Seeker -- Trace Mobile Location of Anyone

Previously we have learned how we can trace mobile location using a tool called Trape. Trape is a very good tool but Trape needs too much configuration to perform. Now in this tutorial we will discuss about an easy and handy tool to make location tracking kids play. With the help of this tool we can trace anyone's live location using Kali Linux or even from a smartphone.

location tracking by Kali Linux


First we need to clone this tool from it's Github repository using following command:
git clone https://github.com/thewhiteh4t/seeker
The screenshot of the command is following :

trace mobile location

After cloning finished we need to go in seeker's directory, to do that and to see the files we use cd command and ls command so we apply both commands together:

cd seeker && ls
The screenshot is following:

seeker trace mobile location of anyone

Here we can see the files. First we need to run the installer.sh . This tool also can be run from mobile devices using Termux app. Termux is a terminal emulator with an extensive Linux package collection. If we use a mobile device and using Termux application then we choose the termux-install.sh installer file.
So, the command for our Kali Linux system will be following:
sudo bash install.sh
This will install all requirements to run seeker. The screenshot is following:
seeker installing requirements
To run this tool we must need to have python3 in our system. Python3 comes preinstalled with Kali Linux but if our system doesn't have Python3 then we should read our this tutorial. To run seeker we use following command:
python3 seeker.py
The screenshot is following:

running seeker manually
Here we can see that serveo server (a ssh port forwarding service) is offline so the tool is closed so we manually start the tool on our localhost and forward our localhost to another ssh port forwarding service.
 
To start Seeker tool manually we run following command:
python3 seeker.py -t manual
The screenshot is following:
seeker manual main menu
Now, we get multiple options. First option is NearYou and second one is GoogleDrive. We also can create a Telegram and Whatsapp group invite. First we create a Gdrive then we will look at the Whatsapp method.

Google Drive Method

We choose option number for Google drive links. Google drive links can look more genuine for the target user. Social engineering techniques will help us to choose a google drive file as per target's interest(it can be movies or lottery or something else). Then we need a shareable link of Google drive.

Then we paste the link and press enter.

google drive links in seeker

Here this is on our localhost sever. We can forward our port 8080 by port forwarding this is may be done by changing our router's settings or we can do it by ngrok or other ssh port forwarding methods. For port forwarding we suggest to our port forwarding tutorial.

For an example we forward our port 8080 by using localhost.run services by using following command in another terminal:
ssh -R 80:localhost:8080 ssh.localhost.run
 The screenshot is following:

localhost.run port forwarding

Now we can send this link to the victim. When victim opens this link he/she can see the Google drive page and that page will prompt victim for location information. If he/she "Allow" this we got all the location information.

Whatsapp Group Invite Method

Same things we can do with Whatsapp method for this we need to choose option 2. After this we need to choose group title and we need to give an image. The image should be relatable with the group's title. We can use any image file but 300x300 images will looks better. We have to give our image path or we can drag and drop our image in terminal to auto fill the path of our image.
 
Then our localhost server will started as we can see in the following screenshot:
seeker whatsapp method

Rest the port forwarding we have given an example in Google Drive method.

Getting the Location

When ever target clicks on attacker's shared link and try to any activity this asks for location permission. If the victim clicks "Allow" we got victim's location.

using seeker we got victim's location and device details
We got target's device details and location

Now we just copy the Whatsapp group invitation link and send it to victim. We shouldn't worry because this will be a fake webpage exactly like Whatsapp group invitation. The victim will try to connect and we got the location and device info. Victim always get group full notification.

fake whatsapp group invitation page


Extra Social Engineering

Now we can send this link to our target but their will minimum chance that our target will click on the link. So we need to do some extra Social Engineering. Suppose we know that our target is jobless and he need some money also target loves to make new friends. In this case we firstly shorten this long URL with bit.ly or any other URL shortener which open the link directly.

url shorting


Then we send the shorten URL via SMS or any other social media and when our target see the SMS it will looks like following screenshot:

tracking location using kali linux

How to be Safe from this

To be safe from this kind of attack we should not open any serveo.net, ngrok or localhost URLs, but if attacker using shorten links we can expand the links from Expand URL's website.

