http://www.theregister.co.uk/2010/01/05 ... ling_hack/
http://samy.pl/mapxss/
http://www.google.com/latitude/intro.html
Mapping a web browser to GPS coordinates via router XSS + Google Location Services without prompting the user
Welcome. Here is a proof of concept on obtaining *accurate* GPS coordinates of a user sitting behind a web browser via router XSS. The router and web browser themselves contain NO geolocation/GPS data. This is also *not* IP based geolocation.
The method works like this:
1. You visit a malicious web site (why are people so mean?)
2. The web site has a hidden XSS against your router (in this example, I'm using an XSS I discovered in the Verizon FiOS router)
3. The XSS obtains the MAC address of the router via AJAX.
4. The MAC address is then sent to the malicious person. In the test case below, it's sent to me (not that I'm malicious!)
5. I then take the MAC address and send it along to Google Location Services. (http://www.google.com/latitude/intro.html) This is an HTTP-based service where router MAC addresses are mapped to approximate GPS coordinates from other data sources. There are NO special browser requirements, nor does a user need to be prompted. I determined this protocol by using Firefox's Location-Aware Browsing.
6. I grab the coordinates and show it to you in a pretty map below.
If you're on a Verizon FiOS router and logged in, you can test this XSS here. This was tested on a Westell UltraLine Series3 firmware 1.02.00.04.
If you're on Firefox, you can test the Location Services by clicking here. While this asks you to share your location, the XSS does NOT prompt the user!
Or, you can simply test the Location by entering a router MAC address:
(Example: MAC of my previous router, 00-11-24-ec-72-cf, actually located at 7070 Flight Ave, Culver City CA for comparison)
developed by samy kamkar, 01/04/2010
---
I set up google latitude in my igoogle. Inputting the MAC address above, I got a location in bueno aires?
Might be fun to tinker with..
--
http://apb.directionsmag.com/archives/6 ... vices.html
"First off, the API does not determine location. It taps into the preferred "location provider" set by the platform that implements it; it might be GPS, wi-fi, IP, or a combination. Then the API delivers the provided location in a standard way to apps (like Google Maps) that ask platforms (like Firefox) for a location.
It's the developers of those platforms (Firefox, Chrome, Gears) that determine which "location provider" to use. All three (Firefox, Chrome and Gears) use Google's tools (Google Location Services) as the default geolocation provider. Google announced that Firefox had chosen Google Location Services back in April. So, if you don't think your location is right, don't blame the API, blame the location provider!
"
--
DNR
Mapping a web browser to GPS coordinates
Mapping a web browser to GPS coordinates
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
-
floodhound2
- ∑lectronic counselor
- Posts: 2117
- Joined: 03 Sep 2006, 16:00
- 17
- Location: 127.0.0.1
- Contact:
