Learn tracking someone down: The Practical Way
Hey everyone! In the last article, I have shown you how to dump leaked password of anyone using email address. In this article, We are going to learn how we can use someone’s image which will help us in tracking them down.
We all upload our pictures on the social media without thinking but these images can be very useful in tracking someone’s down. Both black hat as well as White Hat Hackers use this techniques to track someone over the internet by getting more and more information through various data. It can image,email address, their social handles etc.Recently, there was a man Satoshi which was gone missing in Japan and was found because of the method that we will discuss in this article. You can read more about that incident over here.
We will be using Pimeyes, A tool that gives us the flexibility of tracking someone down with only an image. This tool basically uses AI to find the person in the image on the internet. A/Q PimEyes, “It is an online face search engine that goes through the Internet to find pictures containing given faces. PimEyes uses face recognition search technologies to perform a reverse image search.“
Now, let us learn how we can track someone by someone’s image.
Annonucement: If you want to learn how hackers hack millions of accounts on a website, Then i recommend you to check out this beginner friendly course which will teach you how to perform account takeovers in real world websites. Enroll this course now in only $4.55 usd (RS 360) before the offer expires(Last date of offer: 7th July 2022)
Tracking Someone Down: Using PimEyes
Now their are 4 main steps involved to use PimEyes:
Upload: Upload the image of victim (Here i am uploading Elon Musk’s Image for an example)
Result: After uploading the image, we will get output as shown below
On scrolling down, we can see that there are even different image of Elon Musk with the source link present:
Tracking Someone Down: Use of PimEyes
While it may seems that these information may not be useful, But for attackers as well as ethical hackers this information is kind of like a Gem. Let’s take some example to understand why:
Example #1(From the Attacker’s prospective): Let suppose there is an hacker that wants to hack a person A. In the initial recon, he didn’t find any juicy information. All he had was an image of that person. Now using this tool, the attacker narrows down multiple website where the actor is sharing his information or details. Let say the attacker finds that there is a website(xyz.com) where the actor is registered. After analyzing the website, the attacker found an Account Takeover vulnerability that allowed him to access the person’s account without proper authorization. Finally, the attacker steals the person A’s sensitive details and performs malicious action with it.
Example #2(From an Officer’s prospective): Let suppose their is a psychopath who leaked someone’s personal pictures&videos. An Ethical Hacker is requested to solve this case. The hacker now used pimeyes to narrow down most of the websites where the video & pictures were leaked. Using his skills, he first got rid of all the leaked videos & pictures. After that, he analyzed all the websites and by using his reconnaissance skills he got the IP address from where the psychopath uploaded those files. After tracing the IP, the ethical hacking was successfully able to caught that psychopath.
So, I hope you all have understood how we can use PimEyes in tracking someone down on the internet. Please note that this is a paid tool and you need to buy the subscription to be able to use it with full potential.
Check out this course to learn more about Account Takeover and how data breaches happen in a company due to web misconfiguration.