How much enjoyed this easy tutorial ? Follow us on Twitter and Medium to get more updates.

51 comments:

  1. not responding for long time after this

    Getting Serveo URL...

    ReplyDelete
    Replies
    1. Serveo is a free service is downs because of loads on it's server. This type of of problems may comes. But they fixes their servers late loading issue in some days always.

      Delete
    2. port forward with ngrok, run seeker manually with "./seeker.py -t manual"

      Delete
    3. Thanks for giving the reply. That could be a grt option. We also can use portmap. Ngrok and Portmap doing good these days.

      Delete
  2. Excellent article. Very interesting to read. I really love to read such a nice article. Thanks! keep rocking. www.trace-phonenumber.com

    ReplyDelete
  3. Having hopped on board the mobile transformation with the acquisition of the magnificent Google Nexus S mobile telephone, one thing which has hit me directly between the eyes is exactly that it is so difficult to peruse sites and make internet business exchanges through a mobile telephone. Odin flash tool

    ReplyDelete
  4. hi admin, checking for Update ... [ Up-to-Date]
    checking Serveo Status....[Down]..., why ??? had it stopped working?

    ReplyDelete
    Replies
    1. Thanks for comment..Sometime Serveo stops working because of overload, it's a free service. We can use ngrok or portmap free services. Keep visiting..

      Delete
  5. Checking serveo status [ DOWN ]

    ReplyDelete
    Replies
    1. port forward with ngrok, run seeker manually with "./seeker.py -t manual"

      Delete
  6. If you end up choosing app development companies offering poor customer service, you are likely to face troublesome issues right from the development stage. A lot of organizations fall prey to mobile app development companies that are just trying to sell their app and will disappear from the scene once the deal is done.Mobile App development Companies in UK

    ReplyDelete
  7. no link is generated in fact php server itself isnt running

    ReplyDelete
    Replies
    1. The link is created with serveo. for being a free service serveo server goes down for overloading they fix it usually caouple of day .. so try again after some days.. we personally tested it. Thanks for your valuable comment

      Delete
  8. plz find my new phone phone no 9801337513

    ReplyDelete
    Replies
    1. Contact to Cyber Crime Branch of cops. Because the SIM card has been changed.

      Delete
  9. why ngrok is not working on public. When I send the link its shows "No found" on the screen.

    ReplyDelete
    Replies
    1. try it again, if not work then there are lots of alternatives of ngrok. You can can use portmap.io

      Delete
  10. You know your projects stand out of the herd. There is something special about them. It seems to me all of them are really brilliant! apps

    ReplyDelete
  11. i send the link to my friend it was showing "user denied the request for geolocation"
    while it is working on my phone and laptop location is showing

    ReplyDelete
    Replies
    1. When anyone clicks on the link it opens in browser and asks for location permissions. It seems that your friend doesn't click on "allow" he/she denied it. That's why it's not working. You need to trick your friend that he/she must click on allow.

      Delete
  12. I have a problem when the user confirms the location is rejected then it will say "Please Refresh This Page and Allow Location Permission" and the location is not found? how without confirmation always appear in the upper left corner

    ReplyDelete
    Replies
    1. Confirmation required. This is asked by victim's browser as per seeker's requirement. If you want to click on "Allow" then you need to trick the victim by your social engineering skills. In these modern day "Social Engineering=Hacking."

      Delete
  13. Traceback (most recent call last):
    File "seeker.py", line 32, in
    import requests
    ModuleNotFoundError: No module named 'requests'

    help sir

    ReplyDelete
    Replies
    1. It looks that the python module called 'requests' is missing from your system to install it try following command:
      sudo pip3 install requests

      Or

      python3 -m pip install requests

      These will solve your problem. Thanks.

      Delete
  14. can i hack some one fb account with out his id and password i just know his profile

    ReplyDelete
    Replies
    1. No. Simply not, Don't mislead by face websites. Try our this tutorial. Thanks.

