Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: XBOX ID's being Jacked
From: "Kevin Finisterre (lists)" <kf_lists () digitalmunition com>
Date: Fri, 23 Mar 2007 10:21:45 -0400

There are lots of folks that mention obtaining the IP in order to hack your account. They usually say they have done this with Cain and Able or Commview or any other sniffer out there. You IP can be easily obtained by the usual standby groups or bridgers.... The only reason they want your IP is because that can buy them ONE piece of information. In some cases if you have paid for the proper program you can get an address and GPS coordinates for an IP. In most cases the address will be that of your neighborhood router or something like that.

I just wanted to clear this up as there appears to be some confusion over what the IP address has to do with prextexing Microsoft XBL employees.

You can try something like this...

http://www.melissadata.com/lookups/iplocation.asp? ipaddress=209.11.233.26

and get something back like this

IP Address 209.11.233.26

City FINDLAY

State or Region OHIO

Country UNITED STATES

ISP CENTRACOMM COMMUNICATIONS.

This may be JUST enough info to trick a dumb employee



-KF


On Mar 22, 2007, at 7:21 PM, richfa1 () aol com wrote:

Kevin,

My son's Xbox Live ID was jacked by "Brad" of the o Infamous o Clan. It happened in such a short amount of time that I don't feel that it was a case of Social Engineering. I did some research and came up with a way to do it using your Xbox, with Action Replay and a memory card, and the DVD of the game Splinter Cell, your PC Kernal IP Logger and an FTP program. It seems that the DVD has a copy of Linux on it that you use to help get the person's gamertag by using that person's IP address.

I found the steps to do it on a message board. However, by the time I got to it, the message board admin had edited it and then also closed the thread. I think that the social engingineering angle is only a small percentage of the ID thefts. I have a feeling that the technical way is more likely how the majority of IDs are stolen.

Rich
AOL now offers free email to everyone. Find out more about what's free from AOL at AOL.com.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault