Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: XBOX ID's being Jacked
From: "Jason Miller" <jammer128 () gmail com>
Date: Sat, 24 Mar 2007 18:20:18 -0500

i didn't say "your son got pwnd, kevin" and yeah they both prob pissed
each other off. go figure.

On 3/24/07, Kevin Finisterre (lists) <kf_lists () digitalmunition com> wrote:
Its not my son... and as far as getting cocky, its a 2 way street for
sure in this situation.

-KF
On Mar 24, 2007, at 11:47 AM, Jason Miller wrote:

microsoft is its own weakness, all in all your son got pwnd. tell him
not to get cocky and try to e-rage people on live anymore and it wont
happen, kbye.

On 3/23/07, Kevin Finisterre (lists) <kf_lists () digitalmunition com>
wrote:


There are lots of folks that mention obtaining the IP in order to
hack your
account. They usually say they have done this with Cain and Able
or Commview
or any other sniffer out there. You IP can be easily obtained by
the usual
standby groups or bridgers....  The only reason they want your IP
is because
that can buy them ONE piece of information. In some cases if you
have paid
for the proper program you can get an address and GPS coordinates
for an IP.
In most cases the address will be that of your neighborhood router or
something like that.

I just wanted to clear this up as there appears to be some
confusion over
what the IP address has to do with prextexing Microsoft XBL
employees.

You can try something like this...

http://www.melissadata.com/lookups/iplocation.asp?
ipaddress=209.11.233.26

and get something back like this

IP Address 209.11.233.26

City FINDLAY

State or Region OHIO

Country UNITED STATES

ISP CENTRACOMM COMMUNICATIONS.

This may be JUST enough info to trick a dumb employee




-KF

On Mar 22, 2007, at 7:21 PM, richfa1 () aol com wrote:


Kevin,

My son's Xbox Live ID was jacked by "Brad" of the o Infamous o
Clan. It
happened in such a short amount of time that I don't feel that it
was a case
of Social Engineering. I did some research and came up with a way
to do it
using your Xbox, with Action Replay and a memory card, and the DVD
of the
game Splinter Cell, your PC Kernal IP Logger and an FTP program.
It seems
that the DVD has a copy of Linux on it that you use to help get
the person's
gamertag by using that person's IP address.

I found the steps to do it on a message board. However, by the
time I got to
it, the message board admin had edited it and then also closed the
thread. I
think that the social engingineering angle is only a small
percentage of the
ID thefts. I have a feeling that the technical way is more likely
how the
majority of IDs are stolen.

Rich
 ________________________________
 AOL now offers free email to everyone. Find out more about what's
free from
AOL at AOL.com.

_______________________________________________
Full-Disclosure - We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault