The title pretty much sums up the gist of it. A longer rundown of the situation might be... Okay, there's about a dozen AP's near enough to me that I can walk to each AP owner's mailbox and see the street address. And, I almost know the majority of people who live around me.
The problem is that I cannot think of any other way to match the detectable SSIDs or BSSIDs to their AP owners, and I need to do exactly that (I'm pretty sure).
See... I've got the handshakes, and I've cracked my own BSSID with Aircrack-ng, using the "Rockyou.txt" wordlist. So I know that the program works, but it was also cheating, because I rigged the wordlist with the already known password.
However, I'm not aware of Aircrack-ng supporting rule based attacks, so I figured I'd get a bit familiar with Hashcat3.3 so that I can use some mangling rules along with just 2 or 3 decent wordlists (like rockyou.txt, etc.) to see what they'll accomplish. However, I ran an error with Hashcat3.3 and the hardware/software setup that I have (* Device #1: Not a native Intel OpenCL runtime, expect massive speed loss). I don't know, but I think I need an OpenCL driver or something (the OS is Kali 2017.1 rolling release, and the machine is a HP Pavilion dv7 with a Centrino Wireless-N 1000 card).
So, I am at a standstill on that part of things, until I get a decent grasp of what I need to do to get Hashcat to run on my setup without throwing an error. In the mean-time, I thought, without twiddling my thumbs and waiting, I thought to try my hand at making some more targeted wordlists with Crunch. After all, I still have a lot to learn about Crunch's syntax, the more commonly used password structures, etc. So, I have the bright idea (yeah, yet to be determined) that I'll just dig around and associate a street address with each network name, and then I can find out some more generic info (names, genders, ages, DOBs, etc.) to make targeted wordlists. Those lists, if used with Hashcat, against the correct BSSID, might yield something. If nothing else, I'd learn alot more about using Crunch.
So, now I'm thinking that I probably need to learn something about Nmap (haven't gotten that far yet), or some other way that I can use the BSSIDs that I have to get some sort of GPS coords or geographical location. After that, Google Maps will fill in the blanks...
So, How would one go about using a BSSID to find out a location or street address? There might even be some online resource that does this sort of thing. If there is then I just didn't see it. I was thinking that there'd probably be something online similar to whois or reverse lookup, but I didn't see anything like that for associating BSSIDs with locations. I do remember glancing at something about finding an AP's physical location but it was when I had just installed Kali and didn't concern me any at the time. How does one usually go about it?