Excess information reconnaissance before you involve the human part in a security test never hurts! Exif data, GPS location data, etc can help you a lot while trying to social engineer a target. This is where Creepy will help you!
Creepy is a Python application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The learnt information is then presented in a map inside the application where all the retrieved data is shown accompanied with relevant information to provide context to the presentation. It supports the following map providing services:
- Google Maps
- Virtual Maps
- Open Street Maps
This is how the tool looks like:
This Python script allows location information retrieval from the following sources:
- Twitter’s tweet location:
- Coordinates when tweet was posted from mobile device
- Place (geographical name) derived from users ip when posting on twitter’s web interface. Place gets translated into coordinates using geonames.com
- Bounding Box derived from users ip when posting on twitter’s web interface. The less accurate source, a corner of the bounding box is selected randomly.
- Geolocation information accessible through image hosting services API
- EXIF tags from the photos posted.
So, by now you know that it can use Twitter as its source for information gathering. But wait! That’s not all! You can use the following social networking platforms and image hosting services for information gathering purposes:
- Foursquare (only checkins that are posted to twitter)
- flickr – information retrieved from API
- twitpic.com – information retrieved from API and photo exif tags
- yfrog.com – information retrieved from photo exif tags
- img.ly – information retrieved from photo exif tags
- plixi.com – information retrieved from photo exif tags
- twitrpix.com – information retrieved from photo exif tags
- foleext.com – information retrieved from photo exif tags
- shozu.com – information retrieved from photo exif tags
- pickhur.com – information retrieved from photo exif tags
- moby.to – information retrieved from API and photo exif tags
- twitsnaps.com – information retrieved from photo exif tags
- twitgoo.com – information retrieved from photo exif tags
That is a whole lot of surface area to be scratched! Your victim is bound to be using atleast one of the following services. We are waiting for FaceBook to be added to this list!
That’s not all! It works on almost all famous operating systems – BackTrack, Ubuntu and even Windows and is open source! If you want to learn the internals of this tool, just fire up Wireshark and you will know what it does. It sure is noisy! But, you do not need to care what you put on the wire while gathering social information. This is the gist of the functions that this little beast can perform:
- Automatic caching of retrieved information in order to reduce API calls and the possibility of hitting limit rates.
- GUI with navigate’able map for better overview of the accumulated information
- 4 Maps providers (including Google Maps) to use.
- Open locations in Google Maps in your browser
- Export retrieved locations list as kmz (for Google Earth) or csv files.
- Handling twitter authentication in an easy way using oAuth. User credentials are not shared with the application.
- User/target search for twitter and flickr.
We did face a few problems where accounts had a lot of tweets or photos, but those were limited by their respective API services. We also hope that the author adds Proxy support. Another good thing about this application is that it supports exports of the found location as a .kmz or .csv file. Oh yes! Change the Flickr API key too. Want to know how it does all of that? Here is the list of Python libraries it implements:
- tweepy
- osmgpsmap 0.7 (and python bindings)
- python-flickrapi
- BeautifulSoup
- pyexiv2
- python-configobj
- python-simplejson
Download Cree.py v0.1.8 (CreepySetup_0.1.81.exe/creepy_0.1.80-1ubuntu2_all.deb) here.
Searches leading to this post:
creepy application, creepy python, creepy geolocation, creepy exif, geolocation information aggregator, cree py python
Comments on this entry are closed.