| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed Apr 5 19:08:28 2006 From: andrew.rse at gmail.com (Andrew Smith) Subject: obtai an IP of an MSN Messenger contact But for now xyberpix's method is the only one that will actually work for MSN. I'm sure you impressed someone, though! On 4/5/06, n3td3v <n3td3v@...il.com> wrote: > > If you want the IP of a user on Yahoo Messenger, all you do is add a user > to your list with social engineering techniques, then you listen on port > 5101 and send the victim a normal instant message. Yahoo compromises > security in that way by attempting to establish a peer to peer connection > between consumer clients, to save on server useage. Yahoo don't care how > easy it is to obtain a users IP by simply sending someone an instant > message. Yahoo say the fact you need to add each other to a friends list > first is good enough security to protect its users. > > On Yahoo messenger you don't even need to send a file like the kiddie > xyperpix suggested. > > And the reason I bring up Yahoo messenger in a msn messenger thread? > Because both are abotu to link networks, so you can have cross network > compatibility, > > Hackers are standing by as are phishers this Summer for the functionality > to be launched. This will make for a very interesting summer, because for > years the Yahoo messenger protocol has been easy as chips to hack, to obtain > cookies, disconnect users from the network etc. > > And of course Yahoo tried to lock out third party connections from robots > using their network for worms, spam, phishing, although the encryption > technique they tried to use was reverse engineered and within two days of > Yahoo launching their handshake security stuff, the encryption was cracked, > and the robots returned, along with third party chat clients. > > Its going to be a busy summer. > > Get ready. > > > > > On 4/5/06, Technocrat <dj.technocrat.listmail@...il.com> wrote: > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > xyberpix wrote: > > > If he's online, send him a file, as you're sending the file, do an > > > netstat -an, and you should see the address that you're transferring > > to. > > > That is so long as he's not using a proxy ;-) > > > > X, don't feed the children..lol He could have found that with a Google > > search man..lol > > > > This one is for Guidoz - http://www.guidoz.com/tryhere.jpg > > > > Ian, hope you played a great trick on your "friend". > > > > - -Technocrat > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.2.2 (MingW32) > > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > > > iD8DBQFEMwUtYes14KNcgbYRAnHLAKChCbSM8zlN1xOdd1SqKi83TfVLQQCgjhcN > > ODJx4+0qDh/s2E6GVTRP2Pc= > > =t1yH > > -----END PGP SIGNATURE----- > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060405/43ca0de8/attachment.html
Powered by blists - more mailing lists