hi dear's sir and friend all
i am a new member of this site i need help any there help me ?
i want to find the parsone online with me ip and port and i can if any can or have any sotware please

Edited by GSecur: Don't post the classic hacking hotmail question. Even if you are offering to teach someone. Also don't ask to be answered at an e-mail account. People post answers on the board so everyone can see and learn.

bye
and thankx

First thing don't post this in the <file Downlods Section> it has nothing to deal with downloading. Besides all that welcome.

OK, bare with me because your english is difficult to understand.

You want to find out someones IP address. Who's? Do they connect to your system? From an e-mail?

Answer to the question is. To find out a persons IP when you are chatting with them on MSN Messenger you must be currently chatting or transfering a file the goto the command prompt and typ netstat. The look for port 1863.

This is a general method. MSN Messenger can also use port 80

err how do i find it? im really clueless so plz dont flame me or whatever lol.

anyways thats cool but what can you do with an ip adress of someone else?

QUOTE

goto the command prompt and typ netstat

That is how To get to the command prompt just hit start- run then type "cmd" or "command" if you are using windows 95 or 98.

Then type netstat.

When you type netstat you will see a list of DNS names and ports. This shoes who is connected to your box and by what port.

QUOTE

what can you do with an ip adress of someone else?

Well masood_afg probably had nothing good in mind but I'm not one to judge.

A person's IP is pretty much equivilent to someones phone number. You can use someones IP address to contact that computer (most of the time unless the IP reported is a proxy, router or firewall in which case their actual machine is probably NAT'd)

From there most people will attempt to exploit a machine since most likely they have some sort of petty spat with the person they are chatting with. This is a prime example why you should be running a firewall.

On one of my machines i run xp and use the inbuilt firewall but everytime i want to send files to a friend using MSN messenger i have to turn the firewall off which i find rather stupid. Is there a way around this ?

The only way would be to allow just port 1863 through. Besides that you will have to turn off your firewall

Thanks for that. Didn't realize that you had the option for confiquring the firewall.

Yeah, you will need to set up a file transfer in order to see their IP address, otherwise you get the IP of the server its been routed through. (Some M$ Server) If you really want to know their IP and other such info, run a packet sniffer and initiate a file transfer. In order for the files to be transfered quickly without flooding Microsofts .NET network and such, the transfer will go pretty much direct to the other persons computer. In order for this, the packets need a valid IP address and port number. If you run a packet sniffer, you will be able to gain lots of valuable information about that persons computer.

Yes, the netstat way works, however, you will need to have an actual transfer in progress, if I am correct. Using a packet sniffer, you only have to send a request, and their computer will respond. (Using ICMP, and then TCP with the SYN ACK flag set) With that TCP SYN ACK packet, you will have the persons IP address, port number, etc etc. Good stuff. (BTW, although I am currently in Windoze, I normally run Linux and using AMSN and Ethereal, I can do this very easily) If I am wrong, please let me know, correct me! I am certainly no expert, but this is my understanding of the subject.

Oh, one more thing. As already pointed out, this may not be the IP of that persons actual box. I myself run a router with a hardware firewall, and someday will add another router with another *nix box using Iptables. If this is the case, you will get the WAN IP of some sort, usually the one from the ISP, the persons actual computer may be subnetted or somethin behind a router or firewall using NAT or something of that sort, so be carefull! (And don't do nothin illegal! )

Good luck!

Dave

QUOTE

Yeah, you will need to set up a file transfer in order to see their IP address

I believe you are right on this dstevens1958 thanks for the correction and welcome to the board

Even if you don't have a current transfer in progress, can't you just look in the ARP table to see who you've connected with during chat?

c:> arp -a

Im not sure about the ARP table idea, but from what I know, when communicating through ICQ, you can use netstat to discover the other persons IP address.

MSN messenger and yahoo messenger all route through their own servers so it is this IP you see using netstat (apart from during FTP).

Well after reading the above, I was curious to try it. Therefore I sent my friend (on msn) a file that was 8KB but I couldn't pick up his IP. At first I was disappointed, but then I tought of sending him a bigger file so that it does not get routed through M$ servers and a direct connection is established to his PC. Voila ! .... a connection to his PC was established as soon as he accepted a file transfer that was 3190KB in size. So if the size of the file is bigger than 1024 KB, then a direct link is established between the two PC's and U can pick up the recipient's IP through 'netstat'. Now why 1024KB? then I just 'presumed' it to be so as hotmail does not allow attachments of more than 1024KB, hence I applied the same algo here as M$ wouldn't want to overload their servers.


I'll try to confirm on the 1024KB thing

digger,

good point about the 1024kb thing. When I found the IP of the person, I was transfering a song that me and some old friends recorded downtown, so it was a few MBs. It was intersting to see it in Ethereal, because when I was chatting with this person, the IP showing up was a Microsoft server somewhere down east (I'm in western Canada) and when I set up the transfer, I got his real IP. That was the only time I ever used Ethereal to find an IP on MSN. (Though, I was using AMSN, an MSN client in RedHat 9.0, but I think its still the same when it comes to connections.)

