| Thursday July 24th 2014

Feedburner

Subscribe by email:

We promise not to spam/sell you.


Search Amazon deals:

HOWTO: Find anyone’s address from their router MAC address using undocumented Google Maps API


Google Maps locationHere is a proof of concept on obtaining *accurate* GPS coordinates of a user sitting behind a web browser via router XSS. The router and web browser themselves contain NO geolocation/GPS data. This is also not IP based geolocation.

I’m not so amazed that a router firmware could be vulnerable to an XSS attack on the WAN facing GUI. Really I’m just pissed that Google has a database that’s public facing and maps mac addresses to GPS. There’s something scary about the fact that I just entered my LAN facing mac address and Google came up with exact coordinates to my building… Here’s how it works:

  1. Google, while doing streetview, also collected the data of which wireless networks were around, and specifically the MAC address of those routers, and then mapped them to lat-long coordinates.
  2. This takes advantage of XSS exploits in certain routers – in this case, it only works with Verizon FioS routers, but if XSS exploits are found in other routers it could very well be adapted.
  3. You visit a malicious page. This page performs said XSS exploit, and retrieves the MAC address from your router.
  4. Said page, having your MAC addy, then queries google for the lat-long coords where that MAC addy was found during streetview (if it was found, of course).

MapXSS

Related Posts: On this day...

Reader Feedback

One Response to “HOWTO: Find anyone’s address from their router MAC address using undocumented Google Maps API”

  1. Rolf says:

    Great article, but that doesn’t appear to work with my router ip address, any helpful hints?

Leave a Reply

You must be logged in to post a comment.