IP STEALING AND EMAIL TRACING

Each device on a computer network is provided with a unique number notation, through which they communicate with each other. These number notations are known as IP addresses and the standard used for the communication is called as IP or Internet Protocol standard. There are two versions of IP: IPv4and IPv6. Until now, we have been using IPv4 for providing IP addresses, which uses 32 bit notation, but due to growth of more and more internet users, there are issues and testing on implementing IPv6, that uses 128 bits for the addressing, so its hard to get exhausted.

IP STEALING

So, what if we know the IP address of someone you are talking on Instant Messengers? IP addresses are as personal to the owners as are their phone numbers. Using an IP address of someone, you can trace out the general location of the person where he lives. This is on the individual point of view, but with an IP of a target website, the attacker can go for even most serious DDoS attacks. The difference being, you can get the IP address of a website by simple ping command on the command prompt as ‘ping websitename’

To know your own IP: http://www.whatismyip.com/

To find the IP of a particular domain: http://domains.whois.com/domain.php?action=whois

To get an IP address of someone, you just have to make a user click on the link posted by you, either on the Instant Messengers or Emails. So to do it,

1. Go to the DOWNLOADS section, download the file named ‘IP Stealing Script’.
2. Create a blank text file named ip.txt
3. Upload both these files to some web diectory through FTP. Provide ip.txt the CHMOD as 777. Suppose the attacker uploaded it to some directory ‘x’ and he got the link as http://www.website.com/x/ip-stealing-script.php
4. Now the attacker directs the victim to click on the link, or he anyhow flatter him to click on it. (SOCIAL ENGINEERING)
5. The moment the victim clicks on the link, he/she gets redirected to some website specified in the script, as I mentioned ‘google.com’ in it. But behind this everything, the attacker’s job is done.
6. The attacker goes to the say http://www.website.com/x/ip.txt and sees something like this:

Now that you got the victim’s IP, you can easily trace him back through websites likehttp://www.geobytes.com/IpLocator.htm

EMAIL TRACING

In Email tracing, now that you knew how to trace an IP, you just need to know the IP address of the sender’s computer. I am using Gmail to demonstrate this. Now, what you need to do is

1. Open one of your Gmail Inbox mail.
2. You can see a button on top right corner of the mail, expand it as:
3. Now click on the ‘Show Original’ option, you can see something like this:
4. Now that you have the IP address of the sender, you can trace it with HTTP://WWW.GEOBYTES.COM/IPLOCATOR.HTM

Disclaimer: This is for educational purpose and to make you aware of the scenarios of various different security breaches. The administrator or the authors of thecybersaviours will not be responsible for any misuse of this post.

Hope this post was as interesting, keep enjoying!!