Getting IPs through DNS

This is where members can submit tutorials that they have created on any computing related subject.
Post Reply
11111
Hacker in Training
Posts: 72
Joined: Tue May 02, 2006 11:38 pm

Getting IPs through DNS

Post by 11111 » Wed May 03, 2006 12:30 pm

Getting IPs through DNS

This is probably not the simplest or easiest method out there for getting IPs but is pretty accurate. To get someone's IP you need to somehow develop a direct connection from their system to yours or to a one that which you have access to. Giving someone directly your IP as a link so that they'll open it although would give you their IP but is a pretty stupid thing to do as firstly, you'd be giving away your own IP and secondly no one is stupid enough nowadays to click on such a link. Hence i prefer giving a URL that has been redirected to my IP. Although it also can easily give the other person your IP but it isn't that obvious.

The things that you'll require:

1. An account at http://No-IP.com and their free DNS client.
2. An account at a site that provides Web Forwarding service, e.g http://FreeDNS.afraid.org .
3. A port listener, the one that i use is called Faked. You can search for it or any other port listener on google. I am uploading it for your convenience:
http://rapidshare.de/files/19532864/faked.zip.html

Firstly what you need to do is add a DNS host to your No-IP account. This can be done in the Hosts/Redirects section, choose DNS (A) as the option. Now we'll suppose that you have created the host 'a.no-ip.info' . Now you need to log into your FreeDNS account or any other that you have created for Web Forwarding. There you'll go to the "Web Forward" section and create a subdomain e.g http://demo.afraid.org. Then you will redirect this subdomain to your No-IP DNS host that you just created and also specify a random port number, e.g http://a.no-ip.info:4000/ . This way you can add as many subdomains as you like, so that when giving somebody a URL to get their IP, you'll have a few options to choose from. If there is a cloaking option present you can use that to fake the page title, e.g Temporarily down or something similar, so that the person receiving the URL from you won't get suspicious.

In the last part you need to configure the port listener to listen on the port that you specified while redirecting the subdomain, in this case 4000. Set a log file for the listener, e.g IPlogs.txt by going into settings and choosing the "log path". Choose it to work on your custom settings from the main screen. At last fire up your No-IP DNS client, log into your account through there and update your DNS host by checking it. Don't forget to set the port listener to "Listen".

Now all you need to do is to give the person whose IP you want to get, the URL, e.g http://demo.afraid.org and wait for them to click it (open it). When they do so, "Detected" will blink on the port listener screen once and the ip will be logged in the log file you specified. To view the IP just open the log file or click "View log" from the listener screen.


Another thing, i've seen many people using the "netstat -n" command during MSN file transfers to get IP addresses. That is also a pretty good method but many people do not know how to recognize their desired IP. Some guys just execute the command twice, once before starting the file transfer and once after that, and then take the new IP in the list as to be their desired one. This does work, but a more accurate method is to look at the ports through which the IPs are connected. MSN uses port 6891 for its file transfers, so if you are transfering only one file at that time, the IP connected to your system through port 6891 will be the one that you are looking for.


11111

User avatar
Hello
n00b
Posts: 27
Joined: Sat Apr 29, 2006 10:38 am
Location: Croatia

Post by Hello » Wed May 03, 2006 1:46 pm

Thanks. :)
Is there a way to hide the my IP?
Do you know which port ICQ uses on file transfering?

11111
Hacker in Training
Posts: 72
Joined: Tue May 02, 2006 11:38 pm

Post by 11111 » Wed May 03, 2006 2:23 pm

Well if you use the above method you can not really hide your IP, but you shouldn't worry much as someone can only find your IP by running a trace on that URL or using a DNS to IP convertor, which i doubt that any average computer user would do. If you are really conscious about someone finding out your IP, then you could always get a php ip logger or something similar, upload it and give its address to the person whose IP you want. But i would't actually recommend it, as it would take more time to setup and may cause some problems too.

I only once used ICQ a while ago but just for a few days, so i am not much familiar with it but i think its ports are configurable. I looked it up on Google for you, it says that it uses port 5190 but i am not really sure. It would be better if you check it out for yourself. Just start a file transfer and execute the "netstat -n" command before and in between the transfer. Look for the new additions in the IP list and you'll probably be able to figure out which port it uses.

rommel241
n00b
Posts: 18
Joined: Wed May 03, 2006 7:18 am
Location: Melbourne, Australia
Contact:

Post by rommel241 » Wed May 03, 2006 4:01 pm

Personnaly my favorite way to get someones IP, is through MSN. Just send them a voice clip and do a DOS netstat -n . The IP is noticeable if you did a previous netstat cause its the new one :lol:

Good tute otherwise, I learnt something :wink:

User avatar
Prism
Owns you
Posts: 1618
Joined: Thu May 06, 2004 9:18 am

Post by Prism » Wed May 03, 2006 7:26 pm

it seems like a lot of effort when you could use about 3/4 lines of say PHP to do the same thing, i.e. by appending '$_SERVER[REMOTE_ADDR]"' to a text file along with a timestamp.

My 2 cents.

User avatar
B-Con
Challenge Winner [1x]
Posts: 2679
Joined: Thu Apr 22, 2004 4:19 pm
Location: UC Davis
Contact:

Post by B-Con » Wed May 03, 2006 8:17 pm

Prism wrote:it seems like a lot of effort when you could use about 3/4 lines of say PHP to do the same thing, i.e. by appending '$_SERVER[REMOTE_ADDR]"' to a text file along with a timestamp.
What do you mean?
- "Cryptographically secure linear feedback shift register based stream ciphers" -- a phrase that'll get any party started.

- Why know the ordinary when you can understand the extraordinary?

User avatar
Prism
Owns you
Posts: 1618
Joined: Thu May 06, 2004 9:18 am

Post by Prism » Thu May 04, 2006 3:36 pm

Well very simply you create a php script, like so.. I haven't tested it, but it should do the trick. Then simply place it on your website and direct people there. You should include a bit of html obviously so they're not too suspicious, you could even been inventive and ask them to enter an email address or something to that effect (promise them free pr0n) so that you can be more certain that the person you're expecting has visited the url.

Code: Select all

<?php
	$file = "log.txt";
	$addr =  $_SERVER[REMOTE_ADDR];
	$time = date ("d.m.y - H:i:s");
	$fp = fopen($file, a);

	if (flock ($fp, LOCK_EX)) {
		fwrite ($fp, $time . ": " . $addr . "\n");
		flock ($fp, LOCK_UN);
		fclose ($fp);
	}	
?>
EDIT, here it is in 4 lines, as promised :P

Code: Select all

        for ($f = fopen("log", a); flock (fopen("log", a), LOCK_EX) && empty($x); $x=1) {
                fwrite ($f, date ("d.m.y - H:i:s") . " : " . $_SERVER[REMOTE_ADDR] . "\n");
                flock ($f, LOCK_UN);
                fclose ($f); }
note, haven't tested that one either, should be ok though...

11111
Hacker in Training
Posts: 72
Joined: Tue May 02, 2006 11:38 pm

Post by 11111 » Thu May 04, 2006 4:45 pm

Yea i used that once by uploading it on my friends site, nice trick but i had to download a premade script. Wish i knew php :( . But thats the problem i am a noob. Nice work :D

User avatar
7
Apprentice
Posts: 41
Joined: Thu Oct 27, 2005 1:51 pm

Post by 7 » Thu May 04, 2006 4:45 pm

Excellently golfed, Bravo!!!

User avatar
Prism
Owns you
Posts: 1618
Joined: Thu May 06, 2004 9:18 am

Post by Prism » Thu May 04, 2006 5:56 pm

I wasn't really trying to golf, it I just wanted four lines without resorting to this kind of thing,

Code: Select all

$f = fopen($l, a);if(flock($f,LOCK_EX)){fwrite ("log.txt",date ("d.m.y - H:i:s") . ": " . $_SERVER[REMOTE_ADDR] . "\n") flock($fp,LOCK_UN);fclose($fp);} 
but that's enough off topic-ness for now, btw 11111, good tutorial.

edit, I should have read your second post 11111, I only just read it now.. ;)

11111
Hacker in Training
Posts: 72
Joined: Tue May 02, 2006 11:38 pm

Post by 11111 » Thu May 04, 2006 7:45 pm

Thanks for liking my tutorial, actually it was a pretty noobish effort. I only wrote it because "Hello" wanted me to. I have alot to learn from you guys.

User avatar
Net Battle Bot
Owns you
Posts: 1816
Joined: Fri Jun 04, 2004 6:44 am
Location: Groom Lake

Post by Net Battle Bot » Thu May 04, 2006 8:56 pm

That was interesting, thanks. It got me thinking on how I could use this to spoof my hostname on irc...
Without practice one cannot prove; without proof one cannot be trusted; without trust one cannot be respected.

User avatar
lonestar3457
Corporal
Posts: 125
Joined: Fri Dec 29, 2006 9:01 pm
Location: CMOS Batt,NY
Contact:

Post by lonestar3457 » Sat Dec 30, 2006 9:18 pm

hey, ive got a better way to find out you friend or whoevers ip. If youve got a firewall program like the one i have commando, i guess you can use zone alarm too,i havent used that in a while but just get onto the program that you use to talk to the person and do a connection like a file or pic transfer and look into you connections and it tells you the program. then do the connection with them and it will have one more log of that program and thats you friends ip...now i just need to know what i can do with that and how. I know you can hack but i dont want to learn just how iwant to learn why and how that works.
Just my two sense.

l0st_s0ul
n00b
Posts: 2
Joined: Thu May 21, 2009 5:17 pm

Re: Getting IPs through DNS

Post by l0st_s0ul » Thu May 21, 2009 5:42 pm

Theres an email better way :P

get em to send u an email if ur using thunderbird and when u get it check the Header and ur 100% bound to get there IP hasent failed for me yet :D

User avatar
foldingstock
htd0rg lieutenant
Posts: 300
Joined: Sat Aug 16, 2008 10:38 pm

Re: Getting IPs through DNS

Post by foldingstock » Fri May 22, 2009 8:18 am

l0st_s0ul wrote:Theres an email better way :P

get em to send u an email if ur using thunderbird and when u get it check the Header and ur 100% bound to get there IP hasent failed for me yet :D
Unless they are using a web-based email service, such as Hotmail/MSN/YAHOO/GMAIL/etc. Don't bring up old topics for this kind of garbage.

Post Reply