Introduction
Sometimes we think, is it possible to get location of my friend’s or near ones? Today we will demonstrate step by step process on how we can grab the Geolocation of anybody using Windows 10. It can also be somebody who is trying to hack you or your victim or your friend. This all is done using Wi-Fi positioning system (WiPS/WFPS), which is a geolocation system that utilizes characteristics of nearby Wi-Fi & other access points to find where a particular device is located.
We will be using winlocation tool in a step by step manner, from installation to execution. Earlier researcher of International Institute of cyber Security, demonstrated on how an image or video can leak your location or GPS Coordinates.
Environment
- OS: Kali Linux 2019.3 64 bit
- Kernel-Version: 5.2.0
Installation Steps
- Use this command to clone the project.
- git clone https://github.com/thelinuxchoice/winlocation
root@kali:/home/iicybersecurity# git clone https://github.com/thelinuxchoice/winlocation Cloning into 'winlocation'... remote: Enumerating objects: 27, done. remote: Total 27 (delta 0), reused 0 (delta 0), pack-reused 27 Receiving objects: 100% (27/27), 22.92 KiB | 499.00 KiB/s, done. Resolving deltas: 100% (11/11), done.
- Use the cd command to enter into winlocation directory.
root@kali:/home/iicybersecurity# cd winlocation/ root@kali:/home/iicybersecurity/winlocation#
- Use this command to install the dependencies bash install.sh
root@kali:/home/iicybersecurity/winlocation# bash install.sh [+] Updating and downloading Mingw-w64 Get:1 http://ftp.harukasan.org/kali kali-rolling InRelease [30.5 kB] Ign:2 https://deb.globaleaks.org buster/ InRelease Get:3 https://deb.globaleaks.org buster/ Release [744 B] Get:4 http://ftp.harukasan.org/kali kali-rolling/non-free Sources [124 kB] Get:5 https://deb.globaleaks.org buster/ Release.gpg [833 B] Get:6 https://deb.globaleaks.org buster/ Packages [9,344 B] Get:7 http://ftp.harukasan.org/kali kali-rolling/main Sources [13.0 MB] Get:8 http://ftp.harukasan.org/kali kali-rolling/contrib Sources [61.2 kB] Get:9 http://ftp.harukasan.org/kali kali-rolling/main amd64 Packages [16.5 MB] Get:10 http://ftp.harukasan.org/kali kali-rolling/non-free amd64 Packages [195 kB] Get:11 http://ftp.harukasan.org/kali kali-rolling/contrib amd64 Packages [99.2 kB] Fetched 30.0 MB in 5min 36s (89.3 kB/s) Reading package lists... Done ===============================================================================================SNIP================================================================================================ /usr/bin/install -c -m 644 curl_global_init_mem.3 libcurl-tutorial.3 curl_easy_reset.3 curl_easy_escape.3 curl_easy_unescape.3 curl_multi_setopt.3 curl_multi_socket.3 curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3 curl_easy_pause.3 curl_easy_recv.3 curl_easy_send.3 curl_multi_socket_action.3 curl_multi_wait.3 libcurl-symbols.3 libcurl-thread.3 curl_multi_socket_all.3 curl_global_sslset.3 curl_mime_init.3 curl_mime_free.3 curl_mime_addpart.3 curl_mime_name.3 curl_mime_data.3 curl_mime_data_cb.3 curl_mime_filedata.3 curl_mime_filename.3 curl_mime_subparts.3 curl_mime_type.3 curl_mime_headers.3 curl_mime_encoder.3 libcurl-env.3 libcurl-security.3 '/usr/i686-w64-mingw32/share/man/man3' make[6]: Leaving directory '/opt/curl-7.61.1/docs/libcurl' make[5]: Leaving directory '/opt/curl-7.61.1/docs/libcurl' make[4]: Leaving directory '/opt/curl-7.61.1/docs/libcurl' make[3]: Leaving directory '/opt/curl-7.61.1' make[2]: Leaving directory '/opt/curl-7.61.1' make[1]: Leaving directory '/opt/curl-7.61.1' [+] Configuring PHP (php.ini)
- Use this command to launch the tool, bash winlocation.sh
- When we launch the tool, the first option it ask, is to enter the payload name. We entered YouTube
- In winlocation we have two reverse proxy options, Serveo.net and Ngrok. The aim of these server is to capture the data from your friends machine and send it to you (hacker’s machine).
- Next, set the listener port or select the default port.
- Now the tool generates a malicious link, sends this link to your friend.
- If your friend opens the URL on his windows 10 machine, it will automatically downloads YouTube.exe file.
- If the victim opens the YouTube.exe file. You/Hacker will get the Latitude and Longitude details.
- In the same way, after opening the YouTube.exe file automatically l.PS1 and l.txt files will be downloaded.
- As you can see that we got the Latitude and Longitude of our friend machine, on which URL/YouTube.exe is opened.
- After getting the Latitude and Longitude details in the tool console, we will also get Google Map URL or enter option Y to open google map directly to view the location.
- Here, we got your friend location successfully.
- Once we got the friends location details, every time he starts his Windows 10 machine, we will get the location details automatically.
Conclusion
We saw on how we get the your friend or victim’s location details by a single malicious link using reverse proxy servers. If you want to protect someone from viewing your location, you can turn off the location service in our windows 10 machine. Press Win+I >> Privacy >> Location >> Turn Off Location Service.
Cyber Security Specialist with 18+ years of industry experience . Worked on the projects with AT&T, Citrix, Google, Conexant, IPolicy Networks (Tech Mahindra) and HFCL. Constantly keeping world update on the happening in Cyber Security Area.
