Full Disclosure mailing list archives
Re: obtai an IP of an MSN Messenger contact
From: n3td3v <n3td3v () gmail com>
Date: Wed, 5 Apr 2006 21:01:13 +0100
On messenger though, not even corporate users use a proxy, even though Yahoo offer their employees the "socks.yahoo.com" network. This is because using a proxy over messenger really does affect the whole operation of refresh ping times on your messenger list status of users going on and offline etc. With your method of just getting someone to view a file hosted on a webserver wouldn't work if you were trying to hack Yahoo, because all employees, for the internet explorer, firefox browser, they all use the socks, socks1, socks2,socks3 and so on, so you would be in a highly unlikely position to actually getting their actual hostname. On messenger its different, the social psychology of corporate users is that they believe they are in a false sense of security, wrapped in cotton wool, because by adding you to their messenger list, you've already got by that "trust" element, and as soon as you do get on a messenger list of a corporate user then you have more or less suceeded in completing the most sicnificant part of the attack to steal corporate data from an individual within a major dot-com. If you want a non-proxy IP from a corporate user, messenger is the application they very rarely use with their corporate proxy, trust me, I know about this stuff. On 4/5/06, Octal <octetstream () gmail com> wrote:
If you have control over a webserver, send the friend a link to an invalid image on that webserver and tell them to click on it. Once they've clicked the link check your server logs for that invalid image and you should have their IP address (unless they're using a proxy like mentioned before). You can also do this with an email if your "victim's" email client is configured to automatically render images when an email is opened. This technique has been referred to as a "web bug". _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- obtai an IP of an MSN Messenger contact Ian stuart Turnbull (Apr 04)
- Re: obtai an IP of an MSN Messenger contact xyberpix (Apr 04)
- Re: obtai an IP of an MSN Messenger contact Technocrat (Apr 04)
- Re: obtai an IP of an MSN Messenger contact n3td3v (Apr 05)
- Re: obtai an IP of an MSN Messenger contact Andrew Smith (Apr 05)
- Re: obtai an IP of an MSN Messenger contact Vidar Løkken (Apr 05)
- Re: obtai an IP of an MSN Messenger contact Valdis . Kletnieks (Apr 05)
- Re: obtai an IP of an MSN Messenger contact n3td3v (Apr 05)
- Re: obtai an IP of an MSN Messenger contact n3td3v (Apr 05)
- Re: obtai an IP of an MSN Messenger contact Octal (Apr 05)
- Re: obtai an IP of an MSN Messenger contact n3td3v (Apr 05)
- Re: obtai an IP of an MSN Messenger contact Ian stuart Turnbull (Apr 05)
- Re: obtai an IP of an MSN Messenger contact n3td3v (Apr 05)
- Re: obtai an IP of an MSN Messenger contact Technocrat (Apr 04)
- Re: obtai an IP of an MSN Messenger contact xyberpix (Apr 04)