How To Obtain Someone’s Location With A Single Click On A Link

“DISCLAIMER”
Hacking without permission is illegal. This blog is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing so that we can protect ourselves against the real hackers.

Today, i will share what i learn from my master Mr. LOI LiangYang. How to Obtain the Location of a Person with a Single Click on a Link. If he or she clicks the link, BOOM — game over! Their location will be exposed.

Requirement:
1. Kali Linux as a “Hacker Operating System”.
2. A tool from “thewhiteh4t” called seeker (GitHub Link)
3. Ngrok

The Concept behind this tool is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. It’s similar to using Google Maps or any other mapping application on a website. The website needs you to grant location permission, and once you do, it can access your location.

Installation Seeker by TheWhiteH4t

Open up your terminal in Kali Linux

Download seeker:

git clone https://github.com/thewhiteh4t/seeker.git

Download Seeker

Once you completed, change directory to seeker

cd seeker/

cd seeker

Once you’re done, you need to check your Python version. The minimum required version is Python 3. If you have this version, you can proceed to run seeker.py

python --version

python3 seeker.py

Run Seeker

Installing NGROK

Before we run seeker, we need ngrok to expose our local web servers to the internet.

 curl -sSL https://ngrok-agent.s3.amazonaws.com/ngrok.asc | sudo tee /etc/apt/trusted.gpg.d/ngrok.asc >/dev/null && echo "deb https://ngrok-agent.s3.amazonaws.com buster main" | sudo tee /etc/apt/sources.list.d/ngrok.list && sudo apt update && sudo apt install ngrok

After that, add authtoken

ngrok config add-authtoken <token>

To add an authtoken, you need to have an ngrok account. Simply sign up at ngrok.com.

Install and add authtoken

Running Seeker

After you got ngrok on your side, now you can run seeker.py, you can choose a template to use for manipulating or phishing the target. There are 7 templates available, but this time we will use the Zoom template. I need to type “5” to use zoom template in terminal.

Zoom Template

After you choose zoom template, there is information said “Waiting For Client…” don’t close this terminal window.

Now open up another terminal, and type “ngrok http 8080” and you can see the result here :

Tampilan Ngrok

Look at the Forwarding Field; there is a URL: “https://3c62–36–70–223–161.ngrok.free.app". This is our link. The link need to be send to the target and convince them to open the link. But before that, we need to masking the link with shorten url like bitly

Short URL with bit.ly

So now, you have shorten url with bit.ly/3XL32MV. Send the link to the target. And this is what happen next in target device

The Link Opened In Iphone, The victim Will Click Visit Site

This is the interface, Zoom Template. Victim will click Launch Meeting

The Browser of the target victim will pop up permission to access Location, and then the victim click allow

BOOM, its finished. Now Lets check our terminal

Now lets check our 1st terminal that run seeker.py, here is what it looks like.

The 1st terminal show us the victim location if he / she allow location permission

You can open the link Google Maps or open in results.csv, then you can get the precise location of the victim.

MITIGATION & LESSON LEARNED

1. Be aware of every link you click and pay attention to every permission you grant on your phone.
2. Always verify every link you receive; if it seems suspicious, don’t click on it!

Error

If you have error when running ngrok, try to modify .yaml version add auth-token from version=”3" to version=”2". The path is in .config/ngrok/ngrok.yaml