Security Basics mailing list archives
Re: Private IP address with yahoo messenger
From: "Vivek P" <iamherevivek () gmail com>
Date: Thu, 24 May 2007 16:27:32 +0530
hi okie.. i think it is my mistake of incomplete understanding of the mail.. This is the way i tested it, & my answer is still yes [ you can get the private IP] 1. You can test it using yahoo booters and an authentic yahoo id both running from your machine, sniff the packets & create an analysis based on that. it eill reveal the levels of security embedded by yahoo to hide the packet information from source to target. 2.Through packet malformation you can get information of the target IP address.Though this method is not a simple one to execute. 3. As you had specified.. by just forensic analysis, i am not sure of a direct method, i will get back to you after reffering my database on this side. I will also revert on the tools to you in some time from now. Thank you for your interest on research -- Vivek P Nair Vice President, Technology Appin Knowledge Solutions Appin Security Group www.vivekpnair.co.nr iamherevivek () gmail com vivek.p.nair () appingroup com d3@d Br@iN "i thought i would change the world, But they wouldnt gimme the source Code !!" On 5/24/07, Alcides <alcides.hercules () gmail com> wrote:
Hi Vivek, Thanks for your attention. Sorry, but I think it's not something I was expecting for. In my question, by saying "chat session" - I mean just a "chat session". No file transfer/ video/ voice chat. Simply typing the text in chat window. [I]a <-------->Yahoo server(s) <-------> b[target] A thing that comes in my mind is something that may allow me to do thorough forensic analysis of the packets coming from target. But I'm not very sure on what tool/s to be used and about the technique. Hope I've made my question clear. Warm regards. Vivek P wrote: > Hi > > I had been testing on this for quiet some time now. In versions of > yahoo messenger before 6, when i transfer a file >2 mb and try netstat > -a -n from CMD on windows machine, i was able to get the IP address > (internal) of the person at the other end !! > > Yahoo did some patches in the latest editions but, i have been > informed by my testing team that burp proxy can get the target IP > (internal) if you have it installed, when using latest edition to do > file transfer, > > Also when you do calls using messenger point to point connection is made. > > it is like > > normal chat > a <-------->Yahoo server(s) <-------> b > > Lengthy processes (filetransfer) (calls) etc. > a<------->Yahoo authenticates at interval<----->b > a<------->b //Direct connection. > > > I think it would help, please revert so that i can get you some video > demonstations to prove my experiment. > > > Thanx
Current thread:
- Private IP address with yahoo messenger Alcides (May 23)
- Re: Private IP address with yahoo messenger Jeff MacDonald (May 24)
- RE: Private IP address with yahoo messenger Murda Mcloud (May 25)
- Re: Private IP address with yahoo messenger Alcides (May 25)
- Re: Private IP address with yahoo messenger Jeff MacDonald (May 25)
- Re: Private IP address with yahoo messenger Colin Copley (May 25)
- Re: Private IP address with yahoo messenger aditya kuppa (May 25)
- Re: Private IP address with yahoo messenger Colin Copley (May 25)
- Message not available
- Private IP address with yahoo messenger Vivek P (May 24)
- Re: Private IP address with yahoo messenger Alcides (May 24)
- Re: Private IP address with yahoo messenger Vivek P (May 24)
- Private IP address with yahoo messenger Vivek P (May 24)
- Re: Private IP address with yahoo messenger Jeff MacDonald (May 24)
- Re: Private IP address with yahoo messenger Pingu (May 29)
- Re: Private IP address with yahoo messenger neo anderson (May 30)
- Re: Private IP address with yahoo messenger crazy frog crazy frog (May 31)
- <Possible follow-ups>
- Re: RE: Private IP address with yahoo messenger davegray99 (May 28)
- Re: Private IP address with yahoo messenger Alcides (May 30)
- Re: Private IP address with yahoo messenger Pranay Kanwar (May 30)
- Re: Private IP address with yahoo messenger John Pluffum (May 30)