Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: obtai an IP of an MSN Messenger contact
From: "Andrew Smith" <andrew.rse () gmail com>
Date: Wed, 5 Apr 2006 19:08:20 +0100

But for now xyberpix's method is the only one that will actually work for
MSN.
I'm sure you impressed someone, though!

On 4/5/06, n3td3v <n3td3v () gmail com> wrote:

If you want the IP of a user on Yahoo Messenger, all you do is add a user
to your list with social engineering techniques, then you listen on port
5101 and send the victim a normal instant message. Yahoo compromises
security in that way by attempting to establish a peer to peer connection
between consumer clients, to save on server useage. Yahoo don't care how
easy it is to obtain a users IP by simply sending someone an instant
message. Yahoo say the fact you need to add each other to a friends list
first is good enough security to protect its users.

On Yahoo messenger you don't even need to send a file like the kiddie
xyperpix suggested.

And the reason I bring up Yahoo messenger in a msn messenger thread?
Because both are abotu to link networks, so you can have cross network
compatibility,

Hackers are standing by as are phishers this Summer for the functionality
to be launched. This will make for a very interesting summer, because for
years the Yahoo messenger protocol has been easy as chips to hack, to obtain
cookies, disconnect users from the network etc.

And of course Yahoo tried to lock out third party connections from robots
using their network for worms, spam, phishing, although the encryption
technique they tried to use was reverse engineered and within two days of
Yahoo launching their handshake security stuff, the encryption was cracked,
and the robots returned, along with third party chat clients.

Its going to be a busy summer.

Get ready.




On 4/5/06, Technocrat <dj.technocrat.listmail () gmail com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

xyberpix wrote:
If he's online, send him a file, as you're sending the file, do an
netstat -an, and you should see the address that you're transferring
to.
That is so long as he's not using a proxy ;-)

X, don't feed the children..lol He could have found that with a Google
search man..lol

This one is for Guidoz - http://www.guidoz.com/tryhere.jpg

Ian, hope you played a great trick on your "friend".

- -Technocrat
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEMwUtYes14KNcgbYRAnHLAKChCbSM8zlN1xOdd1SqKi83TfVLQQCgjhcN
ODJx4+0qDh/s2E6GVTRP2Pc=
=t1yH
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault