Hack Like a Pro: How to Find the Exact Location of Any IP Address

How to Find the Exact Location of Any IP Address

Hack Like a Pro: How to Find the Exact Location of Any IP Address

Welcome back, my tenderfoot hackers!

Have you ever wondered where the physical location of an IP address is? Maybe you want to know if that proxy server you are using is actually out of your local legal jurisdiction. Or, maybe you have the IP address of someone you are corresponding with and want to make certain they are where they say they are. Or, maybe you are a forensic investigator tracking down a suspect who wrote a threatening email or hacked someone's company.

Now you can find the location of that IP address without a subpoena or search warrant.

A company called MaxMind maintains a database of the location of every IP address on the planet complete with GPS coordinates, area code, zip code, and country. This database is not in a typical relational database format, but rather in a flat file. MaxMind charges a $370 site license and $90/month (or $1360/year) for updates to this database. Their software has a beautiful front end that makes querying the database easy enough that even Windows or Mac users can manage.

MaxMind also gives away a free developers version of this database without any software or tools to read it. Although slightly less accurate than the commercial version, the price is certainly right. All we need to find the location of the IP is a program to read this data.

Two programmers, Jennifer Ennis and T. Williams, have developed a small Python script called pygeoip and released it under the GPL license that enables us to input an IP address and output this critical information. I think this tutorial is self-explanatory, but if you want to refresh your Python skills before diving in, take a look at our Python tutorials.

Step 1: Fire Up Kali & Open a Terminal

The first step, of course, is to fire up our our trusty Kali system, or in this case, any Linux distribution. Then, open a terminal.

Note: Be cautious of the formatting below for commands. The formatting of this article will create big space gaps since it stretches lines out to fit the margins. This is because of long URLs that try to fit themselves on a separate line. Large spaces equals just one space, so keep that in mind. Refer to the screenshots to see how they actually look.

Step 2: Download the Database

Now we need to download the database from MaxMind, and we can get it by typing the following.

kali > wget -N -q http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz

Then we need to unzip it.

kali> gzip -d GeoLiteCity.dat.gz

Let's now check that the database is in place by listing the directory.

kali > ls -alh GeoLiteCity.dat

Step 3: Download & Install Pygeoip

Next, we need to install the Python script to read the database, pygeoip. We can download it by typing the following.

kali > wget http://pygeoip.googlecode.com/files/pygeoip-0.1.3.zip

Then, unzip it.

kali > unzip pygeoip-0.1.3.zip

We next need to download some setup tools into the pygeoip directory.

kali > cd /pygeoip-0.1.3

kali > wget http://svn.python.org/projects/sandbox/trunk/setuptools/ez_setup.py

kali > wget http://pypi.python.org/packages/2.5/s/setuptools-0.6c11-py2.5.egg

Let's now move and then build and install the setup tools.

kali > mv setuptools-0.6c11-py2.5.egg setuptools-0.7a1-py2.5.egg

kali > python setup.py build

kali > python setup.py install

We need to move the database to the pygeoip directory so that script can access it without having to use the full path.

kali > mv GeoLiteCity.dat /pygeoip-0.1.3/GeoLiteCity.dat

Step 4: Query the Database

Now that we have the database in place and the pygeoip script downloaded and installed, we can begin to query that database with pygeoip.

First, we need to start a Python shell.

kali > python

Then, you will be greeted will the triple >>> indicating you are now in an interactive python shell. Let's import the module and instantiate the class.

>>>import pygeoip
>>>gip = pygeopip.GeoIP('GeoLiteCity.dat')

Next, we are ready to begin our query. Let's see where Google is located.

>>>rec = gip.record_by_addr('')
>>>for key.val in rec.items():
... print "%s: %s" %(key,val)

Please note that it is critical to indent the "print". If not, you will throw an error.

As you can see, we were able to locate Google's IP in Mountain View, CA at area code 650, postal code 94043, longitude -122.0574, and latitude 37.4192. Not bad! Now, let's try to locate the IP of cnn.com.

