Merge pull request #1059 from justcallmekoko/develop

Capture and parse SAE commit frames

.github/workflows/build_parallel.yml

@@ -34,7 +34,6 @@ jobs:
           - { name: "Marauder CYD 2432S024 GUITION", flag: "MARAUDER_CYD_GUITION",     fbqn: "esp32:esp32:d32:PartitionScheme=min_spiffs",                                                    file_name: "cyd_2432S024_guition",    tft: true,  tft_file: "User_Setup_cyd_guition.h",           build_dir: "d32",                        addr: "0x1000",   idf_ver: "2.0.11",   nimble_ver: "1.3.8",    esp_async: "bigbrodude6119/ESPAsyncWebServer",    esp_async_ver: "master" }
           - { name: "Marauder CYD 2432S028 2 USB",   flag: "MARAUDER_CYD_2USB",        fbqn: "esp32:esp32:d32:PartitionScheme=min_spiffs",                                                    file_name: "cyd_2432S028_2usb",       tft: true,  tft_file: "User_Setup_cyd_2usb.h",              build_dir: "d32",                        addr: "0x1000",   idf_ver: "2.0.11",   nimble_ver: "1.3.8",    esp_async: "bigbrodude6119/ESPAsyncWebServer",    esp_async_ver: "master" }
           - { name: "Marauder CYD 3.5inch",          flag: "MARAUDER_CYD_3_5_INCH",    fbqn: "esp32:esp32:d32:PartitionScheme=min_spiffs",                                                    file_name: "cyd_3_5_inch",            tft: true,  tft_file: "User_Setup_cyd_3_5_inch.h",          build_dir: "d32",                        addr: "0x1000",   idf_ver: "2.0.11",   nimble_ver: "1.3.8",    esp_async: "bigbrodude6119/ESPAsyncWebServer",    esp_async_ver: "master" }
-          - { name: "Marauder v7.1",                 flag: "MARAUDER_V7_1",            fbqn: "esp32:esp32:dfrobot_firebeetle2_esp32e:FlashSize=16M,PartitionScheme=min_spiffs,PSRAM=enabled", file_name: "marauder_v7_1",           tft: true,  tft_file: "User_Setup_dual_nrf24.h",            build_dir: "dfrobot_firebeetle2_esp32e", addr: "0x1000",   idf_ver: "2.0.11",   nimble_ver: "1.3.8",    esp_async: "bigbrodude6119/ESPAsyncWebServer",    esp_async_ver: "master" }
           - { name: "M5Cardputer",                   flag: "MARAUDER_CARDPUTER",       fbqn: "esp32:esp32:esp32s3:PartitionScheme=min_spiffs,FlashSize=8M,PSRAM=disabled",                    file_name: "m5cardputer",             tft: true,  tft_file: "User_Setup_marauder_m5cardputer.h",  build_dir: "esp32s3",                    addr: "0x1000",   idf_ver: "2.0.11",   nimble_ver: "1.3.8",    esp_async: "bigbrodude6119/ESPAsyncWebServer",    esp_async_ver: "master" }
           - { name: "ESP32-C5-DevKitC-1",            flag: "MARAUDER_C5",              fbqn: "esp32:esp32:esp32c5:FlashSize=8M,PartitionScheme=min_spiffs,PSRAM=enabled",                     file_name: "esp32c5devkitc1",         tft: false, tft_file: "",                                   build_dir: "esp32c5",                    addr: "0x2000",   idf_ver: "3.3.4",    nimble_ver: "2.3.6",    esp_async: "bigbrodude6119/ESPAsyncWebServer",    esp_async_ver: "master" }
           

esp32_marauder/Buffer.cpp

@@ -52,6 +52,10 @@ void Buffer::open(bool is_pcap){
   }
 }
 
+String Buffer::getFileName() {
+  return this->fileName;
+}
+
 void Buffer::openFile(String file_name, fs::FS* fs, bool serial, bool is_pcap, bool is_gpx) {
   bool save_pcap = settings_obj.loadSetting<bool>("SavePCAP");
   if (!save_pcap) {

esp32_marauder/Buffer.h

@@ -25,6 +25,7 @@ class Buffer {
     void append(wifi_promiscuous_pkt_t *packet, int len);
     void append(String log);
     void save();
+    String getFileName();
   private:
     void createFile(String name, bool is_pcap, bool is_gpx = false);
     void open(bool is_pcap);

esp32_marauder/CommandLine.cpp

@@ -244,6 +244,7 @@ void CommandLine::runCommand(String input) {
     #ifdef HAS_GPS
       Serial.println(HELP_WARDRIVE_CMD);
     #endif
+    Serial.println(HELP_MAC_TRACK_CMD);
     
     // WiFi attack
     Serial.println(HELP_ATTACK_CMD);
@@ -571,7 +572,7 @@ void CommandLine::runCommand(String input) {
           int sta_sw = this->argSearch(&cmd_args, "-s");
           int flk_sw = this->argSearch(&cmd_args, "-f");
 
-          if (flk_sw == -1) {
+          if (flk_sw != -1) {
             Serial.println("Starting Flock Wardrive. Stop with " + (String)STOPSCAN_CMD);
             #ifdef HAS_SCREEN
               display_obj.clearScreen();
@@ -822,6 +823,15 @@ void CommandLine::runCommand(String input) {
         wifi_scan_obj.StartScan(WIFI_SCAN_ACTIVE_EAPOL, TFT_VIOLET);
       }
     }    
+    // MAC Tracking
+    else if (cmd_args.get(0) == MAC_TRACK_CMD) {
+      Serial.println("Starting MAC Tracker. Stop with " + (String)STOPSCAN_CMD);
+      #ifdef HAS_SCREEN
+        display_obj.clearScreen();
+        menu_function_obj.drawStatusBar();
+      #endif
+      wifi_scan_obj.StartScan(WIFI_SCAN_DETECT_FOLLOW, TFT_MAGENTA);
+    }
 
 
   //// MAC Address commands    (Added by H4W9_4)
@@ -1248,23 +1258,13 @@ void CommandLine::runCommand(String input) {
       #ifdef HAS_BT
         #ifdef HAS_GPS
           if (gps_obj.getGpsModuleStatus()) {
-            int cont_sw = this->argSearch(&cmd_args, "-c");
 
-            if (cont_sw == -1) {
-              Serial.println("Starting BT Wardrive. Stop with " + (String)STOPSCAN_CMD);
-              #ifdef HAS_SCREEN
-                display_obj.clearScreen();
-                menu_function_obj.drawStatusBar();
-              #endif
-              wifi_scan_obj.StartScan(BT_SCAN_WAR_DRIVE, TFT_GREEN);
-            }
-            else {Serial.println("Starting Continuous BT Wardrive. Stop with " + (String)STOPSCAN_CMD);
-              #ifdef HAS_SCREEN
-                display_obj.clearScreen();
-                menu_function_obj.drawStatusBar();
-              #endif
-              wifi_scan_obj.StartScan(BT_SCAN_WAR_DRIVE_CONT, TFT_GREEN);
-            }
+            Serial.println("Starting BT Wardrive. Stop with " + (String)STOPSCAN_CMD);
+            #ifdef HAS_SCREEN
+              display_obj.clearScreen();
+              menu_function_obj.drawStatusBar();
+            #endif
+            wifi_scan_obj.StartScan(BT_SCAN_WAR_DRIVE, TFT_GREEN);
           }
           else
             Serial.println(F("GPS Module not detected"));

esp32_marauder/CommandLine.h

@@ -78,6 +78,7 @@ const char PROGMEM WARDRIVE_CMD[] = "wardrive";
 const char PROGMEM PING_CMD[] = "pingscan";
 const char PROGMEM PORT_SCAN_CMD[] = "portscan";
 const char PROGMEM ARP_SCAN_CMD[] = "arpscan";
+const char PROGMEM MAC_TRACK_CMD[] = "mactrack";
 
 // WiFi attack
 const char PROGMEM ATTACK_CMD[] = "attack";
@@ -152,6 +153,7 @@ const char PROGMEM HELP_WARDRIVE_CMD[] = "wardrive [-s/-f]";
 const char PROGMEM HELP_PING_CMD[] = "pingscan";
 const char PROGMEM HELP_PORT_SCAN_CMD[] = "portscan [-a -t <ip index>]/[-s <ssh/telnet/dns/http/smtp/https/rdp>]";
 const char PROGMEM HELP_ARP_SCAN_CMD[] = "arpscan [-f]";
+const char PROGMEM HELP_MAC_TRACK_CMD[] = "mactrack";
 
 // WiFi attack
 const char PROGMEM HELP_ATTACK_CMD[] = "attack -t <beacon [-l/-r/-a]/deauth [-c]/[-s <src mac>] [-d <dst mac>]/probe/rickroll/badmsg [-c]/sleep [-c]>";
@@ -183,7 +185,7 @@ const char PROGMEM HELP_BT_SPOOFAT_CMD[] = "spoofat -t <index>";
 //const char PROGMEM HELP_BT_SWIFTPAIR_SPAM_CMD[] = "swiftpair";
 //const char PROGMEM HELP_BT_SAMSUNG_SPAM_CMD[] = "samsungblespam";
 //onst char PROGMEM HELP_BT_SPAM_ALL_CMD[] = "btspamall";
-const char PROGMEM HELP_BT_WARDRIVE_CMD[] = "btwardrive [-c]";
+const char PROGMEM HELP_BT_WARDRIVE_CMD[] = "btwardrive";
 const char PROGMEM HELP_BT_SKIM_CMD[] = "sniffskim";
 const char PROGMEM HELP_FOOT[] = "==================================";
 

esp32_marauder/Display.cpp

@@ -475,33 +475,37 @@ void Display::processAndPrintString(TFT_eSPI& tft, const String& originalString)
   String new_string = originalString;
 
   // Check for color macros at the start of the string
-  if (new_string.startsWith(RED_KEY)) {
-    text_color = TFT_RED;
-    new_string.remove(0, strlen(RED_KEY)); // Remove the macro
-  } else if (new_string.startsWith(GREEN_KEY)) {
-    text_color = TFT_GREEN;
-    new_string.remove(0, strlen(GREEN_KEY)); // Remove the macro
-  } else if (new_string.startsWith(CYAN_KEY)) {
-    text_color = TFT_CYAN;
-    new_string.remove(0, strlen(CYAN_KEY)); // Remove the macro
-  } else if (new_string.startsWith(WHITE_KEY)) {
-    text_color = TFT_WHITE;
-    new_string.remove(0, strlen(WHITE_KEY)); // Remove the macro
-  } else if (new_string.startsWith(MAGENTA_KEY)) {
-    text_color = TFT_MAGENTA;
-    new_string.remove(0, strlen(MAGENTA_KEY)); // Remove the macro
+  if (new_string.startsWith(";")) {
+    if (new_string.startsWith(RED_KEY)) {
+      text_color = TFT_RED;
+      new_string.remove(0, strlen(RED_KEY)); // Remove the macro
+    } else if (new_string.startsWith(GREEN_KEY)) {
+      text_color = TFT_GREEN;
+      new_string.remove(0, strlen(GREEN_KEY)); // Remove the macro
+    } else if (new_string.startsWith(CYAN_KEY)) {
+      text_color = TFT_CYAN;
+      new_string.remove(0, strlen(CYAN_KEY)); // Remove the macro
+    } else if (new_string.startsWith(WHITE_KEY)) {
+      text_color = TFT_WHITE;
+      new_string.remove(0, strlen(WHITE_KEY)); // Remove the macro
+    } else if (new_string.startsWith(MAGENTA_KEY)) {
+      text_color = TFT_MAGENTA;
+      new_string.remove(0, strlen(MAGENTA_KEY)); // Remove the macro
+    }
   }
 
+  String spaces = String(' ', TFT_WIDTH / CHAR_WIDTH);
+
   // Set text color and print the string
   tft.setTextColor(text_color, background_color);
-  tft.print(new_string);
+  tft.print(new_string + spaces);
 }
 
 void Display::displayBuffer(bool do_clear)
 {
   if (this->display_buffer->size() > 0)
   {
-    int print_count = 1;
+    int print_count = 10;
     while ((display_buffer->size() > 0) && (print_count > 0))
     {
 
