full-disclosure-uk January 2010 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Geolocation Question

Re: [Full-disclosure] Geolocation Question

From: Dan Kaminsky <dan_at_nospam>
Date: Thu Jan 07 2010 - 22:07:01 GMT
To: Valdis.Kletnieks@vt.edu


No, he uses an XSS against the router to pull its wireless MAC, and then puts that into Firefox's location services API. That bounces off various wardriving sources and comes up with a latlong.

On Thu, Jan 7, 2010 at 10:56 PM, <Valdis.Kletnieks@vt.edu> wrote:

> On Thu, 07 Jan 2010 04:26:26 EST, "McGhee, Eddie" said:
>
> > I only have one question how does Google get the information of MAC
> address's and locations.
>
> I suspect it's a case of bad reporting and they confused MAC and IP
> addresses:
>
> "For now, it works only on FiOS routers supplied by Verizon, and then only
> when
> users are logged in to the device's administrative panel."
>
> I'm guessing it works by poking the router, asking it what its upstream IP
> address is, and then geolocating that.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/