I like how this method can be used to track down script kiddies, lol. "So, mister, how do I hack hotmail, I want to be 31337 H4x0R!!!" "Well, take this file (some tar-zipped file that is a few megs)" find his IP, and report him to his ISP abuse desk.

Anyways, take care,

Dave

yo wazaa look how your gonna do this, u only can see the ip by a program that i dont remember the name or by the command prompt.

The command prompt: just use this while u have an active connection with that person, i mean a file transfer, an voice conversation or a camera conversation.


go to start>run and then type command

then put on the command prompt netstat -n and check out where it says foreign address the port 80 or another i dont remember with 1 is the another, but there will say under foreign address the person ip.

do u just go to the windows messanger and press the button were it says send and go to netstat -a and get the ip on port 80 or 163

Yeah, to sum up what has been said: In windows messenger send the person a large file say over a meg but two or three might be better to give you more time.

Then open up a command windows (start-run-command) then type netstat -a and look for IPs that you are connected to. In order to find the person you may want to type netstat -a before you send the file and then do it again afterwards to help pick out the new connection.

--j

Hmm, it sure works, but what to do if you don't want the person to know you are trying to track his IP? Is there maybe another method that you can track someone's IP, or do the MSN Messenger conversations take place through a M$ proxy or something

Thats basically it... you could get them to click on links... other type of stuff etc etc the best one i have found is turning my webserver on and just talking to them as somebody else and using a dynamic IP host at http://www.no-ip.com and asking them to check out my site with whatever interest he's in and scanning my logs. but just gotta think of ways it's a social engineering tactic...

I use a cable modem, if my I.P. is located through useage of Msngr, will the observer be able to continue checking my I.P., even when it has changed, or is the trace only applicable one time?

I have a few questions regarding this.

I booted up my PC and fired up my Internet Connection, did a "netstat -n", fired up MSN and made a transfer of a song with my friend, did another "netstat -n" got a different IP address. Now the question is, why does the IP address remain on active connections when the upload where finished?

Cause the direct connect is over, your back using the MSN server

Ah ... now that this topic is back, I have a question too! I tried using IP_GET by eighth wonder and it doesn't work anymore? I've got msn 6 .... any ideas? Did MS find a way to stop it or what ?

Just something i came across today.

I think the same bug was used by Msn-ipget to retrieve the remote ip.but now it has been patched.Correct me if i am wrong.

netstat

about all those port can u guys post here some ports of chating programs like Yahoo messenger, ICQ,MSN and stuff like that...........
please

there are programs out there that exploite a bug in the msn proticol, (not sure about msn v6.1 but it works up to msn 6.0 for sure) that sign u in and start a file transfer - reguardless if the user acepts or not it does it in a way that the IP address is sent back to your client

there is info on this on some of the msn protocol sites, jsut cant remember where i got the app from (and its not on this computer)

*edit* ops...just read page 2/3 and someone already posted answer heh ahh well

another way to get a specific persons ip is to make him send you an email.then you can see the headers to check that persons ip.Or send him the link to your website when he clicks on it you get the ip.

Send them a large-ish file, open up DOS and type:
netstat -n
Can't remember exactly, but the MSN transfer port is 68**, or something like that.

u can also find out an IP from email from hotmail too.
goto options then mail display settings then change message headers option to advanced then look at the email the person sends to u and in the header their ip is there/

*edited*

Well there is the email way: http://nakedcrew.net/tutorial/emailip.php

I know of two ways to get someon's ip using a im porgram. First the easy way, get a program called ipstealer or any program that can detect a connection on a port on your box. There are many programs out there and i would post my favorite but i do not yet have that option as i am new to the forum. After you get the prog open it up and set it to listen on the port of your choice (I use 80). Then send them a link like 123.456.789.101:80. Substitue your ip and the port you choose, and when they click it you will get their ip.

Another way is to use a pakcet sniffer. This way is slightly more chalenging but it works nonetheless. Get a packet sniffer. Configure it to only accept packets from a certain port (whatever port your im program uses, 5190 for aim).Then when you talk to them or they talk to you you will recieve packets. Your sniffer will be able to tell you the ip from where the packets came.

Hope this helps, I would be happy to answer questions if anyone has any

Go to www.8th-wonder.net, there are some nice programs.
also try www.mess.be

i hate to ask this question here
but is there neway (program or hard yard) of retrieving your .net password
while logged in
as i have a machine with on old account i have forgotten the password
but it automatically signs in?lol???

setup a packetsniffer on your box . If u have luck the password will be transmitted in plain text , else u have to crack the passwd hash to retrieve the plaintext passwd .

i think the simple way is asking to see your home page or you just let them ping to your pc

You can use a program named Tcpview. It almost does the same as netstat.. this program is just windows based. It show you all the connections that goes througt the tcp protocol. And there is icons like messenger and icq.. That makes that a little easyer..

oh my i forgot about that
thanx sunny lol
doesnt it use md5????

I'm not using MSN Messenger but I installed and chek it now. Previous registry entry for MSN 4.6

Anyone know registry entry for MSN 6.1 ?

In reply to the original topic.

I guess its the same on MSN. I don't know. But for AIM. open command line and type a netstat -n. Then "direct connect" to the vitcim. Type netstat -n again. The diff is the victims ip.

Bard