Skip to main content

What is SEEKER



seeker - Accurately Locate Smartphones using Social Engineering.

 
Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. Read more on thewhiteh4t's Blog .Seeker Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will forward to the target, website asks for Location Permission and if the target allows it, we can get :

⭕️Longitude
⭕️Latitude
⭕️Accuracy
⭕️Altitude - Not always available
⭕️Direction - Only available if user is moving
⭕️Speed - Only available if user is moving

Along with Location Information we also get Device Information without any permissions :

⭕️Operating System
⭕️Platform
⭕️Number of CPU Cores
⭕️Amount of RAM - Approximate Results
⭕️Screen Resolution
⭕️GPU information
⭕️Browser Name and Version
⭕️Public IP Address
⭕️IP Address Reconnaissance

This tool is a Proof of Concept and is for Educational Purposes Only, Seeker shows what data a malicious website can gather about you and your devices and why you should not click on random links and allow critical permissions such as Location etc.

How is this Different from IP GeoLocation

👉Other tools and services offer IP Geolocation which is NOT accurate at all and does not give location of the target instead it is the approximate location of the ISP.

👉Seeker uses HTML API and gets Location Permission and then grabs Longitude and Latitude using GPS Hardware which is present in the device, so Seeker works best with Smartphones, if the GPS Hardware is not present, such as on a Laptop, Seeker fallbacks to IP Geolocation or it will look for Cached Coordinates.

👉Generally if a user accepts location permsission, Accuracy of the information recieved is accurate to approximately 30 meters, Accuracy Depends on the Device.

Note : On iPhone due to some reason location accuracy is approximately 65 meters.

Tested On :

Kali LinuxBlackArch LinuxUbuntuKali NethunterTermuxParrot OS

Installation

Kali Linux / Ubuntu / Parrot OS

git clone https://github.com/thewhiteh4t/seeker.git cd seeker/ chmod 777 install.sh ./install.sh

BlackArch Linux

pacman -S seeker

Docker

docker pull thewhiteh4t/seeker

Termux

git clone https://github.com/thewhiteh4t/seeker.git cd seeker/ chmod 777 termux_install.sh ./termux_install.sh

Comments

Post a Comment

Popular posts from this blog

ALL ABOUT APPLICATION SECURITY TESTING

  🕳 Application security testing    Are you aware that nearly  84% of the software breaches  exploit the vulnerabilities present in the application layer? Shocking but true! And with the web being such a diverse platform, weaknesses aren’t scarce. As most of us are getting more reliant on the utility of different applications, the extent of threats is also increasing considerably. To reduce the attacks on the applications and protect them from subsequent damages, application security testing has proved to be the ultimate savior. So here is a brief description of application security testing and the types of web application security testing. Contents 1. Why application security testing is important? 2. What is applications security testing?   3. Different types of applications security testing.  4. (SAST) static allocation security testing.  5. (DAST) Dynamic Applications security testing.
Post a Comment
Read more

What is applications security testing ?

 What is Application Security Testing? The term security testing refers to the software testing category that helps to uncover: Risks associated with the software applicationContinuous security threatsPossible vulnerabilities Added to this, web application security testing also prevents malicious cyber-attacks and threats coming from intruders. The main working behind the application security testing is to recognize the digital and software system related weaknesses and every possible loophole that can cause significant damages to the concerned business, like: Loss of reputationLoss of dataLoss of revenue The central ideology behind web app security is to recognize the different types of threats present in your system following its potential vulnerabilities. After identifying those, the application security testing uses various security aspects to prevent your order from being exploited or inappropriately cease to function. The web application security testing also acts as a digital gu
Post a Comment
Read more