WiFi Triangulation

With an IP address, a non-governmental source can only obtain so much information. Such as which Country and Town the IP originated from.

Let's say an adversary has obtained remote access to a device and need a more accurate geographical point of origin of infected device. This is possible through WiFi Triangulation. When an attacker may triangulate the nearby WiFi Access Points to determine the device's exact location. Even if the victim were to use a VPN, and the attacker has a shell on the system, it could bypass the VPN usage and get the devices real and current location.

NOTE: Local WiFi Password is closely related to this subject. Additionally, the mathematics to actually perform the triangulation will be added in the future.

Exploit (15m accuracy)

The image below shows Jim Browning's YouTube video on how WiFi Triangulation may be performed.

  1. As the attacker, look for the identifiable information of the WiFi signals around the victims device. Such as SSID or BSSID. See Windows syntax for inspiration.
  2. Use Wigle WiFi to locate for example the three WiFi Signals (People scan WiFi signals across the world all the time, don't be surprised if your personal WiFi signal is there!) WiFi Signals
  3. Observe how an approximate location of targeted device may be revealed to the attacker WiFi Triangulation