We performed a case study with the most basic attack profile: the bad BSSID is known and the blue team is searching for the physical device, which is on the move. The theater was the DEFCON 26 wireless CTF. Since we did pretty well in DEFCON 25’s, locating the stationary rogue access point, we hoped to evolve our tactics. We attempted to create a cheap and easy to deploy solution that can be used in the field to track down and locate rogue mobile operators using C2 infrastructure. …