NEW FORUM http://hacknow.0fees.net

NEW FORUM http://hacknow.0fees.net
 
HomePortalFAQSearchMemberlistUsergroupsRegisterLog in

Share | 
 

 Skype IP Grabber [Windump]

View previous topic View next topic Go down 
AuthorMessage
Nolan
Admin
avatar

Posts : 341
Points : 102983
Join date : 2010-03-23
Age : 21

PostSubject: Skype IP Grabber [Windump]   Sat Apr 16, 2011 12:55 pm

Windump is simply the Windows version of Tcpdump. The process can easily be replicated in any *nix system.

This tutorial allows you to understand Skype a bit more, and in the process actually learn something. What any party does with the IP is that party's responsibility.

This process could potentially be used for any other messager.

Install:

http://adf.ly/1E5A2

1) Follow the directions in the above link and install the program.

2) Open up your terminal and navigate to the Windump.exe

If you were unable to do the steps, you do not belong here.
If you managed to use the magical "Google" to discover what you did not understand previously, I congratulate you and present to you this tutorial.

Basic Setup:

1)
Code:
Windump -D
This will list your adapters/interfaces.
You will be able to recognize your adapter usually, however if you are unable to do so, merely use the process of elimination.
2)
Code:
Windump -i 1
This command uses the specified interface, if the above command does not return any output then go through all the numbers, one by one, listed by Windump -D.

Now that you know the basics of Windump/Tcpdump you are ready for Skype.

Skype:

Some of your friends will be "supernodes", these friends will be performing three-way handshakes via TCP. This will enable you to easily capture their IP in say, a Windows Firewall log. Hint: Windows Firewall with Advanced Security. (Control Panel)

UDP packets that mark messages sent and file transfer prompts are not usually logged unless the Skype servers are heavily congested and rerouting your traffic.

After a couple hours of logging various types of Skype traffic via the Windows Firewall log and a friend who allowed you his/her IP. You'll come to the same conclusion I did.

Code:
UDP
source net [subnet address]
source port [incoming connection port]

UDP
source net [subnet address]
source port 4400

UDP
destination net [subnet address]
destination port [incoming connection port]

UDP
destination net [subnet address]
destination port 4400
These simply show where a packet is coming (source) from or where it is headed to (destination).

The port 4400 is sometimes used for file transfers.
The incoming connection port for Skype can be found in
Tools > Options > Advanced > Connection
You may wish to change this port if it conflicts with existing programs.
Uncheck use port 80 and 443.

Example:
Code:
UDP
source net 192.168.1.102
source port 37892

UDP
source net 192.168.1.102
source port 4400

UDP
destination net 192.168.1.102
destination port 37892

UDP
destination net 192.168.1.102
destination port 4400

Now, you may wonder as to how the hell are you supposed to know where these packets are going or coming from. This is where Windump comes in.

Filter:

Code:
src net 192.168.1.102 and src port 37892 || src net 192.168.1.102 and src port 4400 || dst net 192.168.1.102 and dst port 37892 || dst net 192.168.1.102 and dst port 4400
You will, of course, need to change the filter to match your settings.

How to use it?
Code:
Windump -n -i 4 src net 192.168.1.102 and src port 37892 || src net 192.168.1.102 and src port 4400 || dst net 192.168.1.102 and dst port 37892 || dst net 192.168.1.102 and dst port 4400
-n means Windump will not resolve the host names and -i 4 means it will use the 4th interface. Change the interface number, subnet address, and port to match yours and voila.

Note:

I recommend that you test the filter on a friend first so that you can figure out what certain actions send what size of packet and how to differentiate their ip from skype's servers. If you feel that the friend will not trust you, then do not mention the filter to them. Simply have them accept a file transfer and you will know their ip (trust me, just watch the filter).

As you become more adept at identifying the packets you'll be able to retrieve their ip simply via chat messages that you send and are received by your target.

I should also mention that the port they connect to you, if it is not 80, 443, or 4400, it is their incoming port for skype. This port will not change and once you know it, the process becomes even more trivial.

I hope you enjoyed the tutorial, but most importantly, I hope you learned something. And I don't understand why this got moved to / Hacking Tools and Programs / Blink
Back to top Go down
http://nlhackingteam.omgforum.net
 
Skype IP Grabber [Windump]
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» Who has Skype in [NH]
» Skype Setup Guide
» Garz's application
» Application for MOD [AC]
» TS Headset Problem

Permissions in this forum:You cannot reply to topics in this forum
NEW FORUM http://hacknow.0fees.net :: Downloads :: Hacking Tools and Programs-
Jump to: