How to find the exact location of phone, tablet or PC

Today we will discuss the “eternal question”, how to detect the exact location of the user using OSINT methods? To begin with, let’s decide where we can get information about the “exact geolocation” of the user’s gadget.

Not much technology here:

GPS — satellite geopositioning with an accuracy of 7–15 meters
LBS — geopositioning by cellular base station with an accuracy of 50 m — 1.5 km.
WiFi — establishing geolocation at the location of a fixed access point (router) with an accuracy of 100–150 m.

By default, all these technologies are already present in your smartphone, tablet or computer. It remains only to understand how we can effectively use them for surveillance without having, at the same time, physical access to the device.

1: Using the “Find my phone” function.

It is used on the websites of manufacturers of mobile operating systems Apple and Google.

Apple [https://www.icloud.com/find]
Google [https://myaccount.google.com/find-your-phone]

The “Find my phone” function does not require additional authentication in the user account. In order to use it, you will need to know the e-mail address with which the registration was carried out, as well as the current password to access it. Often such a password can be found in numerous leaks. If you do not know the correct password, or access to geolocation search has been blocked by the user’s privacy settings, then geolocation detection will not work.

2: Using geologgers services.

Geologger allows the generation of a hyperlink, by clicking on which the user will leave data about himself (his connection and device).

Seeker [https://github.com/thewhiteh4t/seeker]
Trape [https://github.com/jofpin/trape]
TrackUrl [https://github.com/cryptomarauder/TrackUrl]
Bigbro [https://github.com/Bafomet666/Bigbro]
R4ven [https://github.com/spyboy-productions/r4ven]
IPlogger [https://iplogger.org/location-tracker/]
Ngrok [https://ngrok.com/]

With the use of geologists, the exact location of the user can be obtained. However, this will require the user to give their browser permission to transmit geolocation information. Otherwise, its location will be determined by its IP address. Those. to the settlement, no more.

3: Geolocation spoofing in Telegram.

Telegram functionality allows you to find chats and users who are close to your device. When using spoofing (substitution) of your geolocation data, you will be able to upload lists of Telegram users anywhere in the world.

Telegram Nearby Map [https://github.com/tejado/telegram-nearby-map]
Telegram Trilateration [https://github.com/jkctech/Telegram Trilateration]
Geogramint [https://github.com/Alb-310/Geogramint]

With a request frequency of 1 time in 5 minutes, provided for by the rules of the messenger, you will get a real opportunity to track the user’s movements online. Except in cases where the user does not use Telegram or has disabled the ability to detect his geolocation in it.

4: Using the methods and techniques of ADINT (intelligence on advertising modules).

ADINT allows you to isolate unique advertising identification codes associated with a mobile phone number, email address, or device MAC address. Then, according to the identified identifiers, a geotargeted advertising campaign or banner advertising can be launched. When a user receives an advertisement in a given geographic area, you will be informed about it in the advertiser’s personal account.

Yandex [https://audience.yandex.ru/]
Google [https://ads.google.com/]
Mytarget [https://target.my.com/]

The technique, like spoofing in Telegram, does not involve direct tracking of the user’s device, but only control over its possible appearance in covered locations (with a radius of 500 m — up to 10 km.).

😉👍 And subscribe to https://t.me/irozysk

… join my Medium Blog https://medium.com/@ibederov_en or Telegram https://t.me/ibederov_en!