Inspiration

Trying to find a less crowded studying spot on campus? Looking for a professor that you want to catch but he never seems to be in? Or simply wondering where the party's at now on campus? Let HACKCMU-SECURE be your bird's eye view to all connected devices on campus!

What it does

HACKCMU-SECURE shows you real-time information on who's where and what's up on campus.

HACKCMU-SECURE exploits the fact that most people on campus are connected to the CMU-SECURE network. By performing a ping sweep, we are able to enumerate all devices currently connected to this network (~4.5k on average), and by performing a reverse subnet lookup on CMU's network registration service with the IPs we are able to reconstruct real-time information on where every device is approximately located at.

How we built it

We performed ping sweeps on the CMU-SECURE network at regular intervals to collect the IP, hostname, and MAC address information of all devices.

We wrote a bash script to curl https://netreg.net.cmu.edu with cookie authentication for all the IPs that we collected from the scan, and then used grep and sed to filter out which subnet the IP belongs to. We then perform an arp-scan to correlate the results, followed by traceroute to confirm that these are all private IPs.

A timestamp is added and the data is served on our React web client.

Challenges we ran into

Devices with firewalls do not respond to ICMP echo requests, and so we have no way of detecting them. These appear to be very common among Windows machines

DHCP lease for a device may be long, so data may not be fully accurate

Took us a while to find out that CMU's subnet mask is 20 bits

NAT interfaces may exist that we are not aware of, thereby under-reporting the number of devices

Accomplishments that we're proud of

Actually getting sleep

Hacking together common tools in unconventional ways (creative usage of CMU's network registration service in particular)

What we learned

Networking knowledge

How to use nmap without being too aggressive and being blacklisted by Computing Services

What's next for HACKCMU-SECURE

Individualized location tracking?

Built With

Share this project:
×

Updates