      Delete
  15. it says serveo status offline

    ReplyDelete
    Replies
    1. Serveo server seems to down. They offers free services so there servers might got down sometimes.

      Delete
  16. when running local host it asking me the ssh key to access the service but how should i get the ssh can you help with this one

    ReplyDelete
  17. i have succesfully, but the location is not accurate

    ReplyDelete
  18. during whatsapp template it asks "path to Group image(Best sie :300*300):" what we have to put in it??

    ReplyDelete
    Replies
    1. Hi we have updated our article after reading your comment. Thanks to you. Now read it carefully we have discussed your issue. Thanks again.

      Delete
  19. Replies
    1. serveo server is not working properly due to heavy load. You should wait couple of days. Then try again.

      Delete
  20. smzia@kali:~$ cd seeker && ls
    arch_install.sh Dockerfile install.sh logs seeker.py termux_install.sh
    db install.log LICENSE README.md template version.txt
    smzia@kali:~/seeker$ python3 seeker.py -t manual
    [+] Checking Dependencies...

    __
    ______ ____ ____ | | __ ____ _______
    / ___/_/ __ \_/ __ \ | |/ /_/ __ \\_ __ \
    \___ \ \ ___/\ ___/ | < \ ___/ | | \/
    /____ > \___ >\___ >|__|_ \ \___ >|__|
    \/ \/ \/ \/ \/

    [>] Created By : thewhiteh4t
    [>] Version : 1.2.5


    not proceeding further, plzz help

    ReplyDelete
    Replies
    1. Hi, did you run the installer bash script. Use following commnads:

      cd seeker
      sudo bash install.sh
      python3 seeker.py -t manual

      Delete
    2. hey friend thank you, i don't know why but it is running perfectly today :)

      Delete
  21. i tried this comment ssh -R 80:localhost:8080 ssh.localhost.run
    but i got the below error
    root@ssh.localhost.run: Permission denied (publickey).

    ReplyDelete
  22. after entering image path i am not getting any link, it is just saying waiting for user connection, which link do i need to share??

    (i used whatsapp method)

    ReplyDelete
    Replies
    1. Hey you need to forward the port or try the method localshost.run method as this guy shows in this tutorial....that will create a link for you...then send the link to victim.

      Delete
    2. i am getting error in that
      error:- root@ssh.localhost.run: Permission denied (publickey)

      Delete
    3. We think you have a problem in id_rsa or id_rsa.pub . You can try this

      Delete
  23. Created By : thewhiteh4t
    [>] Version : 1.2.5

    [+] Checking for Updates.....[ Up-To-Date ]

    [+] Skipping Serveo, start your own tunnel service manually...

    [+] Select a Template :

    [0] NearYou
    [1] Google Drive
    [2] WhatsApp
    [3] Telegram
    [>] 1

    [+] Loading Google Drive Template...
    [+] Enter GDrive File URL : https://drive.google.com/drive/folders/xyz
    [+] Port : 8080

    [+] Starting PHP Server......[ Success ]

    [+] Waiting for User Interaction...



    ( i have send this xyz link(this link is of a google drive of a course) to my friend but they didnt got any popup.. neither i got anything after the sentence "waiting for user interaction.

    yeah i have forwarded the port too

    ReplyDelete
    Replies
    1. Hey please don't send the gdrive link. You might got a link from the port forwarding services. That link need to share. Thanks. If you are forwarding your own routers port then you need to send your external IP. It's basic networking.

      We found that you successfully starts the seeker's server on your localhost now you need to forward port (either using port forwarding services or own router's port forwarding). And send the port forwarded link to your friend.

      Delete
  24. please i use whatsapp option after i put img url it says no such files or directory? please help.

    ReplyDelete
    Replies
    1. URL and path are not same. You should use path like /home/Desktop/my-image.jpg

      Delete
  25. what if victim use vpn �� suggest a way for that friend

    ReplyDelete
    Replies
    1. Before we tell you the truth, why don't you run this against yourself.

      Delete

Please do not spam here. It is comment box not a spambox. Promotional links are not allowed.

Powered by Blogger.