Once again, the combination of the database and pygeoip script was able to provide us with key location information on CNN's IP address.

This little tool is great for locating any IP address in the world, albeit, it is a bit clunky. Maybe someone here in the Null Byte community with good Python skills would like to write an interactive script with a nice user interface where the user can simply enter the IP and get the record information?

Keep coming back, my tenderfoot hackers, as we continue to explore the tools and techniques of hacking!

Cover image via Shutterstock


Another option to access the MaxMind database and several other GEO IP databases is to use IPLocation.net. Enter the IP address and you'll quickly see results from 6 GeoIP services. Often, one has better than data than the other.

Cool, this will definitely come in handy later on.

whats different from this and a ip lookup website?

That site only gives you the country. This database is MUCH more precise and complete.

for me it gives me the state and sometimes the city

I am unable to download the pygeoip. Whenever i try to download it , it just show up 404 Not Found error. Pl provide a solution for this.

I was following the instructions and fixed some things that were wrong.
Instead of
wget http://svn.python.org/projects/sandbox/trunk/setuptools/ez__setup.py
The fixed one is
wget http://svn.python.org/projects/sandbox/trunk/setuptools/ez_setup.py
and instead of
wget http://pypi.python.org/packages/2.5/s/setuptools-0.6c11-py2.5.egg

The fixed on is
And the other problem I came across was the:
kali > mv GeoLiteCity.dat /pygeoip/GeoLiteCity.dat
That really confused me because when I checked ls
there is only pygeoip-0.1.3

Im not sure what to do after tha because when i put the GeoLiteCity.dat to the pygeoip-0.1.3 folder and continue with python, I get an error when I input these commands.

gip = pygeopip.GeoIP('GeoLiteCity.dat')
rec = gip.recordbyaddr('')

The error looks like this:
Traceback (most recent call last) :
File "stdin>", line 1, in <module>
NameError: name 'pygeopip' is not defined

Thanks in advance!

that is becouse it supposte to be like this

gip = pygeoip.GeoIP('GeoLiteCity.dat')

Finally got it to work!

Hello otw
I have created a Python script which automates the process including the download of the database.
If you want I can post it here.

Just share :
make python file with text editor you like, then write:

import pygeoip
x = raw_input('Input IP : ')
gip = pygeoip.GeoIP('LocationofGeoLiteCity.dat')
rec = gip.record_by_addr(x)
for val in rec.items():
print "%s: %s" %(val)

save it and then run it (btw, i install pygeoip with pip install pygeoip)
correct me if i'm wrong and sorry if my english was bad....(btw i'm Indonesian). Nice to meet you all.


Salam kenal bro, kalo boleh tau itu seakurat apa yah ? masak sampe tau lokasi tempat kita online., sori belum coba. hehe :D.

How accurate is these tools ? can my online location discovered ? Sorry, not yet try it.

Use of a VPN stops any attempt at location.

After entering ... print "%s: %s" %(key,val)
I get stopped at

Traceback (most recent call last):
File "<stdin>", line 1, in <module>
NameError: name 'key' is not defined

get rid of "key" instead just use "val" i.e for val in rec.items:
print "%s:%s:" %(val)

Did you indent that line as I noted in the article?

python setup.py build does not work for me, any idea why?

What is the error message? Did you download setup.py successfully?

Did you move the setuptools into the same directory.

if you mean to run commend "mv setuptools" then yes, I did it

Make certain it actually moved to the proper directory and everything is spelled correctly.

I just did "sudo easy_install pygeoip". Easy_install is a cool little python built in feature that will install most third party modules completely and easily.

i was wondering how to deface a website?

Would you like the magic website defacer tool?

i wanna know what exploits are needed

Try XSS. I've made a series about it, and hopefully that will help you. If it doesn't, there are many other ways.

Thanks friend. I found the correct command. Also this command does not work. "mv GeoLiteCity.dat /pygeoip-0.1.3/GeoLiteCity.dat"

I had to delete the latter part "mv GeoLiteCity.dat /pygeoip-0.1.3" which I don't know if it worked.

Am I on the right part?

No, you need that mv command. Make certain you have a space between .dat and /pygeoip.

There is a space between .date and /pygeoip. This is what I get all the time.

root@xkali:~# mv GeoLiteCity.dat /pygeoip-0.1.3/GeoLiteCity.dat
mv: accessing `/pygeoip-0.1.3/GeoLiteCity.dat': Not a directory

Check to see whether the pygeoip durectory exists.

Yes the directory exists.

This "pygeoip-0.1.3" but this "GeoLiteCity.dat" does not exist. It is a dat file.


mv GeoLIteCity.dat /pygeoip-0.1.3

Another issue; This is what I get:

root@xkali:~# mv GeoLiteCity.dat /pygeoip-0.1.3/GeoLiteCity.dat
mv: accessing `/pygeoip-0.1.3/GeoLiteCity.dat': Not a directory

What do I do?

Dude just type mv /root/GeoLiteCity.dat /root/pygeoip-0.1.3 and it works.

hey guys, what is the last line supposed to be?
i tried "print "%s: %s:" %(key,val)" but it gives me

File "<stdin>", line 1
print "%s: %s:" %(key,val)
IndentationError: unexpected indent

i tried removing the indent and it says "name "key" is not defined"
if i remove key it says "name "val" is not defined".
any ideas? :(
(sorry for noobness, i'm what you would call a script kiddie xD )

The "print" line must be indented.

nevermind, i found out that i have to type all for last lines again to get some results xD

now my main problem is that after i type everything correctly (all 4 lines from the start) i get another error:

>>> rec=gip.recordbyaddr('x.x.x.x')
>>> for key.val in rec.items():
... print "%s: %s:" %(key,val)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: 'NoneType' object has no attribute 'items'

Did you indent the print line?

Did you put the _ in the record_by_addr()?

I'm pretty sure it's a typo in your code. Try sending us a screenshot so we can help you debug it.

This code looks good, so I would look at your setuptools. Did they get moved into your pygeoip directory?

well i guess everything looks fine
here are 2 screenshots, one with pigeoip-0.1.3 and one with root

just wander if this will work on this IP

Of course, it will. Try it.

It works on all but private IP's.

bu wait a minute, i entered the cnn's headquarter's coordinates into gmaps and i ended somewhere in antarctica. i'm not sure the database runs properly.

PS i also still didn't manage to make it run. :D

but the google ones are somewhat accurate though they don't point to google HQ, instead they point to moffett fed airfield which is about 5-6 km to the east.

You entered them in incorrectly. You reversed longitude and lattitude

Done everything:

Python 2.7.3 (default, Mar 14 2014, 11:57:14)
GCC 4.7.2 on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import pygeoip
>>> gip = pygeoip.GeoIP('GeoLiteCity.dat')
>>> rec = gip.recordbyaddr('')
>>> for key.val in rec.items():
... print "%s: %s" %(key,val)
still no results

QHKWANSA what is the actual output you're getting there?(where you wrote 'still no results'). If that is exactly what your code looks like, you no doubt get an error because there should be a comma between key and val and not a dot like you have there.


Check out some of the comments regarding this URL above.


do you already have fixed it because i need a new link

Python 2.7.3 (default, Mar 13 2014, 11:03:55)
GCC 4.7.2 on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import pygeoip
>>> gip = pygeoip.GeoIP('GeoLiteCity.dat')
>>> rec = gip.recordbyaddr('')
>>> for key.val in rec.items():
... print "%s: %s" %(key,val)
I did everything else correct but when I try to run I have no results
The print was indented
No error came up just no results

So can anyone help me find a exact location of a Ip adress. The owner of the ip have been sending threats to a friend of mine, saying that she will die. We don't know who the person is because he or she is using a fake account on fb.

I dont have any experience of this so I hope any of you people can help me!
The IP is:

When I check on http://www.iplocation.net/ some of them say the ip is loaded in Vastrahaninge and some of them say its located in nynashamn in sweden.

But we need a exact location so we can get evidence

Best regards

PS. If you got some information for me plz send it as a private massage on fb.


This method will only provide you with the city of the IP. To find the exact location, you will need to go to the ISP with a subpoena or search warrant.


Here are all commands you need fixed:
wget -N -q http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
gzip -d GeoLiteCity.dat.gz
wget http://pygeoip.googlecode.com/files/pygeoip-0.1.3.zip
unzip pygeoip-0.1.3.zip
cd pygeoip-0.1.3
wget http://svn.python.org/projects/sandbox/trunk/setuptools/ez_setup.py

wget https://pypi.python.org/packages/2.5/s/setuptools/setuptools-0.6c11-py2.5.egg#md5=64c94f3bf7a72a13ec83e0b24f2749b2

mv setuptools-0.6c11-py2.5.egg setuptools-0.7a1-py2.5.egg
python setup.py build
python setup.py install
mv GeoLiteCity.dat /pygeoip-0.1.3
import pygeoip
gip = pygeoip.GeoIP('GeoLiteCity.dat')
rec = gip.recordbyaddr('')
for val in rec.items():
{press tab} print "%s: %s" %(val)

Dude, when I type cd/pygeoip-0.1.3 it returns me that this : No such file or directory. Why? I folloved your instruction and it is showing my this :(

Did you put a space between cd /pygeoip-0.1.3??

Everything is going well, but after the "print" line it stays blank.
So it shows no location.

I found the problem.
On the following line you need to place a comma between key and val instead of a dot:
>>> for key.val in rec.items():

Or just leave out "key" in that line and than also in the following line:
... print "%s: %s" %(key,val)

Hi, I am facing some trouble with a person through his messages online. I badly want to locate this person. So i was able to get his IP address, but to get exact location/city I think this is the best setup explained. If anyone already has the setup, can u please look into one IP address and let me know the location?

Looking forward for ur help.

I wrote this tutorial so that you can do it yourself.

well, i am done with the setup now. when i query, i get an error as in the snapshot below.
Please suggest me where can I find the aircrack-ng compatible wireless card and which one to buy?
My setup is done in Oracle VirtualBox. Is the wireless card mandatory and what would be its setup?

You skipped some steps. You are on the wrong directory. Go back and start again and follow each step carefully.

The error message tells you exactly what is wrong.

Thanks. I got it. Checked with giving my IP as input, it is pointing to the correct city. But when I input the other IP address I wanted to know about, it just shows the country and co ordinates. And the co ordinates points to a city. Do u think this location as per the co ordinates is true?

Also I got all these without using a wireless card with the VirtualBox. Do u think it is OK?
Awaiting response

There? Please reply. Am stuck here

Hey.... You can't find the "exact location" of an IP Address.... You can find the neighborhood, maybe. City, possibly. But the exact location is never true...

Hey hi, I got all the setup done. Checked with giving my IP as input, it is pointing to the correct city. But when I input the other IP address I wanted to know about, it just shows the country and co ordinates. And the co ordinates points to a location. How close this location would be as per the co ordinates?

Also I got all these without using a wireless card with the VirtualBox. Do u think it is OK?
Awaiting response

Those method only works for static IPs.If you got Dynamic IPs from IP pool of ISP this will never show even your nearest town :D

Yeah, but hackers want to have a static IP, otherwise reverse connections can only last for a short period of time.

That's why hacking is so hard people like me(with a dynamic IP)

I never had to pay for a static IP. I got one to begin with...

I have a question here.is there any way to find out current DNS server that i am using ?

