Slashdot Mirror

← Back to Stories (view on slashdot.org)

Geolocation XSS Tracker Proof of Concept

Posted by CmdrTaco on from the oh-thats-fine-i'm-sure dept.

Jamie found a bit of a scary link this morning that demonstrates a router XSS getting your MAC address and using it to map your current location. Which I'm sure is totally no big deal for anyone.

5 of 102 comments (clear)

  1. Or, maybe it doesn't by loftwyr · · Score: 5, Interesting

    Apparently my router is currently sitting in the former main office of the major telco for my area. Which is across town from me.

    And here I was thinking it was on my desk.

    So, fail

  2. Re:"from other data sources" by SoTuA · · Score: 2, Interesting

    Well, in my case the IP-based location is accurate to 5 miles, while this guy's thingy placed me 50 miles away...

  3. re: broadcast SSID by King_TJ · · Score: 2, Interesting

    I find broadcasting the SSID helps greatly in troubleshooting wireless issues for other people, if nothing else.
    If I get called out to the typical home user's place to help them "fix their problems getting on the Internet", they often don't have any clue what their SSID is set to. All they know is that "It worked ever since the Geeksquad guys came out and set it all up for us!" or what-have-you.

    On more than one occasion, I discovered the reason someone had issues had to do with neighbors buying new Linksys routers that had default SSID's of "linksys", matching the default of THEIR Linksys router they'd been using for months/years. Sometimes they were actually connecting to a neighbor's unsecured router for quite some time, before that neighbor made changes that booted them out -- and only THEN did they think they had things mis-configured.

  4. Wierd by ichthus · · Score: 3, Interesting

    I have two Wireless APs -- one of which is only active occasionally for guests. Here's what I got when I entered my MACs:

    Everyday (always on) router: It found my city, but the address was about two miles away.

    Guest router: It pinpointed my father-in-law's address. This is strange, because my router has never been located at his house. But, HE HAS CONNECTED TO MY ROUTER. Interesting.

    I checked the first address again, and this would be a friend's house, who I once connected his laptop to my network when I was fixing it.

    I'm not completely familiar with 802.11, but it would appear that computers that had previously connected to my MAC are regularly pinging this MAC in such a way as to be received by the Google drive-by's and recorded as actual MACs of actual APs. Is there another explanation?

    --
    sig: sauer
  5. PDF Presentation by robertkeizer · · Score: 2, Interesting

    It's worth noting that the presentation titled "Bad Memmories" was presented at the BlackHat conference is very similar to this. PDF available http://media.blackhat.com/bh-us-10/whitepapers/Bursztein_Gourdin_Rydstedt/BlackHat-USA-2010-Bursztein-Bad-Memories-wp.pdf