Seeker - Trace Anyone's Location!



First we need to clone this tool from it's Github repository using following command:
git clone https://github.com/thewhiteh4t/seeker

The screenshot of the command is following :


trace mobile location


After cloning finished we need to go in seeker's directory, to do that and to see the files we use cd command and ls command so we apply both commands together:


cd seeker && ls

 

The screenshot is following:


seeker trace mobile location of anyone


Here we can see the files. First we need to run the installer.sh . This tool also can be run from mobile devices using Termux app. Termux is a terminal emulator with an extensive Linux package collection. If we use a mobile device and using Termux application then we choose the termux-install.sh installer file.

So, the command for our Kali Linux system will be following:

sudo bash install.sh

This will install all requirements to run seeker.

The screenshot is following:

seeker installing requirements


To run this tool we must need to have python3 in our system. Python3 comes preinstalled with Kali Linux but if our system doesn't have Python3 then we should read our this tutorial. To run seeker we use following command:

python3 seeker.py

The screenshot is following:


running seeker manually


Here we can see that serveo server (a ssh port forwarding service) is offline so the tool is closed so we manually start the tool on our localhost and forward our localhost to another ssh port forwarding service.


 To start Seeker tool manually we run following command:

python3 seeker.py -t manual

The screenshot is following:

seeker manual main menu


Now, we get multiple options. First option is NearYou and second one is GoogleDrive. We also can create a Telegram and Whatsapp group invite. First we create a Gdrive then we will look at the Whatsapp method.


Google Drive Method

We choose option number for Google drive links. Google drive links can look more genuine for the target user. Social engineering techniques will help us to choose a google drive file as per target's interest(it can be movies or lottery or something else). Then we need a shareable link of Google drive.

Then we paste the link and press enter.

google drive links in seeker


Here this is on our localhost sever. We can forward our port 8080 by port forwarding this is may be done by changing our router's settings or we can do it by ngrok or other ssh port forwarding methods. For port forwarding we suggest to our port forwarding tutorial.

For an example we forward our port 8080 by using localhost.run services by using following command in another terminal:

ssh -R 80:localhost:8080 ssh.localhost.run

 The screenshot is following:

localhost.run port forwarding


Now we can send this link to the victim. When victim opens this link he/she can see the Google drive page and that page will prompt victim for location information. If he/she "Allow" this we got all the location information.


Whatsapp Group Invite Method

Same things we can do with Whatsapp method for this we need to choose option 2. After this we need to choose group title and we need to give an image. The image should be relatable with the group's title. We can use any image file but 300x300 images will looks better. We have to give our image path or we can drag and drop our image in terminal to auto fill the path of our image.

Then our localhost server will started as we can see in the following screenshot:

seeker whatsapp method


Rest the port forwarding we have given an example in Google Drive method.


Getting the Location

When ever target clicks on attacker's shared link and try to any activity this asks for location permission. If the victim clicks "Allow" we got victim's location.

using seeker we got victim's location and device details


We got target's device details and location

Now we just copy the Whatsapp group invitation link and send it to victim. We shouldn't worry because this will be a fake webpage exactly like Whatsapp group invitation. The victim will try to connect and we got the location and device info. Victim always get group full notification.

fake whatsapp group invitation page


Extra Social Engineering

Now we can send this link to our target but their will minimum chance that our target will click on the link. So we need to do some extra Social Engineering. Suppose we know that our target is jobless and he need some money also target loves to make new friends. In this case we firstly shorten this long URL with bit.ly or any other URL shortener which open the link directly.

url shorting

Then we send the shorten URL via SMS or any other social media and when our target see the SMS it will looks like following screenshot:




How to be Safe from this

To be safe from this kind of attack we should not open any serveo.net, ngrok or localhost URLs, but if attacker using shorten links we can expand the links from Expand URL's website.


Comments

Post a Comment

Popular posts from this blog

13 BEST Operating System (OS) for Hacking in 2021

Image
Ethical hacking is identifying weaknesses in computer systems or networks to exploit its vulnerabilities so they can be fixed later. Hackers use various techniques to identify threats and thereby increase the security of the device. These people can utilize Linux based operating system to hack PC or network. It contains a wide range of applications to prevent cybersecurity attacks. Following is a handpicked list of Top OS for Hacking with their popular features and download links. BEST OS for Hacking: Top Picks 1) Kali Linux     Kali Linux is a Security Distribution of Linux specifically designed for digital forensics and penetration testing. It is one of the best hacking OS which has over 600 preinstalled penetration-testing applications (cyber-attack performs against computer vulnerability). This OS can be run on Windows as well as Mac OS. Features: It can be used for penetration testing. This platform is available in 32 bits as well as 64 bits. Kali Linux can...
Read more

Some Android Applications, for Developers !

Image
F or users who love to code programs, we are here with  Best Android Apps For Developers & Programmers . Today the time is of being intelligent and coding is the one thing for computer guys that make them smart to develop out all new things in a tech world. As all the apps and projects are based on coding and it can be either in any language. So, we are here with some apps that a coder or programmer should have in their android mobile. So proceed with the complete guide below. Top 7 Best Android Apps For Developers or Programmers These apps will help you to work on your project and you can also spend your free time on programming, this all can be done using your android smartphone. So have a look on these apps below. #1  Algoid - Programming Language It’s the really best app that you will love to have in your android device. It includes a real-time debugger (the first and so far the only one on Android), a step-by-step execution mode, and scope explorer for better understa...
Read more