown (0x20) Command, ctrl 0x33: Unnumbered, 23, Flags [Poll], length 56
This happens every 2 minutes.
How could I monitor this traffic so that my "home" knows I am still there using a program? Could be good to automatically alarm the house when I am no longer there...
I think your router here should be the point of control... If you can log the devices that are logged on to the router you can disable your security based on that info.
If you have an openWrt compatible router http://wiki.openwrt.org/toh/start you can certainly extend to get the functionality you want.
Here is a link plugin for the indigo home automation server that does what you want to do bij logging the info from his router. http://www.perceptiveautomation.com/userforum/viewtopic.php?f=19&t=6876&sid=07a351fa04c2eadcd2d3813afc72ae5a
Note: it's really easy to spoof a mac address so might be interesting to have some other verification too :-)

Is it possible to connect a socket between two mobile devices (iPhones) over the internet?

Is it possible to connect a socket between two mobile devices (iPhones) over the internet?
I am trying to discover the IP of each device and connect directly. I know it can be done with Bonjour but that only works on local networks. I need a high speed connection between two devices over the internet.
Thanks.
If you had both the IP's and they were both routable, it should be possible. I'm not sure though if the IP's given out by the 3G network are routable. If you are using WIFI, the IP you get is almost certainly not routable. Assuming you have a routable IP though, it should be possible.
The trick is just discovering the IP of the other device. The best way to do that would probably be to have each device register its IP with a web service when your app starts up, then query that service to find the IPs of other devices.
It might get a bit tricky managing "unregistering" IPs when the app is closed or when an IP changes though, but it should be doable.
ETA:
If you have a server that they can both connect to, you should be able to implement a solution using that server (i.e. without the phones actually directly connecting to each other). This would avoid the issue of having routable IPs for the phones.
As for how to bridge the sockets together - your server program would basicly work like an old-school phone switchboard operator. You'd have some kind of registration & discovery protocol built into the server software that would allow a phone to register itself with the server, query a list of the other phones currently connected to the server, indicate which phone it wants to talk to, and accept connections from other phones.
Once it knows who wants to talk to whom, your server software would connect the two together by reading from one phone's socket and writing that data to the other phone's socket.
Only a suggestion, but if you can get each of them to connect to a third site, you'll then know the address of each. Send the address of phone A to phone B (and/or phone B to phone A) and then have them connect as you see fit.
Have you looked through all the 3.0 features? Specifically peer networking (the existence of which is public).
WiFi routers often have a feature called "Port Triggering" which allows internal hosts (in this case an iPhone) to inform the router that they would like to have a connections on particular port forwarded to them. I have no idea if the iPhone supports this protocol.
For IP lookup you may consider using DynamicDNS if the two hosts are known ahead of time OR as stated above a custom web service if they are not (i.e. friends exchanging hostnames vs. strangers discovering each other)
This is an old thread, but I just came across it. You could use a STUN server (or NAT-PMP) to get the public IP address/port combo and then SMS it over to the other phone. So long as you open a listening port on the first device, then your second device can just connect directly using the publi IP address/port you sent to it in the SMS (SMS push registry can automatically wake up your app on the second device to do this)
I have run into this issue with an app I was developing. I was trying to connect to a PC cell card from an iPhone. The problem is that AT&T doesn't enable mobile termination for iPhones so it is physically impossible for two phones on an AT&T network to connect to one another. This is straight from an AT&T antenna engineer.
I was able to get this to work by having the iPhone VPN into a server and then connect to the PC cell card but other than that, it wouldn't work.
I have a very strong feeling (but no evidence) that the iPhone address is going to be non-routable. Of course it actually depends on the operator but AT&T give out 10.x.x.x addresses.
Apple have sample (desktop) code that uses Bonjour to implement portmapping on a WiFi router that supports UnPnP.