fbpx

How to Track Phone Location by Sending a Link / Track iPhone & Android

This article explores the idea of discovering the victim’s location. Previously, we have used several tools for OSINT purposes, so, today let us try this fascinating tool, Seeker.

So, this tool seeker is:

Just like we host phishing pages to get credentials. So, why not host a fake page that requests your location like many popular location-based websites. Seeker Hosts a fake website that asks for Location Permission, and if the target allows it, we can get:

  • Longitude
  • Latitude
  • Accuracy
  • Altitude – Not always available
  • Direction – Only available if the user is moving
  • Speed – Only available if the user is moving

The environment you will need for this tool is Kali Linux and any smartphone or simulator.

Configure the tool in Kali Linux

Ok, so the first step we need to follow is cloning the tool into our Linux system. Then we will change the directory, and update our package.

𝚐𝚒𝚝 𝚌𝚕𝚘𝚗𝚎 𝚑𝚝𝚝𝚙𝚜://𝚐𝚒𝚝𝚑𝚞𝚋.𝚌𝚘𝚖/𝚝𝚑𝚎𝚠𝚑𝚒𝚝𝚎𝚑𝟺𝚝/𝚜𝚎𝚎𝚔𝚎𝚛.𝚐𝚒𝚝

𝚌𝚍 𝚜𝚎𝚎𝚔𝚎𝚛/

𝚊𝚙𝚝 𝚞𝚙𝚍𝚊𝚝𝚎

Installing the python3.

python3

𝚊𝚙𝚝 𝚒𝚗𝚜𝚝𝚊𝚕𝚕 𝚙𝚢𝚝𝚑𝚘𝚗𝟹 𝚙𝚢𝚝𝚑𝚘𝚗𝟹𝚙𝚒𝚙 𝚙𝚑𝚙

Lastly, Installing the other pre-requisite.

𝚙𝚒𝚙𝟹 𝚒𝚗𝚜𝚝𝚊𝚕𝚕 𝚛𝚎𝚚𝚞𝚎𝚜𝚝𝚜

After installing the tool, let’s try the “help” command to confirm that our tool is successfully installed.

help command

python3 seeker.py -h

Configure the NGROK Server

To run the tool, we need a server. For that purpose, here I am utilizing “ngrok server.” All you have to do is download the .zip file into your Kali Linux system, unzip the file, connect with the auth-token and run the ngrok with the port number.

./ngrok http 8080

After executing the ngrok commands, you will get two different forwarding links that we will use as our malicious link to send to our victim.

Trace the Location

Fire up the seeker tool in your Kali Linux terminal.

You will prompt up with the options like Google or WhatsApp. Whatever your target is, select that option. In our case, I will select the WhatsApp option. Then, give any authentic and attractive name that makes the victim think that the malicious link is valid. Lastly, set the image path for WhatsApp.

sudo python3 seeker.py -t manual

Once the victim opens the malicious link, he will prompt a WhatsApp group invitation link. And we will get the details of the victim’s device.

Conclusion

This article demonstrates how a harmful URL can collect information about people and their devices using the Seeker tool. As well as why we must avoid clicking on unexpected links and granting crucial rights like Geolocation.

 

 

Sana Qazi
Sana Qazi is a technical writer specialized in Information Security. She enjoys writing about technology and reading multiple genres like suspense. When not writing, she can be found traveling, dinning out, watching series etc. She manages her medium blog as well.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...