@@ -530,9 +534,9 @@ void Display::displayBuffer(bool do_clear)
         screen_buffer->add(display_buffer->shift());
 
         for (int i = 0; i < this->screen_buffer->size(); i++) {
-          tft.setCursor(xPos, (i * 12) + (SCREEN_HEIGHT / 6));
-          String spaces = String(' ', TFT_WIDTH / CHAR_WIDTH);
-          tft.print(spaces);
+          //tft.setCursor(xPos, (i * 12) + (SCREEN_HEIGHT / 6));
+          //String spaces = String(' ', TFT_WIDTH / CHAR_WIDTH);
+          //tft.print(spaces);
           tft.setCursor(xPos, (i * 12) + (SCREEN_HEIGHT / 6));
 
           this->processAndPrintString(tft, this->screen_buffer->get(i));

esp32_marauder/Display.h

@@ -13,7 +13,7 @@
 #include <LinkedList.h>
 #include <SPI.h>
 //#include <lvgl.h>
-#include <Ticker.h>
+//#include <Ticker.h>
 #include "SPIFFS.h"
 #include "Assets.h"
 

esp32_marauder/GpsInterface.cpp

@@ -10,6 +10,10 @@ MicroNMEA nmea(nmeaBuffer, sizeof(nmeaBuffer));
 
 HardwareSerial Serial2(GPS_SERIAL_INDEX);
 
+static const char *PCAS_SET_115200 = "$PCAS01,5*19\r\n";
+
+static const uint32_t PROBE_MS = 1200;
+
 void GpsInterface::begin() {
 
   /*#ifdef MARAUDER_MINI
@@ -27,6 +31,17 @@ void GpsInterface::begin() {
   
   Serial2.begin(9600, SERIAL_8N1, GPS_TX, GPS_RX);
 
+  uint32_t gps_baud = this->initGpsBaudAndForce115200();
+
+  if (gps_baud == 9600)
+    Serial.println("GPS running at 9600");
+  else if (gps_baud == 115200)
+    Serial.println("GPS running at 115200");
+  else
+    Serial.println("Could not detect GPS baudrate");
+
+  delay(1000);
+
   MicroNMEA::sendSentence(Serial2, "$PSTMSETPAR,1201,0x00000042");
   MicroNMEA::sendSentence(Serial2, "$PSTMSAVEPAR");
 
@@ -58,6 +73,67 @@ void GpsInterface::begin() {
 
 }
 
+bool GpsInterface::probeBaud(uint32_t baud) {
+  Serial2.end();
+  delay(50);
+
+  Serial2.begin(baud, SERIAL_8N1, GPS_TX, GPS_RX);
+
+  uint32_t start = millis();
+  bool sawDollar = false;
+  bool parsedSentence = false;
+
+  while (millis() - start < PROBE_MS) {
+    while (Serial2.available()) {
+      char c = (char)Serial2.read();
+
+      if (c == '$') {
+        sawDollar = true;
+      }
+
+      // Feed characters directly to MicroNMEA
+      if (nmea.process(c)) {
+        parsedSentence = true;
+      }
+
+      // If we’ve seen real NMEA traffic and MicroNMEA parsed something,
+      // this baud is almost certainly correct
+      if (sawDollar && parsedSentence) {
+        return true;
+      }
+    }
+    delay(1);
+  }
+
+  return false;
+}
+
+void GpsInterface::setGpsTo115200From9600() {
+  Serial2.print(PCAS_SET_115200);
+  Serial2.flush();
+  delay(200);
+}
+
+uint32_t GpsInterface::initGpsBaudAndForce115200() {
+  if (probeBaud(115200)) {
+    return 115200;
+  }
+
+  if (probeBaud(9600)) {
+    setGpsTo115200From9600();
+
+    if (probeBaud(115200)) {
+      return 115200;
+    }
+
+    probeBaud(9600);
+    return 9600;
+  }
+
+  probeBaud(9600);
+  return 0;
+}
+
 //passthrough for other objects
 void gps_nmea_notimp(MicroNMEA& nmea){
   gps_obj.enqueue(nmea);
@@ -518,6 +594,9 @@ void GpsInterface::setGPSInfo() {
 
   this->datetime = this->dt_string_from_gps();
 
+  this->lat_int = nmea.getLatitude();
+  this->lon_int = nmea.getLongitude();
+
   this->lat = String((float)nmea.getLatitude()/1000000, 7);
   this->lon = String((float)nmea.getLongitude()/1000000, 7);
   long alt = 0;
@@ -543,6 +622,14 @@ String GpsInterface::getLon() {
   return this->lon;
 }
 
