Home

MotionCompass App

For the Android app used in our experiments, please check APK

Requirement

  1. Rooted Android Devices with WiFi Montior Mode enabled

  2. Kali NetHunter 2020.1 or later version ROM installed

  3. BusyBox 1.33.1 for Android system-level support

  4. Android 5.1.1 or later version

  5. Screen resolution: 1920 (L) x 1080 (W)

  6. Support libraries (including busybox, OUITABLE.TXT, aircrack-ng suite, mdk3, reaver, wireless tools, libfakeioctl.so) should run on current OS command line

Modes

The app can automatically compute the user’s movement speed and the walking time for each motion path. The app currently has 2 operation modes: auto mode and manual mode.

With auto mode: the app will scan for the hidden camera, find its MAC address, and then sniff the traffic associated with the MAC. When the user initiates walking, the app can determine when to start/stop (each motion path), calculate the corresponding distances, and finally give the results after performing walking along 3 motion paths.

With manual mode, the user needs to monitor the traffic using other wireless traffic sniffing tools, e.g., aircrack-ng. The user need to manually start/stop walking motion paths according to the sniffing results. By inputing the parameters (distances) into the app, the app can then calculate the camera’s location.

Auto Mode

The auto mode uses SU library and aircrack-ng to provide a solution to pinpoint the wireless camera. The local dependencies listed in the “Requirement” section should be installed. Also, the phone should operate in the monitor mode. Click “Scan” to search for the MAC of the wireless camera; click “Start” to introduce motion; the localization result will be popped out when the three motion paths are generated. The app detects when the camera stops generating wireless traffic, so that the user can stop the current moth path accordingly.

The following is an example of localization result:

The localization result

Manual Mode

In case that the employed wireless camera model has not been included in the design of the app, auto mode thus cannot get correct scanning results or returns no result, the user can then select manual mode. The following figure shows that the app detects no camera.

Enter the manual mode if no camera found.

Troubleshooting

1. SU binary not found error

MotionCompass needs root privilege. On startup, the app executes a which su command. If you get this message, this command fails. It expects a su binary file, which is a shell executed with root privileges. You may need to check the following items: check if you are rooted, or whether your root solution provides a su binary in a PATH accessible directory.

2. Directory ‘result’ could not be created

This means that the app fails to create the result directory. This is usually because you are not given any permission at the beginning.

3. Working on non-ARM Android devices

This app is designed and tested for ARM devices. All included binaries and libraries are compiled for that architecture and may not work on anything else. If you get this message, you need to install the following packages in a PATH accessible directory manually, including busybox, aircrack-ng suite, mdk3, reaver, wireless tools and libfakeioctl.so library. You also need to set the ‘Prefix’ option for the tools to preload the library they need, using LD_PRELOAD=/path/to/libfakeioctl.so.

.