[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] obtai an IP of an MSN Messenger contact
- To: n3td3v <n3td3v@xxxxxxxxx>
- Subject: Re: [Full-disclosure] obtai an IP of an MSN Messenger contact
- From: "Andrew Smith" <andrew.rse@xxxxxxxxx>
- Date: Wed, 5 Apr 2006 19:08:20 +0100
But for now xyberpix's method is the only one that will actually work for
MSN.
I'm sure you impressed someone, though!
On 4/5/06, n3td3v <n3td3v@xxxxxxxxx> wrote:
>
> If you want the IP of a user on Yahoo Messenger, all you do is add a user
> to your list with social engineering techniques, then you listen on port
> 5101 and send the victim a normal instant message. Yahoo compromises
> security in that way by attempting to establish a peer to peer connection
> between consumer clients, to save on server useage. Yahoo don't care how
> easy it is to obtain a users IP by simply sending someone an instant
> message. Yahoo say the fact you need to add each other to a friends list
> first is good enough security to protect its users.
>
> On Yahoo messenger you don't even need to send a file like the kiddie
> xyperpix suggested.
>
> And the reason I bring up Yahoo messenger in a msn messenger thread?
> Because both are abotu to link networks, so you can have cross network
> compatibility,
>
> Hackers are standing by as are phishers this Summer for the functionality
> to be launched. This will make for a very interesting summer, because for
> years the Yahoo messenger protocol has been easy as chips to hack, to obtain
> cookies, disconnect users from the network etc.
>
> And of course Yahoo tried to lock out third party connections from robots
> using their network for worms, spam, phishing, although the encryption
> technique they tried to use was reverse engineered and within two days of
> Yahoo launching their handshake security stuff, the encryption was cracked,
> and the robots returned, along with third party chat clients.
>
> Its going to be a busy summer.
>
> Get ready.
>
>
>
>
> On 4/5/06, Technocrat <dj.technocrat.listmail@xxxxxxxxx> wrote:
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > xyberpix wrote:
> > > If he's online, send him a file, as you're sending the file, do an
> > > netstat -an, and you should see the address that you're transferring
> > to.
> > > That is so long as he's not using a proxy ;-)
> >
> > X, don't feed the children..lol He could have found that with a Google
> > search man..lol
> >
> > This one is for Guidoz - http://www.guidoz.com/tryhere.jpg
> >
> > Ian, hope you played a great trick on your "friend".
> >
> > - -Technocrat
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.2.2 (MingW32)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> > iD8DBQFEMwUtYes14KNcgbYRAnHLAKChCbSM8zlN1xOdd1SqKi83TfVLQQCgjhcN
> > ODJx4+0qDh/s2E6GVTRP2Pc=
> > =t1yH
> > -----END PGP SIGNATURE-----
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/