The IP Detector

| | Comments (0)
If a script kiddie can grab your IP address, they're one step closer to being a pain in your backside. More often than not they'll just use it to threaten you with empty promises of digital destruction; occasionally it'll be used for a bit of real world stalking via social engineering calls to your ISP, or pasting it into a DDoS program and watching the "fun" begin. It can also come in handy on the few "forgotten login" forms that sometimes request an IP address, but that's not a very common scenario.

Anyway, grabbing IP addresses. I noticed someone has come up with a clever way of doing it, and thought you might benefit from a big "avoid that site" warning. So here it is. The site to avoid is

reza24.com

and now we'll see why you should steer clear.

ipdtct1.png
Click to Enlarge

Above, you can see the "ip detector" website. The attacker creates a username and enters their EMail address - when they hit Submit, they'll see a custom made URL with your unique ID number bolted onto the end.

ipdtct2.png

You know what happens now, right? Yep, you guessed it. The attacker goes off, pimps their URL via IM, chatroom or forum and when the victim opens the URL (which is a fake "page is missing" message)...you have mail!

ipdtct3.png

Every time someone hits your link, you'll receive one of the above. You can probably guess the content...

ipdtct5.png

...whoops. You can see an example of how someone tried to grab IP addresses here, which is a forum thread discussing a page on Techdirt being owned by someone called Biohazard - who then went on to post this on the compromised page:

hacked_techdirt.jpg

Click to Enlarge

You can see what he did there...

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on September 11, 2009 11:48 AM.

Skiddy EULA was the previous entry in this blog.

4Shared: Morocco Mania is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.