Ethical Hacking Stories — Live Tracking of Voi Scooters

How I tracked all riding scooter-for-sharing in 6 cities at the same time

Héctor Martos
4 min readDec 2, 2018

--

Mobility needs in large cities are in continuous evolution, appearing new modes of transport. One of the newest mobility solutions are electric scooters, available for renting from 1€ to unlock + 0.15€/min.

Madrid is undergoing profound changes in the field of mobility, and we have seen how bikes, motorbikes, and scooters from different companies flooded the sidewalks of the center of the city. Voi is just one of the companies offering this scooter-sharing service.

The way to use these vehicles is the same for all companies. You have to download an App, create a user with your email, add a payment method and scan the QR code of an available scooter, whose location is shown in a map in the application.

This is how the Voi App looks like

I was curious, so I took a look at the HTTP requests that Voi App was doing under the hood. For this purpose, I used Charles Proxy to monitor network traffic from my mobile phone.

I opened the Voi App and the first request I saw was the initial loading of all

--

--

Héctor Martos

Software Engineer. Curious and passionate Ethical Hacker. Believer in open-source philosophy. Learn by mistake, teach by example. https://hmartos.github.io