Yes, just open Command Prompt (for Windows) and type ipconfig /all. Then scroll down to your LAN adapter, and there should be a DNS section near the bottom.

works :D now

I am a total newbie, please be nice, i really want to know how to get victim's IP address, ive seen a lot of your articles and metasploit attacks along with XP webcam Remote keylogger,

All require an IP address of the victim, how do i get that? that would require physical access to his computer? I just can not seem to find how to get VICTIM'S ip, i really really need to learn this stuff in a month, please help me SIr.

I tried out everything and the 'python setup.py build' command is not working. I also double checked whether the 'mv' command is typed properly, and all seems to be fine.. it keeps giving me the following error when i try to build and install the setup file. Any help is greatly appreciated

When you download the setup tools, make sure you are in the pygeoip-0.1.3 folder in the terminal so it downloads it directly there. The move command in the tutorial is just renaming the file, its not actually moving it to another location, which would take care of that error. Hope this helps.

It worked for me till the end, but it just doesn't display anything after the "print" line. I tried it 5 times on two different machines, but nothing worked out. I am starting to think that database has some problem. Anyone else have the same problem? Using Kali sana 2.0. Thanks

When i tried to import pygeoip it told me the wasn't a module named pygeoip, any help?

everything works great up until printing out the results. the screen just stays there like this.

Image via imgur.com

Got it. Change . in between key and val to , then press enter

Just installed Kali about a week ago, and have been rather busy so I haven't done much with it. Did it with Virtual Machine, and tried following these instructions, but nothing seems to happen. This is what I end up getting instead...


Anyone know what's wrong? Since I haven't really done anything with Kali yet, am I missing programs that need to be installed prior to this?

There is nothing wrong except that you need to study Linux. You are using the ls command incorrectly. I strongly recommend that study my Linux for aspiring Hackers series.

I'm unsure as to how I could have messed something up. I'll give it another try, but I'm wondering if there is a program that I have failed to setup on Kali to get the installation like that to work...

Aha, I am partially right. The ls command isn't working at all for me. Unsure why. Was following another tutorial to make sure I was handling commands correctly, and halfway through it wanted me to use ls, but when I did so, nothing happened at all, as though the command does not exist, which is what happened when I attempted this tutorial.

Therefore, the conclusive evidence points to a mechanical flaw of some sort.

Mechanical flaw? What part of this is mechanical?

Sigh. Sometimes I use the wrong wording... A flaw with my installation of Kali, or Kali in general. I'm 100% sure I'm following each step exactly, in both tutorials, but yet I'm not getting the responses I should be getting from the terminal.

I mean, I haven't installed or messed with any settings or anything yet. It's basically a fresh boot of Kali. Am I missing anything important that is causing the command to not register?

Show me a screenshot of what happens when you type "ls -l" in the terminal.

Nothing wrong there mechanically.

Hmm... I'm gonna go through the entire process again, and see if I can figure out what I goofed up.


So.... I downloaded it manually, even found it listed in the Downloads directory, and followed those steps I just screenshotted. For some reason, it just doesn't seem to want to find the file. I can't figure out quite what I'm doing wrong. Even repeated this several times.

Your screenshots reveal that your Linux skills are inadequate for this tutorial. I suggest you go through all my Linux tutorials.

The problem at this stage is that you downloaded it to the Desktop directory, but you are not in the Desktop directory looking for it. Hone up on your Linux skills.

gip = pygeoip.GeoIP('GeoLiteCity.dat')
AttributeError: 'module' object has no attribute 'GeoIP'

I get those error . Anyone know what wrong with it ?

here the code :-

import pygeoip
gip = pygeoip.GeoIP('GeoLiteCity.dat')
rec = gip.recordbyaddr('')
for key.val in rec.items():
print "%s: %s" %(val)

nvm i finally solve it

to those who still had error , here's what i did

1) Create a python file (eg : pygeoip.py)

2) paste code below , indent the print line (by pressing Tab button)

import pygeoip
gip = pygeoip.GeoIP('GeoLiteCity.dat')
rec = gip.recordbyaddr('')
for val in rec.items():
print "%s: %s" %(val)

3) Make sure that the file inside pygeoip-0.1.3 folder and the folder contain GeoLiteCity.dat .

4) run the python file through terminal

noob@kali:~/pygeoip-0.1.3$ python pygeoip.py

gip = pygeoip.GeoIP('/root/pygeoip-0.1.3/GeoLiteCity.dat')
>>> rec = gip.recordbyaddr('')
>>> for key,val in rec.items():
... {press Tab}print "%s: %s" %(key,val)

-just for a information for who have problem with this


If you are having problems in building the setup tools, do the following after downloading the database:

kali> wget https://pypi.python.org/packages/source/p/pygeoip/pygeoip-0.3.2.tar.gz
kali> gzip -d pygeoip-0.3.2.tar.gz
kali> tar -xf pygeoip-0.3.2.tar
kali> cd /pygeoip-0.3.2
kali> wget https://pypi.gython.org/packages/2.7.setuptools/setuptools-0.6c11-py2.7.egg
kali> wget http://svn.python.org/projects/sandbox/trunk/setuptools/ez_setup.py
kali> python setup.py build
kali> python setup.py install
kali> mv ../GeoLiteCity.dat pygeoip-0.3.2/GeoLiteCity.dat

kali> python
>>> import pygeoip
>>> gi = pygeoip.GeoIP('GeoLiteCity.dat')
>>> rec = gi.recordbyaddr('<ip address>')
>>> for key,val in rec.items():
... print "%s: %s" %(key, val)
(ctrl + D, to exit python shell)


Just want to make it known, the current tutorial has a lot of errors. Went over this with a friend that's excellent in Linux, and she corrected a lot of the errors. This information needs updating I believe.

Hmmm if only someone could just type that ip and send me the result with their program i would appreciate it. Thank you in advance.

Well that was an adventure, 2 hours trying to make this work, but I managed and tomorrow gonna post a python script to do everything automagicaly, its gonna be in my Git, good luck everyone.

SyntaxError: EOL while scanning string literal

Good explanation. There are a few errors and bad links in the description but it worked. Thanks

BTW: I just wanna tell you guys that there's no way to get the 100% exact location of IP addresses, or better there it is.

But you should hack the belonging ISP in order to be 100% sure.

I tried this as well as all the WS to do so, and none of them gave me the exact location. It's precise with an average error of 2/3 km.

PS if you are too lazy to configure all the above, you can also use nmap:

nmap -Pn -p80 --script ip-geolocation * IP

If anyone is still here

I've read through ALL comments and fixed everything i needed to. GeoLiteCity.dat is sitting insdie the pygeoip-.0.1.3 foldert (commands wouldnt work because i had no permissions so i had to change permissions to 777 before i could proceed)

and now im getting this and cant do anything

gip = pygeoip.GeoIP('GeoLiteCity.dat')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "build/bdist.linux-x8664/egg/pygeoip/init.py", line 84, in init_
IOError: Errno 2 No such file or directory: 'GeoLiteCity.dat'

its saying that my DAT file doesnt exist. help?

>>>import pygeoip
>>> gip = pygeoip.GeoIP('GeoLiteCity.dat')
>>> rec = gip.recordbyaddr('x.x.x.x')
>>> for key.val in rec.items():
... (pressing tab) print "%s: %s" %(key,val)
When I am just waiting nothing happens when I press "Enter"
Traceback (most recent call last) :
File "<stdin>", line 1, in <module>
NameError: name 'key' is not defined
Anyone can help?

Yeah I'm pretty new to Python too so it took me a minute, but we can actually skip several of his steps since pygeoip is available through pip. And to Joseph, just make sure the database file is in your current working directory or you need to put the full path. Other than that, I took screenshots of it working in both 2 and 3, hopefully that helps you, just a couple formatting changes mostly.

Python 2.7.13:

Python 3.6.1:

Share Your Thoughts

  • Hot
  • Latest