Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites.
It Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will forward to the target, website asks for Location Permission and if the target allows it, we can get :
Along with Location Information we also get Device Information without any permissions :
This tool is a Proof of Concept and is for Educational Purposes Only, Seeker shows what data a malicious website can gather about you and your devices and why you should not click on random links and allow critical permissions such as Location etc.
Also Read – BurpSuite : Secret Finder Extension To Discover APIkeys/Tokens From HTTP Response
How is this Different from IP GeoLocation?
Note : On iPhone due to some reason location accuracy is approximately 65 meters.
Templates
You can choose a template which will be used by seeker from these :
Tested On
Installation
Kali Linux / Ubuntu / Parrot OS
git clone https://github.com/thewhiteh4t/seeker.git
cd seeker/
chmod 777 install.sh
./install.sh
BlackArch Linux
pacman -S seeker
Docker
docker pull thewhiteh4t/seeker
Termux
git clone https://github.com/thewhiteh4t/seeker.git
cd seeker/
chmod 777 termux_install.sh
./termux_install.sh
Known Problems
Demo
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
If you are working with Linux or writing bash scripts, one of the most common…
What is a bash case statement? A bash case statement is a way to control…
Why Do We Check Files in Bash? When writing a Bash script, you often work…