+int32_t GpsInterface::getLatInt() {
+  return this->lat_int;
+}
+
+int32_t GpsInterface::getLonInt() {
+  return this->lon_int;
+}
+
 float GpsInterface::getAlt() {
   return this->altf;
 }

esp32_marauder/GpsInterface.h

@@ -46,6 +46,8 @@ class GpsInterface {
     bool getGpsModuleStatus();
     String getLat();
     String getLon();
+    int32_t getLatInt();
+    int32_t getLonInt();
     float getAlt();
     float getAccuracy();
     String getDatetime();
@@ -93,6 +95,8 @@ class GpsInterface {
     String notparsed_nmea_sentence = "";
     String lat = "";
     String lon = "";
+    int32_t lat_int = 0;
+    int32_t lon_int = 0;
     float altf = 0.0;
     float accuracy = 0.0;
     String datetime = "";
@@ -117,6 +121,9 @@ class GpsInterface {
     void flush_queue_nmea();
     String dt_string_from_gps();
     void setGPSInfo();
+    bool probeBaud(uint32_t baud);
+    void setGpsTo115200From9600();
+    uint32_t initGpsBaudAndForce115200();
 };
 
 #endif

esp32_marauder/MenuFunctions.cpp

@@ -203,6 +203,8 @@ void MenuFunctions::main(uint32_t currentTime)
     {
       // Stop the current scan
       if ((wifi_scan_obj.currentScanMode == WIFI_SCAN_PROBE) ||
+          (wifi_scan_obj.currentScanMode == WIFI_SCAN_SAE_COMMIT) ||
+          (wifi_scan_obj.currentScanMode == WIFI_SCAN_DETECT_FOLLOW) ||
           (wifi_scan_obj.currentScanMode == WIFI_SCAN_STATION_WAR_DRIVE) ||
           (wifi_scan_obj.currentScanMode == WIFI_SCAN_STATION) ||
           (wifi_scan_obj.currentScanMode == WIFI_SCAN_AP) ||
@@ -300,6 +302,8 @@ void MenuFunctions::main(uint32_t currentTime)
       {
         // Stop the current scan
         if ((wifi_scan_obj.currentScanMode == WIFI_SCAN_PROBE) ||
+            (wifi_scan_obj.currentScanMode == WIFI_SCAN_SAE_COMMIT) ||
+            (wifi_scan_obj.currentScanMode == WIFI_SCAN_DETECT_FOLLOW) ||
             (wifi_scan_obj.currentScanMode == WIFI_SCAN_STATION_WAR_DRIVE) ||
             (wifi_scan_obj.currentScanMode == WIFI_SCAN_RAW_CAPTURE) ||
             (wifi_scan_obj.currentScanMode == WIFI_SCAN_STATION) ||
@@ -1669,6 +1673,16 @@ void MenuFunctions::RunSetup()
     this->drawStatusBar();
     wifi_scan_obj.StartScan(WIFI_SCAN_SIG_STREN, TFT_CYAN);
   });
+  this->addNodes(&wifiSnifferMenu, "MAC Monitor", TFTMAGENTA, NULL, SCANNERS, [this]() {
+    display_obj.clearScreen();
+    this->drawStatusBar();
+    wifi_scan_obj.StartScan(WIFI_SCAN_DETECT_FOLLOW, TFT_MAGENTA);
+  });
+  this->addNodes(&wifiSnifferMenu, "SAE Commit", TFTLIME, NULL, EAPOL, [this]() {
+    display_obj.clearScreen();
+    this->drawStatusBar();
+    wifi_scan_obj.StartScan(WIFI_SCAN_SAE_COMMIT, TFT_GREEN);
+  });
 
   // Build Wardriving menu
   #ifdef HAS_GPS
@@ -2039,6 +2053,8 @@ void MenuFunctions::RunSetup()
     });
 
     this->addNodes(&wifiGeneralMenu, "View AP Info", TFTCYAN, NULL, KEYBOARD_ICO, [this](){
+      wifiAPMenu.parentMenu = &wifiGeneralMenu;
+      
       // Add the back button
       wifiAPMenu.list->clear();
         this->addNodes(&wifiAPMenu, text09, TFTLIGHTGREY, NULL, 0, [this]() {
@@ -2074,6 +2090,8 @@ void MenuFunctions::RunSetup()
 
