GPS does not work well in many urban areas. Buildings reflect GPS signals on their own to create a confusing mess for phones to sort out. As a result, most modern devices determine their location using a combination of techniques, including nearby Wi-Fi networks. By using SkyLift to create fake networks known to be in other areas, we can manipulate where a device thinks it is with an ESP8266 microcontroller.
For devices with limited access to GPS, Wi-Fi networks are a reliable way to find out where a device is located. Hackers can exploit the error by sending out signals that appear to come from known networks. While the tactic doesn't work in areas with many other Wi-Fi networks or a clear GPS signal, it works really well on sites that force smart devices to rely on aGPS.
How do smart devices do geolocation? [1
9659004] The problem of locating a device is not new, and most smart devices have a range of options in addition to GPS to determine where it is located. These can be things like cell towers, which do not move and are useful for determining the relative location of a user. As the demand for fast GPS devices started to increase, Assisted GPS or aGPS became a way for devices to bypass the long signal acquisition time it took to get a traditional GPS lock.
To help locate a location device with little or no GPS reception, most smartphones continuously record the location of nearby Wi-Fi networks. These are added to a huge database of localized networks localized by multiple users, providing the information needed to determine where a device is over which Wi-Fi networks it can see.
Networks Tagged with Geolocation Information on Wigle.net.
How do we spoof aGPS?
Now that we know how aGPS works, we can look for ways to abuse it. One of the most obvious ways is to easily find areas that rely more on aGPS than traditional GPS to determine a location. It can be anywhere where there is no line of sight to the sky or deep in buildings or car parks where GPS signals cannot penetrate. These conditions force smart devices to rely on less accurate data to find their geolocation, like all nearby Wi-Fi networks.
Once we force smartphones into a state where they rely more on aGPS than GPS to determine their location, using a project called SkyLift, we can broadcast Wi-Fi beacon frames from networks with a previously logged geolocation to it. confuse device. It will only work if there are few competing networks, as in a dense urban area the results can range from random movement to complete failure when real known networks are nearby.
If we are in an excellent location to force phones to use aGPS to know where they are, we can also choose specific locations we want to spoof. To do this, we can go to the site and record Wi-Fi traffic or use Wigle.net to ask which networks are in a location we want to spoof and then copy the network data.
You'll also need an internet-connected computer running Arduino IDE installed. We will use it to program the microcontroller, and the micro USB data cable will be used to connect the ESP8266 to the computer for power and programming.
You can download the Arduino IDE from the official website. Once installed, you need to click on the "Arduino" dropdown menu and then select "Preferences". Then paste the following URL into the Extra Boards Manager URLs field.
When done, click "OK" to close the menu.  How to Change a Phone's Coordinates by Counterfeiting Wi-Fi Geolocation Hotspots ” width=”532″ height=”532″ style=”max-width:532px;height:auto;”/>
Next, you need to add the NodeMCU to the Boards Manager. Click & # 39; Tools & # 39; and move the mouse pointer over the & # 39; Sign & # 39; to see the drop-down list. Click on "Boards Manager" at the top to open the window where we can add more boards.
Type "esp8266" in the search field when the Boards Manager window opens. Select "esp8266" from "ESP8266 Community" and install it.
You should be ready to program your ESP8266 based microcontroller now. Connect your ESP8266 to your computer. When you click on "Tools", you should see the automatically selected port.
Select the "NodeMCU 1.0" or whatever ESP8266 you use in the "Board" menu. If you're using a bad USB cable, the port may not show up, so if you don't see anything after completing the other steps, try a different cable first.
There are two main buttons at the top. The checkmark compiles and checks our code for errors, and the right arrow pushes the code to the NodeMCU.
~ $ git clone https://github.com/adamhrv/skylift.git"19659022 ?? Once it is completed we can change the folders to the folder downloaded and open the sketch in Arduino IDE.  ~ $ cd skylift
~ $ cd skylift_demo /
~ $ open skylift_demo.ino
Here you see configuration files and the main script.
For our demo we won & # 39; t change it. We can plug in our ESP8266 and, if we see the LED flashing on it, proceed to the next step.
Step 3: Push the code to the ESP8266
Now it is time to push our code to the ESP8266, which must be connected to our computer with Arduino IDE via a micro USB cable.
Make sure the correct board is selected in Arduino and the port is set to the correct interface for the ESP8266. Once you are sure the settings are correct, you can click the arrow icon to upload the code to your ESP8266-based board. It shouldn't be long, and when it's done, you should see several open networks nearby.
In our example, the open networks are the signals we are fooling because they are known networks located to Facebook. headquarters. If we can place a smart device in a position where it only has those signals to determine its likely location, we can make it believe that it is near the networks at Facebook's headquarters rather than its actual location.
When your phone tries to locate itself, it only has the spoofed signals from the ESP8266 to rely on. Since these are not reliable, the location must be determined as Facebook headquarters.
The location must be encoded in photos taken with geolocation enabled suggested by apps the target is using and it will continue to until you stop broadcasting forged networks or the target gets a good signal from a GPS satellite or a legitimate nearby network with a known location.
A-GPS is easy to spoof in the Right Areas
Smart devices have many ways to determine their location, and hackers can use them to create a situation where a device depends on fake information. It has been used for everything from art projects that spoof devices, to the pools of the wealthy and famous, to situations where manipulating clues could give hackers an advantage. While it may not be a problem in every environment, be extra wary of GPS locations that are distracted deep inside buildings or other areas that force devices to rely on easily spoofed signals.
I hope you find this guide on forging aGPS locations using an ESP8266 microcontroller! If you have any questions about this tutorial on forging aGPS with Arduino, ask below. And if you have a comment or idea for a future episode, feel free to contact me on Twitter @KodyKinzie .
Want to make money as a white hat hacker? Start your White-Hat Hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and receive over 60 hours of training from Ethical Hacking Professionals.