The use of phishing websites is one of the most common hacking techniques, as it is highly functional for threat actors to collect a lot of information from their targets. However, many people still are unaware that using similar techniques, more information can be collected from a user, including detecting their precise location.
MapEye is a simple tool in which a kind of phishing website can be placed to extract the location data of an unsuspecting user. According to the ethical hacking experts of the International Institute of Cyber Security (IICS), it is sufficient for the target user to click on a text box to extract confidential details, including:
- Latitude and longitude, with a high degree of precision
- Height (not always available due to users’ device settings)
- Scroll direction, only available if the user is moving
- Speed, available only if the user is moving
In addition to these details, MapEye also allows you to intercept some details of the user’s device without having to obtain additional permissions. Ethical hacking experts point out that this tool can even be used in fraudulent campaigns.
As usual, we remind you that this manual was prepared for entirely academic and demonstration purposes, so IICS is not responsible for the misuse that may be given to this tool.
In order to install, enter the following commands:
git clone https://github.com/bhikandeshmukh/MapEye.git cd MapEye apt update apt install python3 python3-pip php pip3 install requests
If used in Termux, enter the following commands:
git clone https://github.com/bhikandeshmukh/MapEye.git cd MapEye pkg update pkg install python php pip3 install requests
According to ethical hacking experts, the simplest method to get started with MapEye is to enter:
python3 mapeye.py -h
At the first of the terminal, enter:
python3 mapeye.py -t manual
At the second terminal, start a tunnel service such as ngrok
./ngrok http 8080
Output KML file for Google Earth
python3 mapeye.py -t manual -k <filename>
Use a custom port
python3 mapeye.py -t manual -p 1337
./ngrok http 1337
To learn more about ethical hacking, information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.