     // Select Stations on Mini v2
     this->addNodes(&wifiGeneralMenu, "Select Stations", TFTCYAN, NULL, KEYBOARD_ICO, [this](){
+      wifiAPMenu.parentMenu = &wifiGeneralMenu;
+
       wifiAPMenu.list->clear();
         this->addNodes(&wifiAPMenu, text09, TFTLIGHTGREY, NULL, 0, [this]() {
         this->changeMenu(wifiAPMenu.parentMenu, true);
@@ -2140,6 +2158,9 @@ void MenuFunctions::RunSetup()
     });
 
     this->addNodes(&wifiGeneralMenu, "Join WiFi", TFTWHITE, NULL, KEYBOARD_ICO, [this](){
+
+      wifiAPMenu.parentMenu = &wifiGeneralMenu;
+
       // Add the back button
       wifiAPMenu.list->clear();
         this->addNodes(&wifiAPMenu, text09, TFTLIGHTGREY, NULL, 0, [this]() {
@@ -2186,6 +2207,8 @@ void MenuFunctions::RunSetup()
         this->changeMenu(&wifiGeneralMenu, true);
       }
       else {
+        wifiAPMenu.parentMenu = &wifiGeneralMenu;
+
         // Add the back button
         wifiAPMenu.list->clear();
           this->addNodes(&wifiAPMenu, text09, TFTLIGHTGREY, NULL, 0, [this]() {
@@ -2303,6 +2326,8 @@ void MenuFunctions::RunSetup()
   // Clone AP MAC to ESP32 for button folks
   //#ifndef HAS_ILI9341
     this->addNodes(&setMacMenu, "Clone AP MAC", TFTRED, NULL, CLEAR_ICO, [this](){
+      wifiAPMenu.parentMenu = &wifiGeneralMenu;
+
       // Add the back button
       wifiAPMenu.list->clear();
         this->addNodes(&wifiAPMenu, text09, TFTLIGHTGREY, NULL, 0, [this]() {
@@ -2321,6 +2346,8 @@ void MenuFunctions::RunSetup()
     });
 
     this->addNodes(&setMacMenu, "Clone STA MAC", TFTMAGENTA, NULL, CLEAR_ICO, [this](){
+      wifiAPMenu.parentMenu = &wifiGeneralMenu;
+
       // Add the back button
       wifiAPMenu.list->clear();
         this->addNodes(&wifiAPMenu, text09, TFTLIGHTGREY, NULL, 0, [this]() {
@@ -2405,11 +2432,6 @@ void MenuFunctions::RunSetup()
         this->drawStatusBar();
         wifi_scan_obj.StartScan(BT_SCAN_WAR_DRIVE, TFT_GREEN);
       });
-      this->addNodes(&bluetoothSnifferMenu, "BT Wardrive Continuous", TFTRED, NULL, REBOOT, [this]() {
-        display_obj.clearScreen();
-        this->drawStatusBar();
-        wifi_scan_obj.StartScan(BT_SCAN_WAR_DRIVE_CONT, TFT_GREEN);
-      });
     }
   #endif
   this->addNodes(&bluetoothSnifferMenu, text_table1[35], TFTMAGENTA, NULL, CC_SKIMMERS, [this]() {
@@ -2474,6 +2496,8 @@ void MenuFunctions::RunSetup()
     #ifdef HAS_BT
     // Select Airtag on Mini
       this->addNodes(&bluetoothAttackMenu, "Spoof Airtag", TFTWHITE, NULL, ATTACKS, [this](){
+          wifiAPMenu.parentMenu = &bluetoothAttackMenu;
+
           // Clear nodes and add back button
           wifiAPMenu.list->clear();
           this->addNodes(&wifiAPMenu, text09, TFT_LIGHTGREY, NULL, 0, [this]() {

esp32_marauder/MenuFunctions.h

@@ -193,7 +193,7 @@ class MenuFunctions
 
     Menu evilPortalMenu;
 
-    static void lv_tick_handler();
+    //static void lv_tick_handler();
 
     // Menu icons
 
@@ -260,7 +260,7 @@ class MenuFunctions
     Menu infoMenu;
     Menu apInfoMenu;
 
-    Ticker tick;
+    //Ticker tick;
 
     uint16_t x = -1, y = -1;
     boolean pressed = false;

esp32_marauder/WiFiScan.h

@@ -34,6 +34,7 @@
 #endif
 #ifdef HAS_DUAL_BAND
   #include "esp_system.h"
+  #include "esp_mac.h"
 #endif
 #if defined(HAS_BT) && !defined(HAS_DUAL_BAND)
   #include "esp_bt.h"
@@ -144,6 +145,8 @@
 #define BT_SCAN_SIMPLE 73
 #define BT_SCAN_SIMPLE_TWO 74
 #define BT_SCAN_FLOCK_WARDRIVE 75
+#define WIFI_SCAN_DETECT_FOLLOW 76
+#define WIFI_SCAN_SAE_COMMIT 77
 
 #define WIFI_ATTACK_FUNNY_BEACON 99 
 
@@ -215,9 +218,29 @@ extern Settings settings_obj;
 
 esp_err_t esp_wifi_80211_tx(wifi_interface_t ifx, const void *buffer, int len, bool en_sys_seq);
 
-#ifdef HAS_DUAL_BAND
-  esp_err_t esp_base_mac_addr_set(uint8_t *Mac);
-#endif
+//#ifdef HAS_DUAL_BAND
+//  esp_err_t esp_base_mac_addr_set(uint8_t *Mac);
+//#endif
+
+#define EMPTY_ENTRY 0
+#define VALID_ENTRY 1
+#define TOMBSTONE_ENTRY 2
+
+#pragma pack(push, 1)
+struct MacEntry {
+  uint8_t  mac[6];
+  uint32_t last_seen_ms;
+  uint16_t frame_count;
+  int32_t  first_lat_e6;
+  int32_t  first_lon_e6;
+  int32_t  last_lat_e6;
+  int32_t  last_lon_e6;
+  bool following;
+  int32_t dloc;
+  int8_t rssi;
+  bool bt;
+};
+#pragma pack(pop)
 
 struct AirTag {
     String mac;                  // MAC address of the AirTag
@@ -237,6 +260,11 @@ struct Flipper {
   extern struct mac_addr* mac_history;
 #endif
 
+enum class MacSortMode : uint8_t {
+  MOST_RECENT,
+  MOST_FRAMES
+};
+
 class WiFiScan
 {
   private:
@@ -281,6 +309,8 @@ class WiFiScan
     //int num_deauth = 0; // RED
 
     uint32_t initTime = 0;
+    uint32_t last_ui_update = 0;
+    uint32_t last_sour_apple_update = 0;
     bool run_setup = true;
     void initWiFi(uint8_t scan_mode);
     uint8_t bluetoothScanTime = 5;
@@ -525,6 +555,7 @@ class WiFiScan
       NimBLEAdvertisementData GetUniversalAdvertisementData(EBLEPayloadType type);
     #endif
 
+    void updateTrackerUI();
     void showNetworkInfo();
     void setNetworkInfo();
     void fullARP();
@@ -540,6 +571,7 @@ class WiFiScan
     uint8_t getSecurityType(const uint8_t* beacon, uint16_t len);
     void addAnalyzerValue(int16_t value, int rssi_avg, int16_t target_array[], int array_size);
     bool mac_cmp(struct mac_addr addr1, struct mac_addr addr2);
+    bool mac_cmp(uint8_t addr1[6], uint8_t addr2[6]);
     void clearMacHistory();
     void executeWarDrive();
     void executeSourApple();
@@ -590,6 +622,7 @@ class WiFiScan
     void RunDeauthScan(uint8_t scan_mode, uint16_t color);
     void RunEapolScan(uint8_t scan_mode, uint16_t color);
     void RunProbeScan(uint8_t scan_mode, uint16_t color);
+    void RunSAEScan(uint8_t scan_mode, uint16_t color);
     void RunPacketMonitor(uint8_t scan_mode, uint16_t color);
     void RunBluetoothScan(uint8_t scan_mode, uint16_t color);
     void RunSourApple(uint8_t scan_mode, uint16_t color);
@@ -601,6 +634,7 @@ class WiFiScan
     void parseBSSID(const char* bssidStr, uint8_t* bssid);
     void writeHeader(bool poi = false);
     void writeFooter(bool poi = false);
+    void displayWardriveStats();
 
 
   public:
@@ -610,6 +644,9 @@ class WiFiScan
 
     //LinkedList<ssid>* ssids;
 
