Hi SecuriTeam crowd. After much soft-presure from Brian, I’m finally putting my ‘SecuriTeam Blogger Hat’ and hopefully this will be the first of many WebAppSec and O2 Platform related posts.

For my first post I chose the lastest script that I just added to the OWASP O2 Platform (http://o2platform) which is called “Tool – Find Physical Location via MAC Address (using Google’s APIs).h2″ and does exactly that. It will show your current location using your current wireless router’s MAC address (or the location of a provided MAC address)

This is based on the research done by Samy’s on his “How I meet your Girlfriend” presentation (currently on an OWASP EU Tour presenting it) and it is a good example of the O2 Platform’s powerful dynamic scripting environment (I wrote that PoC in a couple hours)

For more details on how this works see

• Tool – Find Physical Location via MAC Address (using Google’s APIs).h2 Wiki page with technical details and ‘How to’ screenshots
• Using a MAC address to find your physical location (via Google Location Services)  – Blog Post on my personal Blog (sorry SecuriTeam, I will link back to here next time )
• http://www.youtube.com/watch?v=G_XfZ99ZKCc – mandatory You Tubes video

I think that the fact that Google exposes this information is a big deal, and I personally (as a consumer with exposed data) am not happy at all with it. But my personal feelings don’t really matter here, the question I think we should try to answer is: ‘How big is this problem?’

Basically, since MAC addresses are now a valuable asset, let’s go “Phishing for MACs” and figure out all the ways we can calculate/map/find them.

On the O2 script above I used “arp -a” to get the local wireless router, Samy used an XSS on the router, so what other ways there are to find router’s MAC address?

I wonder if we can Brute Force Google’s Location Services database and get a maping of ALL “MAC addresses+Locations” that they have currently stored