Social Mapper: A crazy-ex girlfriend’s favorite tool.

From the inception of the internet, people have been looking for ways to exploit systems to their own benefit. And with the invention of Facebook, stalking became not only sociably acceptable…but everyone’s favorite past time. When “web2.0” hit the scene, a handful of people utilized search engine’s in order to gleam information that was thought to be kept private.

For example, Google dorks are one of the simplest ways to totally “pwn” someone as the script kiddies like to say. Just put in a couple magic phrases, and passwords galore come back. For example, after putting in the following phrase, three pages worth of files containing passwords come back. inurl:wp-config-backup.txt

So as you can see, people love using computers in order to obtain information that would other wise force you to get up from the couch in order to get. Now, with the advent of Github and Opensource packages, new tools to give people what they want were created. And with that, comes morally ambiguous packages like Social Mapper.

What is social mapper?

Social Mapper is a computer program that takes in an image of a face, and scours all social media platforms for pictures that resemble that face. So for example, say you suspect your spouse of cheating with one of your facebook friends, but are unable to find their Instagram or Twitter. Social mapper is the tool for you. Just download a picture of them from Facebook, pop it in Social Mapper, and wait.

You will get their profiles back from the following social networks.

  • LinkedIn
  • Facebook
  • Twitter
  • GooglePlus
  • Instagram
  • VKontakte
  • Weibo
  • Douban

How to install?

The program is easy to install, but does require some command line knowledge. As well, the documentation skips a couple steps that may prove as stumbling blocks. The first thing you’ll want to do is download the package from Github.

Here is the download link.

Once downloaded, open the project up and change into the setup folder. Once inside, run the command “python -m pip install –no-cache-dir -r requirements.txt” to install all the necessary dependencies.

COMMAND: python -m pip install –no-cache-dir -r requirements.txt

You may come across an error about “DLIB”, but you can easily remedy the issue by installing the following packages.

$ sudo apt-get install build-essential cmake
$ sudo apt-get install libgtk-3-dev
$ sudo apt-get install libboost-all-dev

Now that your all set up with dependencies, its time to enter your credentials into the program, so Python can search social media outlets on your behalf.
Now download a couple images of your “target”, and place them inside a images folder that will be parsed by the program. When you place the images inside your the folder, make sure to name them the name of your target and wrap the whole file name in single quotes. Like so,
Make sure to wrap the whole file name in single quotes.
Now, to run the program you have to make a couple decisions. Do you want super accurate results? Or do you want quick answers? Usually, for “snooping on someone” purposes, quick answers are suffice. So the mode you put the program in would be “fast”. “accurate” mode takes much longer.

After running the command, you will see the program start to work, and return results like these.

The results come back in HTML format, and each image is a link to their different profile.

This is pretty amazing, because it’s using facial recognition, instead of parsing strings and texts. The program checks for users with the name you supplied in the picture, and if it finds a name, and then checks if the images are similar. This is much quicker than going to every social media site, typing in names, and sifting through data.

In Summation

This tool is handy, for crazy-ex girlfriends. Also, for professional pen-testers and red-teamers, this tool saves lots of time and effort that would otherwise be cumbersome. The github to download the program will be below, and as always, ‘with great power comes great responsibility’, so be sure to use with caution and permission.

 

[visual-link-preview encoded=”eyJ0eXBlIjoiZXh0ZXJuYWwiLCJwb3N0IjowLCJwb3N0X2xhYmVsIjoiIiwidXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL1NwaWRlckxhYnMvc29jaWFsX21hcHBlciIsImltYWdlX2lkIjo4MjYsImltYWdlX3VybCI6Imh0dHA6Ly8xMDAwZGF5c29mY29kZS5jb20vd3AtY29udGVudC91cGxvYWRzLzIwMTgvMDgvR2l0SHViLU1hcmsucG5nIiwidGl0bGUiOiJzb2NpYWxfbWFwcGVyIiwic3VtbWFyeSI6IlNvY2lhbCBNYXBwZXIgaXMgYSBPcGVuIFNvdXJjZSBJbnRlbGxpZ2VuY2UgVG9vbCB0aGF0IHVzZXMgZmFjaWFsIHJlY29nbml0aW9uIHRvIGNvcnJlbGF0ZSBzb2NpYWwgbWVkaWEgcHJvZmlsZXMgYWNyb3NzIGRpZmZlcmVudCBzaXRlcyBvbiBhIGxhcmdlIHNjYWxlLiBJdCB0YWtlcyBhbiBhdXRvbWF0ZWQgYXBwcm9hY2ggdG8gc2VhcmNoaW5nIHBvcHVsYXIgc29jaWFsIG1lZGlhIHNpdGVzIGZvciB0YXJnZXRzIG5hbWVzIGFuZCBwaWN0dXJlcyB0byBhY2N1cmF0ZWx5IGRldGVjdCBhbmQgZ3JvdXAgYSBwZXJzb27igJlzIHByZXNlbmNlLCBvdXRwdXR0aW5nIHRoZSByZXN1bHRzIGludG8gcmVwb3J0IHRoYXQgYSBodW1hbiBvcGVyYXRvciBjYW4gcXVpY2tseSByZXZpZXcuXG4iLCJ0ZW1wbGF0ZSI6ImRlZmF1bHQifQ==”]

You Might Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *