News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

How detectable is a YAGI ANTENNA? : OpSec | Torhoo darknet markets

Can LE somehow know if I am using a yagi antenna to steal wifi?

If there is an effective surveillance method, is it something that is consistently monitored and recorded everywhere, or is it more targeted surveillance?
/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴
1 points
4 days ago
A modern stingray will detect the strong signal from the Yagi, it sticks out. The metadata in the WiFi communication will indicate that you have a long range connection. The stingray will be able to detect the Yagi position at meter precision and also position of the potentially hacked WiFi.

In most countries an Yagi-antenna connected to a access point at long range is usually not enough to start an investigation. LE needs more on the bait. However, if the Yagi signal is very strong and way out of allowed tolerances, there is a risk that this alone can initiate an investigation.

So, keep the Yagi outside your premises and connect to it with a cable that have magnet contacts or similar that breaks the cable if LE starts to pull it. Make sure the cable breaks in a point where further searching of the cable will be costly and time consuming. Have surveillance at that location so you have time to disconnect things at your premises (automate this).
This way you preserve plausible deniability.
/u/ThatOpSecGuy
1 points
4 days ago
Are you sure about this? I'm not sure that this is the intended use or if it's among the functions of a stingray.
/u/cilantr0
1 points
4 days ago
Nah, it's not. He's mixing several unrelated concepts. A stingray is a generic term used for fake 2G cells used to force mobile phones to connect into, and being able to determine their positioning by triangulation.

An antenna, doesn't matter the model, omnidirectional or directional, such as a Yagi would be, is by definition a _passive_ element. It doesn't use Power, so it doesn't generate a signal. Thus, an antenna by itself cannot be detected by a "strong signal". You can use some "metadata" within the physical layer of the wifi connection, yes, but it's not as straightforward, as it may depend on the 802.11 standard, as well as the encryption method used (for example, you won't be able to ascertain the RSI of connected clients). And if you factor in using randomised MAC addresses on the client side, there you have your plausible deniability covered.
/u/not_wifi_theift_i_promise 📢
1 points
4 days ago
Fuck. One guy saying it's very detectable, and another guy saying it's more complicated. Who do I listen do? Fuck me in the anal sideways.

Can you elaborate on the "uses no power" part? It must use some power to send data, no? Although I am mostly receiving data, it's still a two-way communication from the start of the connection handshake. I wouldn't call it passive.
/u/OpsecThrowaway
1 points
4 days ago*
Think of wifi signal from regular antenna like if you put american donut around it. That is the radiation pattern. When you make yagi, you are squishing donut into oval. oval gets thinner on sides and longer on length. Eventually donut very long, and very thin. the tip of donut must touch donut on antenna of device connected to. Now, if make detection antenna, if donut intersect detection antenna, antenna can be triangulated. But since from yagi, donut long and thin, chances are low that donut can be detected from side. So it harder to find directional signal because signal does not spill into tracking antenna. However, there is settings on router that sets timeout. because signal take longer to travel from long thin donut, compared to wide fat donut of normal connected device, if one is watching router, one can see that one connected device time out longer. this mean operator of remote ap can infer that there is a long distance connection being made. however, one must start to measure angle from which signal is coming in, to get donut slice of direction signal is coming from. This is hard to do, because it require device like SDR at AP. it also imply that AP is compromised. This is why reccomended to cycle AP, and not make connection to single AP for long time. Answer complicate, sorry for that. If drive around with yagi, biggest risk likely to be someone wondering why yagi sticking out of car more than RF spectrum analasys.
Stingray in this context is confusing term that muddy the river of explanation.
/u/cilantr0
1 points
3 days ago
Hi, an antenna is just a bunch of segments connected to the receiver or transmitter, that convert the radio wave into electric current. The power is in the receiver/transmitter, not in the antenna.
/u/ThatOpSecGuy
1 points
4 days ago
This is exactly what I thought.
/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴
1 points
3 days ago
MAC address changes will not hide a Yagi as long as the location is fixed. It's easy to locate a fixed radio source, LE only need to drive around with their "stingray" that sense the signal and will in minutes have a good approximation. The precision radius is equal to the killing zone of a 155mm habit grenade.

See my simplified definition of "stingray" /post/29886f5e726e459d2958/#c-f12cf75619386facf6
/u/cilantr0
1 points
3 days ago
I honestly don't want to get into a never-ending discussion, please do check some basics in physics, mainly electromagnetic reciprocity, and how that does not apply directly to antennas, not as long as you have a non-reciprocal circulator component. Thus, that's why you can have a very sensitive wireless card, to detect the existence of networks, but can't transmit into them with enough power to connect.
/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴
1 points
3 days ago
I use the term "stingray" for the collection of radio signal surveillance equipment used by police. Actually that is many different things including 2-5G cell tower technology, WiFi technology. This is a subset of what you find in a military surveillance unit.
/u/ThatOpSecGuy
1 points
3 days ago
You don't need police technology to detect something like that. A long ranged WiFi connection isn't suspicious.
/u/not_wifi_theift_i_promise 📢
1 points
4 days ago
So what you're telling me is I have to go full James Bond just to use some anonymous internet? You know what, I'm not even that surprised. The only problem is I don't own this property so I can't go around hiding cables and antennas.

Stingrays are just machines running out of vans, correct? Is there such a thing as a stingray detector or other counter?
/u/OpsecThrowaway
1 points
4 days ago
stingray is just commercial term for applicance that do technique called man in the middle. stingray mean it work for cellphone tower. But one can do man in the middle regardless. think of wifi router. target AP name to "INTERPOL WIFI". now, i create new wifi called "INTERPOL WIFI" with same password as original AP name. I put my AP in the middle of you and the original AP. Your reciever get confused, and connect to my AP. Now my AP connected to original AP, and when you send signal, you are secret connect to me, and i forward signal. since i get signal first, i spy on you. that is man in middle.
You can check by TTL and network hop.
/u/cilantr0
1 points
3 days ago
That may have been a valid sentence ... in 2002. No matter what MAC address / BSSID, if you are using WPA2/WPA3 that is not the case anymore.
/u/OpsecThrowaway
1 points
3 days ago
Is for clarification of "stingray" which used in 2000 for 2g networks, and explanation of simple theory of MITM. Stingray being used here ambiguous.
/u/DaVenom Made of Ⱡ₳₴ɆⱤ₴
1 points
3 days ago*
I know my replies might sound to much for the majority. If the threat level was stated I could answer more moderate.

Usually you find stingrays on roof top of vans or small trucks, they are circular plates, diameter is about 40-60cm. The smaller models are also used in larger patrol cars. There exists also handheld models and fixed position stingrays (around secured objects like airports).

To detect a stingray can be tricky if it's in passive mode, e.g. only listening, the best method is visual detection. Under surveillance they need to be close to get high precision, so you will see them at 100-500m distance. Usually the stingrays are only used a few hours per per surveillance target. Then LE repeat a second round a few days later to verify the previous results. So, one must capture the stingray in a few hours window.

However, the stingrays are usually in active mode meaning they will interfere with the surveilled equipments. Typically the stingray blocks the WiFi traffic to get the communication restarted. You can detect this by having a log analyzer that looks for broken links and WiFi disturbance packages.

Besides the WiFi traffic the stingray also make surveillance on the cell phone network. This can be detected by keeping track on the cell towers around you. By sampling the cell towers signal strength you have a baseline. If a stingray is activated you will suddenly have a new cell tower with strong signal and this can then be detected.

Hope this gave some clarity.
/u/KonaCokeHead
1 points
4 days ago
name checks out
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo