How can someone get the BSSID of a router without connecting to it?

Question

1. How can someone get the BSSID of a router without connecting to it in order to differentiate between duplicate SSIDs?

2. Does a router broadcast the BSSID?

Answer 1

I think that your router is equal to WiFi access point。There are a bunch of ways to realize this in different operating system.
1. In windows xp,you can install netstumbler;
2. In windows ,you can use this cammand "netsh wlan show networks mode=Bssid|findstr "BSSID" " as the post in https://stackoverflow.com/a/187867/1767800
3. In linux, you can turn to netstumbler linux alternative kismet http://www.linuxalt.com/linux-alternatives-to/windows/netstumbler.html

All the software listed above show the detected BSSIDs and many other information to you by catching the beacon frame broadcast by the Access Point.

Answer 2

For Mac OS and macOS that's

/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I

for the currently connected wifi, which you can also get by alt+click on the wifi menu.

To get a list of all hotspots/network available use

/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -s

Answer 3

sudo iwlist scanning

or filter(Address):

sudo iwlist scanning | grep Address

Answer 4

Applying the command

netsh wlan show all 

in windows would show details of all the routers including the BSSID in your wireless range, even though you might not have been connected to the router.

Answer 5

If you have Linux and iwlist package you can use

iwlist YOUR_INTERFACE scan

where YOUR_INTERFACE have to be an active wireless interface, typically wlan0.

And yes, a router working as an AP (it is the more common configuration) will send his BSSID.

Answer 6

You can get all the BSSID you have around with this command:

netsh wlan show networks mode=bssid

Answer 7

in cmd: netsh wlan show networks mode=Bssid (Windows 7)