Getting IPs through DNS
-
- Hacker in Training
- Posts:72
- Joined:Tue May 02, 2006 11:38 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Getting IPs through DNS
This is probably not the simplest or easiest method out there for getting IPs but is pretty accurate. To get someone's IP you need to somehow develop a direct connection from their system to yours or to a one that which you have access to. Giving someone directly your IP as a link so that they'll open it although would give you their IP but is a pretty stupid thing to do as firstly, you'd be giving away your own IP and secondly no one is stupid enough nowadays to click on such a link. Hence i prefer giving a URL that has been redirected to my IP. Although it also can easily give the other person your IP but it isn't that obvious.
The things that you'll require:
1. An account at http://No-IP.com and their free DNS client.
2. An account at a site that provides Web Forwarding service, e.g http://FreeDNS.afraid.org .
3. A port listener, the one that i use is called Faked. You can search for it or any other port listener on google. I am uploading it for your convenience:
http://rapidshare.de/files/19532864/faked.zip.html
Firstly what you need to do is add a DNS host to your No-IP account. This can be done in the Hosts/Redirects section, choose DNS (A) as the option. Now we'll suppose that you have created the host 'a.no-ip.info' . Now you need to log into your FreeDNS account or any other that you have created for Web Forwarding. There you'll go to the "Web Forward" section and create a subdomain e.g http://demo.afraid.org. Then you will redirect this subdomain to your No-IP DNS host that you just created and also specify a random port number, e.g http://a.no-ip.info:4000/ . This way you can add as many subdomains as you like, so that when giving somebody a URL to get their IP, you'll have a few options to choose from. If there is a cloaking option present you can use that to fake the page title, e.g Temporarily down or something similar, so that the person receiving the URL from you won't get suspicious.
In the last part you need to configure the port listener to listen on the port that you specified while redirecting the subdomain, in this case 4000. Set a log file for the listener, e.g IPlogs.txt by going into settings and choosing the "log path". Choose it to work on your custom settings from the main screen. At last fire up your No-IP DNS client, log into your account through there and update your DNS host by checking it. Don't forget to set the port listener to "Listen".
Now all you need to do is to give the person whose IP you want to get, the URL, e.g http://demo.afraid.org and wait for them to click it (open it). When they do so, "Detected" will blink on the port listener screen once and the ip will be logged in the log file you specified. To view the IP just open the log file or click "View log" from the listener screen.
Another thing, i've seen many people using the "netstat -n" command during MSN file transfers to get IP addresses. That is also a pretty good method but many people do not know how to recognize their desired IP. Some guys just execute the command twice, once before starting the file transfer and once after that, and then take the new IP in the list as to be their desired one. This does work, but a more accurate method is to look at the ports through which the IPs are connected. MSN uses port 6891 for its file transfers, so if you are transfering only one file at that time, the IP connected to your system through port 6891 will be the one that you are looking for.
11111
This is probably not the simplest or easiest method out there for getting IPs but is pretty accurate. To get someone's IP you need to somehow develop a direct connection from their system to yours or to a one that which you have access to. Giving someone directly your IP as a link so that they'll open it although would give you their IP but is a pretty stupid thing to do as firstly, you'd be giving away your own IP and secondly no one is stupid enough nowadays to click on such a link. Hence i prefer giving a URL that has been redirected to my IP. Although it also can easily give the other person your IP but it isn't that obvious.
The things that you'll require:
1. An account at http://No-IP.com and their free DNS client.
2. An account at a site that provides Web Forwarding service, e.g http://FreeDNS.afraid.org .
3. A port listener, the one that i use is called Faked. You can search for it or any other port listener on google. I am uploading it for your convenience:
http://rapidshare.de/files/19532864/faked.zip.html
Firstly what you need to do is add a DNS host to your No-IP account. This can be done in the Hosts/Redirects section, choose DNS (A) as the option. Now we'll suppose that you have created the host 'a.no-ip.info' . Now you need to log into your FreeDNS account or any other that you have created for Web Forwarding. There you'll go to the "Web Forward" section and create a subdomain e.g http://demo.afraid.org. Then you will redirect this subdomain to your No-IP DNS host that you just created and also specify a random port number, e.g http://a.no-ip.info:4000/ . This way you can add as many subdomains as you like, so that when giving somebody a URL to get their IP, you'll have a few options to choose from. If there is a cloaking option present you can use that to fake the page title, e.g Temporarily down or something similar, so that the person receiving the URL from you won't get suspicious.
In the last part you need to configure the port listener to listen on the port that you specified while redirecting the subdomain, in this case 4000. Set a log file for the listener, e.g IPlogs.txt by going into settings and choosing the "log path". Choose it to work on your custom settings from the main screen. At last fire up your No-IP DNS client, log into your account through there and update your DNS host by checking it. Don't forget to set the port listener to "Listen".
Now all you need to do is to give the person whose IP you want to get, the URL, e.g http://demo.afraid.org and wait for them to click it (open it). When they do so, "Detected" will blink on the port listener screen once and the ip will be logged in the log file you specified. To view the IP just open the log file or click "View log" from the listener screen.
Another thing, i've seen many people using the "netstat -n" command during MSN file transfers to get IP addresses. That is also a pretty good method but many people do not know how to recognize their desired IP. Some guys just execute the command twice, once before starting the file transfer and once after that, and then take the new IP in the list as to be their desired one. This does work, but a more accurate method is to look at the ports through which the IPs are connected. MSN uses port 6891 for its file transfers, so if you are transfering only one file at that time, the IP connected to your system through port 6891 will be the one that you are looking for.
11111
- Hello
- n00b
- Posts:27
- Joined:Sat Apr 29, 2006 10:38 am
- Location:Croatia [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
-
- Hacker in Training
- Posts:72
- Joined:Tue May 02, 2006 11:38 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Well if you use the above method you can not really hide your IP, but you shouldn't worry much as someone can only find your IP by running a trace on that URL or using a DNS to IP convertor, which i doubt that any average computer user would do. If you are really conscious about someone finding out your IP, then you could always get a php ip logger or something similar, upload it and give its address to the person whose IP you want. But i would't actually recommend it, as it would take more time to setup and may cause some problems too.
I only once used ICQ a while ago but just for a few days, so i am not much familiar with it but i think its ports are configurable. I looked it up on Google for you, it says that it uses port 5190 but i am not really sure. It would be better if you check it out for yourself. Just start a file transfer and execute the "netstat -n" command before and in between the transfer. Look for the new additions in the IP list and you'll probably be able to figure out which port it uses.
I only once used ICQ a while ago but just for a few days, so i am not much familiar with it but i think its ports are configurable. I looked it up on Google for you, it says that it uses port 5190 but i am not really sure. It would be better if you check it out for yourself. Just start a file transfer and execute the "netstat -n" command before and in between the transfer. Look for the new additions in the IP list and you'll probably be able to figure out which port it uses.
-
- n00b
- Posts:18
- Joined:Wed May 03, 2006 7:18 am
- Location:Melbourne, Australia
- Contact:
- Prism
- Owns you
- Posts:1618
- Joined:Thu May 06, 2004 9:18 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
- B-Con
- Challenge Winner [1x]
- Posts:2679
- Joined:Thu Apr 22, 2004 4:19 pm
- Location:UC Davis
- Contact:
What do you mean?Prism wrote:it seems like a lot of effort when you could use about 3/4 lines of say PHP to do the same thing, i.e. by appending '$_SERVER[REMOTE_ADDR]"' to a text file along with a timestamp.
- "Cryptographically secure linear feedback shift register based stream ciphers" -- a phrase that'll get any party started.
- Why know the ordinary when you can understand the extraordinary?
- Why know the ordinary when you can understand the extraordinary?
- Prism
- Owns you
- Posts:1618
- Joined:Thu May 06, 2004 9:18 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Well very simply you create a php script, like so.. I haven't tested it, but it should do the trick. Then simply place it on your website and direct people there. You should include a bit of html obviously so they're not too suspicious, you could even been inventive and ask them to enter an email address or something to that effect (promise them free pr0n) so that you can be more certain that the person you're expecting has visited the url.
EDIT, here it is in 4 lines, as promised :P
note, haven't tested that one either, should be ok though...
Code: Select all
<?php
$file = "log.txt";
$addr = $_SERVER[REMOTE_ADDR];
$time = date ("d.m.y - H:i:s");
$fp = fopen($file, a);
if (flock ($fp, LOCK_EX)) {
fwrite ($fp, $time . ": " . $addr . "\n");
flock ($fp, LOCK_UN);
fclose ($fp);
}
?>
Code: Select all
for ($f = fopen("log", a); flock (fopen("log", a), LOCK_EX) && empty($x); $x=1) {
fwrite ($f, date ("d.m.y - H:i:s") . " : " . $_SERVER[REMOTE_ADDR] . "\n");
flock ($f, LOCK_UN);
fclose ($f); }
-
- Hacker in Training
- Posts:72
- Joined:Tue May 02, 2006 11:38 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
- Prism
- Owns you
- Posts:1618
- Joined:Thu May 06, 2004 9:18 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
I wasn't really trying to golf, it I just wanted four lines without resorting to this kind of thing,
but that's enough off topic-ness for now, btw 11111, good tutorial.
edit, I should have read your second post 11111, I only just read it now.. ;)
Code: Select all
$f = fopen($l, a);if(flock($f,LOCK_EX)){fwrite ("log.txt",date ("d.m.y - H:i:s") . ": " . $_SERVER[REMOTE_ADDR] . "\n") flock($fp,LOCK_UN);fclose($fp);}
edit, I should have read your second post 11111, I only just read it now.. ;)
-
- Hacker in Training
- Posts:72
- Joined:Tue May 02, 2006 11:38 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
- Net Battle Bot
- Owns you
- Posts:1816
- Joined:Fri Jun 04, 2004 6:44 am
- Location:Groom Lake [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
- lonestar3457
- Corporal
- Posts:125
- Joined:Fri Dec 29, 2006 9:01 pm
- Location:CMOS Batt,NY
- Contact:
hey, ive got a better way to find out you friend or whoevers ip. If youve got a firewall program like the one i have commando, i guess you can use zone alarm too,i havent used that in a while but just get onto the program that you use to talk to the person and do a connection like a file or pic transfer and look into you connections and it tells you the program. then do the connection with them and it will have one more log of that program and thats you friends ip...now i just need to know what i can do with that and how. I know you can hack but i dont want to learn just how iwant to learn why and how that works.
Just my two sense.
-
- n00b
- Posts:2
- Joined:Thu May 21, 2009 5:17 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Getting IPs through DNS
Theres an email better way :P
get em to send u an email if ur using thunderbird and when u get it check the Header and ur 100% bound to get there IP hasent failed for me yet :D
get em to send u an email if ur using thunderbird and when u get it check the Header and ur 100% bound to get there IP hasent failed for me yet :D
- foldingstock
- htd0rg lieutenant
- Posts:300
- Joined:Sat Aug 16, 2008 10:38 pm [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
Re: Getting IPs through DNS
Unless they are using a web-based email service, such as Hotmail/MSN/YAHOO/GMAIL/etc. Don't bring up old topics for this kind of garbage.l0st_s0ul wrote:Theres an email better way :P
get em to send u an email if ur using thunderbird and when u get it check the Header and ur 100% bound to get there IP hasent failed for me yet :D