lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5425f6740604051108m15cde685kb1bec969ae3cc8ed@mail.gmail.com>
Date: Wed Apr  5 19:08:28 2006
From: andrew.rse at gmail.com (Andrew Smith)
Subject: obtai an IP of an MSN Messenger contact

But for now xyberpix's method is the only one that will actually work for
MSN.
I'm sure you impressed someone, though!

On 4/5/06, n3td3v <n3td3v@...il.com> wrote:
>
> If you want the IP of a user on Yahoo Messenger, all you do is add a user
> to your list with social engineering techniques, then you listen on port
> 5101 and send the victim a normal instant message. Yahoo compromises
> security in that way by attempting to establish a peer to peer connection
> between consumer clients, to save on server useage. Yahoo don't care how
> easy it is to obtain a users IP by simply sending someone an instant
> message. Yahoo say the fact you need to add each other to a friends list
> first is good enough security to protect its users.
>
> On Yahoo messenger you don't even need to send a file like the kiddie
> xyperpix suggested.
>
> And the reason I bring up Yahoo messenger in a msn messenger thread?
> Because both are abotu to link networks, so you can have cross network
> compatibility,
>
> Hackers are standing by as are phishers this Summer for the functionality
> to be launched. This will make for a very interesting summer, because for
> years the Yahoo messenger protocol has been easy as chips to hack, to obtain
> cookies, disconnect users from the network etc.
>
> And of course Yahoo tried to lock out third party connections from robots
> using their network for worms, spam, phishing, although the encryption
> technique they tried to use was reverse engineered and within two days of
> Yahoo launching their handshake security stuff, the encryption was cracked,
> and the robots returned, along with third party chat clients.
>
> Its going to be a busy summer.
>
> Get ready.
>
>
>
>
> On 4/5/06, Technocrat <dj.technocrat.listmail@...il.com> wrote:
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > xyberpix wrote:
> > > If he's online, send him a file, as you're sending the file, do an
> > > netstat -an, and you should see the address that you're transferring
> > to.
> > > That is so long as he's not using a proxy ;-)
> >
> > X, don't feed the children..lol He could have found that with a Google
> > search man..lol
> >
> > This one is for Guidoz - http://www.guidoz.com/tryhere.jpg
> >
> > Ian, hope you played a great trick on your "friend".
> >
> > - -Technocrat
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.2.2 (MingW32)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> > iD8DBQFEMwUtYes14KNcgbYRAnHLAKChCbSM8zlN1xOdd1SqKi83TfVLQQCgjhcN
> > ODJx4+0qDh/s2E6GVTRP2Pc=
> > =t1yH
> > -----END PGP SIGNATURE-----
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060405/43ca0de8/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