+    static MacEntry mac_entries[mac_history_len];
+    static uint8_t mac_entry_state[mac_history_len];
+
     // Stuff for RAW stats
     uint32_t mgmt_frames = 0;
     uint32_t data_frames = 0;
@@ -730,7 +767,12 @@ class WiFiScan
     #ifdef HAS_SCREEN
       int8_t checkAnalyzerButtons(uint32_t currentTime);
     #endif
-    bool seen_mac(unsigned char* mac);
+    bool seen_mac(unsigned char* mac, bool simple = true);
+    int16_t seen_mac_int(unsigned char* mac, bool simple = true);
+    int update_mac_entry(const uint8_t mac[6], int8_t rssi = 0, bool bt = false);
+    inline void insert_mac_entry(uint32_t idx, const uint8_t mac[6], uint32_t now_ms, int8_t rssi = 0, bool bt = false);
+    void evict_and_insert(const uint8_t mac[6], uint32_t now_ms);
+    uint8_t build_top10_for_ui(MacEntry* out_top10, MacSortMode mode);
     void save_mac(unsigned char* mac);
     #ifdef HAS_BT
       void copyNimbleMac(const BLEAddress &addr, unsigned char out[6]);
@@ -795,6 +837,10 @@ class WiFiScan
     void startGPX(String file_name);
     //String macToString(const Station& station);
 
+    static bool parse_sae_commit_act(const uint8_t *frame, size_t frame_len, uint16_t &group_out, size_t &act_len_out, size_t & act_off_out);
+    static bool sae_group_sizes(uint16_t group, size_t &scalar_len, size_t &element_len);
+    static bool mac_cmp(const uint8_t *a, const uint8_t *b);
+    static inline uint16_t le16(const uint8_t *p);
     static void getMAC(char *addr, uint8_t* data, uint16_t offset);
     static void pwnSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type);
     static void beaconSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type);
@@ -811,5 +857,6 @@ class WiFiScan
     static void pineScanSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type); // Pineapple
     static int extractPineScanChannel(const uint8_t* payload, int len); // Pineapple
     static void multiSSIDSnifferCallback(void* buf, wifi_promiscuous_pkt_type_t type); // MultiSSID
+    static inline uint32_t hash_mac(const uint8_t mac[6]);
 };
 #endif

esp32_marauder/configs.h

@@ -6,6 +6,8 @@
 
   #define POLISH_POTATO
 
+  //#define DEVELOPER
+
   //// BOARD TARGETS
   //#define MARAUDER_M5STICKC
   //#define MARAUDER_M5STICKCP2
@@ -32,10 +34,12 @@
   //#define MARAUDER_V8
   //// END BOARD TARGETS
 
-  #define MARAUDER_VERSION "v1.9.0"
+  #define MARAUDER_VERSION "v1.10.0"
 
   #define GRAPH_REFRESH   100
 
+  #define TRACK_EVICT_SEC 90 // Seconds before marking tracked MAC as tombstone
+
   #define DUAL_BAND_CHANNELS 51
 
   //// HARDWARE NAMES

esp32_marauder/esp32_marauder.ino

@@ -154,6 +154,12 @@ void backlightOff() {
 
 void setup()
 {
+  randomSeed(esp_random());
+  
+  #ifndef DEVELOPER
+    esp_log_level_set("*", ESP_LOG_NONE);
+  #endif
+  
   #ifndef HAS_DUAL_BAND
     esp_spiram_init();
   #endif

esp32_marauder/utils.h

@@ -56,6 +56,25 @@ uint8_t getDRAMUsagePercent() {
   }
 #endif
 
+String hexDump(const uint8_t *buf, size_t len) {
+  String out;
+  out.reserve(len * 3);  // "FF " per byte (approx)
+
+  for (size_t i = 0; i < len; i++) {
+    if (buf[i] < 0x10) {
+      out += '0';
+    }
+    out += String(buf[i], HEX);
+
+    if (i < len - 1) {
+      out += ' ';
+    }
+  }
+
+  out.toUpperCase();
+  return out;
+}
+
 String byteArrayToHexString(const std::vector<uint8_t>& byteArray) {
   String result;
 
@@ -156,6 +175,14 @@ String macToString(uint8_t macAddr[6]) {
   return String(macStr);
 }
 
+String macToString(const uint8_t macAddr[6]) {
+  char macStr[18]; // 17 characters for "XX:XX:XX:XX:XX:XX" + 1 null terminator
+  snprintf(macStr, sizeof(macStr), "%02X:%02X:%02X:%02X:%02X:%02X", 
+    macAddr[0], macAddr[1], macAddr[2], 
+    macAddr[3], macAddr[4], macAddr[5]);
+  return String(macStr);
+}
+
 void convertMacStringToUint8(const String& macStr, uint8_t macAddr[6]) {
     // Ensure the input string is in the format "XX:XX:XX:XX:XX:XX"
     if (macStr.length() != 17) {