How to create a fake website to get anybody’s accurate GPS location on iOS, android and Windows

The use of phishing websites is one of the most common hacking techniques, as it is highly functional for threat actors to collect a lot of information from their targets. However, many people still are unaware that using similar techniques, more information can be collected from a user, including detecting their precise location.

MapEye is a simple tool in which a kind of phishing website can be placed to extract the location data of an unsuspecting user. According to the ethical hacking experts of the International Institute of Cyber Security (IICS), it is sufficient for the target user to click on a text box to extract confidential details, including:

  • Latitude and longitude, with a high degree of precision
  • Height (not always available due to users’ device settings)
  • Scroll direction, only available if the user is moving
  • Speed, available only if the user is moving

In addition to these details, MapEye also allows you to intercept some details of the user’s device without having to obtain additional permissions. Ethical hacking experts point out that this tool can even be used in fraudulent campaigns.

As usual, we remind you that this manual was prepared for entirely academic and demonstration purposes, so IICS is not responsible for the misuse that may be given to this tool.

INSTALLATION

In order to install, enter the following commands:

git clone https://github.com/bhikandeshmukh/MapEye.git
cd MapEye
apt update
apt install python3 python3-pip php
pip3 install requests

If used in Termux, enter the following commands:

git clone https://github.com/bhikandeshmukh/MapEye.git
cd MapEye
pkg update
pkg install python php
pip3 install requests

USE

According to ethical hacking experts, the simplest method to get started with MapEye is to enter:

python3 mapeye.py -h

USAGE EXAMPLES

At the first of the terminal, enter:

python3 mapeye.py -t manual

At the second terminal, start a tunnel service such as ngrok

./ngrok http 8080

OPTIONS

Output KML file for Google Earth

python3 mapeye.py -t manual -k <filename>

Use a custom port

python3 mapeye.py -t manual -p 1337
./ngrok http 1337

To learn more about ethical hacking, information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.