Seeker : Accurately Locate Smartphones Using Social Engineering
WHAT IS SEEKER
There are many Tracking tools present on the internet but Seeker Stands Out of all of them because of the the Method it Uses and The Accuracy it Provides.
THE OLD WAYS
Usually When we have to find the GeoLocation of a Device we would
1. Find a Way to Grab IP Address of the Victim
2. Convert IP to GeoLocation
We grabbed IP Addresses by Embedding an IP Logger in a URL and persuading victim to open the URL to Catch the IP Address and there were several other ways to Grab the IP Address too.
Then we used free resources like ip2location to check Latitude and Longitude of the Device and Place it in google maps to find Location.
But but........
The Location Which we will get through this method will be Somewhat Accurate Location of the ISP (Internet Service Provider) and not the location of the Actual Device Itself.
Seeker Overcomes this Huge Limitation....
HOW IS SEEKER DIFFERENT
The Seeker Tool uses Phishing Pages and Social Engineering to gather Data.
Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. Seeker Hosts a fake website which asks for Location Permission and if the target allows it, we can get :
Longitude
Latitude
Accuracy
Altitude - Not always available
Direction - Only available if user is moving
Speed - Only available if user is moving
Along with Location Information we also get Device Information without any permissions :
Unique ID using Canvas Fingerprinting
Device Model - Not always available
Operating System
Platform
Number of CPU Cores - Approximate Results
Amount of RAM - Approximate Results
Screen Resolution
GPU information
Browser Name and Version
Public IP Address
Local IP Address
Local Port
Other tools and services offer IP Geolocation which is NOT accurate at all and does not give location of the target instead it is the approximate location of the ISP.
Seeker uses HTML API and gets Location Permission and then grabs Longitude and Latitude using GPS Hardware which is present in the device, so Seeker works best with Smartphones, if the GPS Hardware is not present, such as on a Laptop, Seeker fallbacks to IP Geolocation or it will look for Cached Coordinates.
Generally if a user accepts location permsission, Accuracy of the information recieved is accurate to approximately 30 meters
Accuracy depends on multiple factors which you may or may not control such as :
Device - Won't work on laptops or phones which have broken GPS
Browser - Some browsers block javascripts
GPS Calibration - If GPS is not calibrated you may get inaccurate results and this is very common
HOW TO USE SEEKER
PRE-REQUISITES :
1. A Linux Distribution Preferably Kali Linux or Ubuntu.
2. You Should Have Python3 Installed on your machine.
3. You Should Have PHP Installed on your Machine.
4. You Should Have Ngrok Installed on your Machine.
NOTE : if you are a Windows User You can:
1. Install Kali Linux OR Ubuntu from Windows Store (FREE)
2. Install Cygwin From Here(FREE):
3. Install GIT for Windows from here(FREE):
I Will be Working on Ubuntu 20.04 (LTS) (Same process in Kali Linux)
STEPS :
***************************************************************************** DISCLAIMER: ANY MALICIOUS USE OF THE CONTENTS FROM THIS ARTICLE WILL NOT HOLD THE AUTHOR RESPONSIBLE, THE CONTENTS ARE SOLELY FOR EDUCATIONAL PURPOSE. HACKING WITHOUT THE OWNERS CONTENT IS ILLEGAL . *****************************************************************************
1. Type
git clone https://github.com/thewhiteh4t/seeker.git
2. Type cd then lspython3 seeker.py4. Now Open Two Terminals in the 1st one Type
5. In the 2nd Terminal Type
ngrok http 8080
Ngrok will Forward all the Contents from Localhost To the Internet. It Gives a Link Mentioned in the Forwarded Section ending with .ngrok.io.
in this case : http://554b574588ed.ngrok.io (You will be Given your own Link)
Now When You Open this Link you will find the Nearyou Template which you choose already set. Take this link and give it to your friend or try it on yourself.
Meanwhile Ngrok will be recording all incoming Connections with Request type, HTML Code etc....
6. Now If you Press Continue Button It will ask For the Location Which gets Captured and Shown to us.
This Way all Data is Captured on and Shown to us.....
It Will Also give a Google Maps Link to Check out the Location
CREDITS:
Tracking Device Location Have never been This easy, all Thanks to thewhiteh4t.
Github: https://github.com/thewhiteh4t
Twitter: https://twitter.com/thewhiteh4t
URL : https://thewhiteh4t.github.io/
Please Like and Follow This Blog !!
-By /Dev/Null
Comments
Post a Comment