Accessing & Using the MobileWiFi.framework

Question

For a personal project of mine, I'm trying to retrieve iPhone WiFi signal strength. I'm fully aware that this in the land of undocumented goodness, so please refrain from the "No Appstore" answers. :)

Anywho, I've been reading up on previous WiFi Network Scanner Apps (WiFi Stumbler), but I'm afraid most (if not all) reflect outdated SDK documentation. Hopefully, this question will also provide some centralized / insightful material with the most recent iPhone SDK 3.1.2.

Here's my incomplete/not-working code:

.h

 void *libHandle;
 void *airportHandle; 
 int (*open)(void *);
 int (*bind)(void *, NSString *);
 int (*close)(void *);
 int (*scan)(void *, NSArray **, void *);

.m

libHandle = dlopen("/System/Library/PrivateFrameworks/MobileWiFi.framework/MobileWiFi",RTLD_LAZY);

open = dlsym(libHandle, "Apple80211Open");
bind = dlsym(libHandle, "Apple80211BindToInterface");
close = dlsym(libHandle, "Apple80211Close");
scan = dlsym(libHandle, "Apple80211Scan");

open(&airportHandle);
bind(airportHandle, @"en0");

NSLog(@"Result %@",libHandle);

When executed on the device, it'll produce my ever-so-favorite...

Exception Type: EXC_BAD_ACCESS (SIGSEGV)

I'm thinking the dynamic loading call, isn't loading anything. The directory: /System/Library/PrivateFrameworks/ only lists a Info.plist file with no binaries or aliases.

Probably doing something terribly wrong (wrong directory?)... appreciate any help!

Also, as a follow up. To extract the WiFi information, it might be done by:

GetInfoCopy = dlsym(libHandle, "Apple80211GetInfoCopy");

And my questions are 1) Has anybody had any luck with this? 2) How do you get a header dump like I would using with class-dump on Objective-C libraries (because MobileWifi is in C)?

Answer 1

I'm not sure if this would be a problem, but open/close/bind are names that are already in-use (standard C library).

The binary doesn't exist, as it is stored in the dyld shared_cache (dlopen will succeed because the library is technically 'loaded.'); however, I note that you're not checking that any of libHandle, open, close, bind or scan are valid when you retrieve them from the dl* functions.

Answer 2

These Apple80211xxx functions do not exist in MobileWiFi.framework (you can check using the `nm' tool against the SDK binaries).

(Also, it's impossible to dump a C header from binaries because all type information are removed during compilation. You need to reverse engineer it yourself or wait for someone to do so.)

Answer 3

For anybody who stumbles upon this question, here's my library to access 802.11 networks. Although Apple claims to deny any applications that use private frameworks, there are several closed-sourced WiFi applications on the AppStore. Use at your own risk.

This library works with iPhone SDK 3.1.2.

• SOLStumbler.h
• SOLStumbler.m

Use:

SOLStumbler *networksManager = [[SOLStumbler alloc] init];
[networksManager scanNetworks];

Result:

An networks NSDictionary of a info NSDictionary.

Use CFShow to explore the returned pointer containing information. Or call the description method for sample output.

Answer 4

tu podrias ayudarme con un iphone q no detecta ninuga wifi?? solo busca y busca y nunca aparece nada!! inteto buscarla manualmente y m dice q no se puede explorar redes inalambricas