Geolocation on ESP8266 without GPS Module, only WiFi

Orange Pi Development Boards

When I think about geolocation in I normally think about global navigation satellite systems such as GPS, GLONASS, Galileo, or Beidou, as well as IP geolocation, but the latter is highly inaccurate, and often only good for find out about the country, region, or city.

But if you’ve ever been into your phone location settings, you’d know GPS is only one option, as it can also leverage cellular base stations and WiFi SSIDs, where the former working where there’s coverage, and the later in area with a high enough density of access points. Somehow, I had never thought about using such technology to find location with WiFi modules until Espressif Systems released an application note entitled “Geolocating with ESP8266“.

This document describes how the ESP8266 module may be used to scan for nearby Wi-Fi access points and, then, use their SSID, RSSI and MAC address to obtain a potential fix on the device’s geolocation, using Google geolocation API.

That’s basically a two step process with an AT command returning the list of available APs, SSID, RSSI, and MAC Address:


and after setting up a secure SSL connection, you can then feed that data to Google Geolocation API to get the location with a command that looks like (wifiAccessPoint data not filled here):


Further research led me to m0xpd experimentation with Geolocation on ESP8266 last year, using both IP geolocation (found to be very inaccurate), and Google or Mozilla APIs, and posted his Arduino source code on Github. The Google API found his actual home in Manchester with just the information retrieved from the list of access points.

That also means that unsecured devices on the public Internet can easily be located, as an hacker logins to a router or IoT device, he just needs to run a command to find out the information required by his preferred geolocation API.

Support CNX Software - Donate via PayPal or become a Patron on Patreon

8
Leave a Reply

avatar
8 Comment threads
0 Thread replies
4 Followers
 
Most reacted comment
Hottest comment thread
5 Comment authors
SanderGermán MartínMartin Schlattertkaisercnxsoft Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
tkaiser
Guest
tkaiser

Thank you for the nice map screenshot (Longdong Avenue — LOL!) and especially the last sentence. But it should be noted that this is not related to ESP8266 at all since as soon as you ‘hacked’ any IoT device able to do wireless scans you’re already done. If you get access to a networked Raspberry Pi 3 for example all you need to locate the device is the output from ‘iwlist wlan0 scan’ (unless the Raspberry is in a rural area)

tkaiser
Guest
tkaiser

cnxsoft :
The many routers / modems directly connected to the Internet with default username / password are prime targets.

No need for this! The Internet of shitty things never receives upgrades, dnsmasq is almost everywhere and since yesterday we know how to open these boxes remotely 🙂

https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

Martin Schlatter
Guest
Martin Schlatter

Your last sentence is absolutely right and a bit scary!

Germán Martín
Guest

Some time ago, I built a library for Arduino IDE that uses Google Geolocation to get position without GPS, listening to surrounding WiFi APs. It can be used with esp8266, esp32 and arduino mkr1000.
Code can be checked on https://github.com/gmag11/ESPWifiLocation

Regards

Sander
Guest
Sander

I didn’t know about the Google Geo service “Wifi-MAC => Location” … Thank you CNXsoft and Tkaiser.

tkaiser
Guest
tkaiser

@Sander
Well, that such public services exist should be alarming since this is just the tip of the iceberg confirming the more serious problem that every wireless device out there that is trackable gets tracked and helps tracking everything around all the time (with data ending up somewhere in private data centers euphemistically called ‘the cloud’ so already accessible by 3 letter agencies and sooner or later by hackers or everyone since ‘cloud security’ is plain BS and has never worked so far).

How are these databases fed? By dumb people combined with ‘smart phones’ with location services enabled and constantly submitting everything they scan around to their device owners (Google, Apple, …). What if you want to opt-out of the ‘game’? This for example: https://www.theregister.co.uk/2017/03/10/mac_address_randomization/