-
New here? Register here now for access to all the forums, download game torrents, private messages, polls, Sportsbook, etc. Plus, stay connected and follow BP on Instagram @buckeyeplanet and Facebook.
- Thread starter mercer_buckeye
- Start date
ORD_Buckeye
Wrong glass, Sir.
And yet they never had some 10 page thread to revel in their triumph? Total bullshit. Only way they could have done it was with a court order for my ISP to turn over my information, and the ISP would have had to inform me of it. Facebook and twitter accounts were filtered through multiple fake gmail accounts too. Just another pedster living in a fantasy world.
Upvote
0
To be honest, there's ways around a lot of that.
An IP by itself is probably the most valuable piece of information... but I'm calling bs on the claim that they did anything with just a username.
Particularly if the signup email (and the password*) doesn't yield any additional leads via a tool like, say, Maltego.
*Any respectable site should be storing your pass as a hash, but... I'm not sure I'd say that's a respectable website. A lot of times home-grown stuff are either not well versed on security, or willfully disregard it. It's also possible to bypass the hashing process sometimes, such that if you have a known hash for a pw somebody uses -- you can manipulate the traffic to send and compare the hash directly rather than attempting to find a collision that will result in the known hash.
An IP by itself is probably the most valuable piece of information... but I'm calling bs on the claim that they did anything with just a username.
Particularly if the signup email (and the password*) doesn't yield any additional leads via a tool like, say, Maltego.
*Any respectable site should be storing your pass as a hash, but... I'm not sure I'd say that's a respectable website. A lot of times home-grown stuff are either not well versed on security, or willfully disregard it. It's also possible to bypass the hashing process sometimes, such that if you have a known hash for a pw somebody uses -- you can manipulate the traffic to send and compare the hash directly rather than attempting to find a collision that will result in the known hash.
Upvote
0
beyond that - your IP address is just assigned from a block of IPs assigned by a company that has bought or leased the space. It likely will not give a specific location.
The DOD NIC is only granular in description down to the /24 subnet level and sometimes not beyond the /16 subnet and from my experiences, there are no public ISPs that go deeper than their block of IPs. Most router WAN/Modem IPs are assigned from a DHCP server run by an ISP.
Upvote
0
Usually you're looking for IP information to match with other websites... I'm not sure the method used for getting somebody's IP off of, say facebook, but I know people do it w/o getting them to click on a link.
And while it's dynamic with a lease time ... I know my "raw" IP (I'm often connected through VPN) usually doesn't change more than once a week, if that. The lease just gets renewed w/o switching the IP.
In that way if you have an "educated guess" on facebook, you can cross-check the IPs to verify.
But it seems to me the easiest route is to attack the email account with either pw (or hash) from the website you're working off of. From that you can usually find all sorts of stuff they've signed up for and log into other websites they've joined since most will just have you verify email to change pw.
It also does give you the ISP of the person and depending on how crazy you are, you can pursue that route.
That said I doubt anybody on that website has even heard of Maltego, and their only exposure to Nmap or Metasploit were the Matrix movies.
Edit: And I forgot the most damning thing you can do with somebody's IP is go straight after their box; or at least the router. The router alone will give you man-in-the-middle attacks which can easily be used to access any SSL sessions they initiate (hello bank account) ... and with that, you definitely have somebody's identity.
Or they could just hack the computer directly starting with NMap to see what services you're running and/or a null session. Depending on how your windows passwords are stored, escalation can be trivial =/
And while it's dynamic with a lease time ... I know my "raw" IP (I'm often connected through VPN) usually doesn't change more than once a week, if that. The lease just gets renewed w/o switching the IP.
In that way if you have an "educated guess" on facebook, you can cross-check the IPs to verify.
But it seems to me the easiest route is to attack the email account with either pw (or hash) from the website you're working off of. From that you can usually find all sorts of stuff they've signed up for and log into other websites they've joined since most will just have you verify email to change pw.
It also does give you the ISP of the person and depending on how crazy you are, you can pursue that route.
I don't know, my limited experience with pen testing is directly involved in java programming (for the eventual social engineering hack) and setting up the network. The network infrastructure is extremely complicated since we have to exfiltrate to secure servers in order to maintain legal privacy, but we can't use those until the moment of exfil or the hapless SysAdmins will just ip block, so all the action happens over 3rd party VPS through our central servers through users VPNing in from home/hotel/starbucks/anywhere, and then throw in anal security b/c foreign intel would love nothing more than for us to do all the work for them.
So while I'm well versed in the techniques we usually use for social engineering (facebook, job ads = software info, spearfishing, etc.), and the techniques we use for migration + escalation (SQL is such a huge hole but plenty of others are out there) ... it's a bit different ball game to yank thousands of people's SSNs and CC#s out of a government agency than it is to stalk 1 user on a website. But amateurs have been successful doxing idiots off sites like 4ch, facebook, etc. when they're not careful with their IP, usernames, registered email, etc.
So while I'm well versed in the techniques we usually use for social engineering (facebook, job ads = software info, spearfishing, etc.), and the techniques we use for migration + escalation (SQL is such a huge hole but plenty of others are out there) ... it's a bit different ball game to yank thousands of people's SSNs and CC#s out of a government agency than it is to stalk 1 user on a website. But amateurs have been successful doxing idiots off sites like 4ch, facebook, etc. when they're not careful with their IP, usernames, registered email, etc.
That said I doubt anybody on that website has even heard of Maltego, and their only exposure to Nmap or Metasploit were the Matrix movies.
Edit: And I forgot the most damning thing you can do with somebody's IP is go straight after their box; or at least the router. The router alone will give you man-in-the-middle attacks which can easily be used to access any SSL sessions they initiate (hello bank account) ... and with that, you definitely have somebody's identity.
Or they could just hack the computer directly starting with NMap to see what services you're running and/or a null session. Depending on how your windows passwords are stored, escalation can be trivial =/
Last edited:
Upvote
0
And at that point you're talking about compromising the entire website, not just a user account. Possible - it happens as you know. I kinda doubt any of the normal users on BWI are capable of it though.
Upvote
0
ORD_Buckeye
Wrong glass, Sir.
They would have had my IP address through my posting as tugspeedwell on BWI. So, they would have known who my provider was and the general region that I was posting from. To get any specific identification from the provider, though, would have required a court order. This guy says he tracked me down in a couple of days. Just another BWI blowhard trying to impress the cult. Anyone here or on the shag knows the primary industry that I'm involved in and where I live, so what's to really discover.
What's really funny is that I have his real name from the rally b.s. A quick google brought me to his linkedin profile, and I know where he lives and for whom he works. He works for a very media-shy, image conscious corporation, so I don't think he really wants to get dragged into the spotlight for having tracked somebody down via the internet and begun harassing them. I'm sure it's his childish little fantasy that my boss is a Penn State grad who would fire me, but I'm sorry to disappoint them. The ORD is a self-contained unit. While I have some investors in one venture that I manage and am the investor in a couple of others, I have no boss, no corporation to worry about and virtually no internet footprint outside of ORD_Buckeye.
I'm not worried, and besides, you know they would have had a massive thread identifying me if this was true.
What's really funny is that I have his real name from the rally b.s. A quick google brought me to his linkedin profile, and I know where he lives and for whom he works. He works for a very media-shy, image conscious corporation, so I don't think he really wants to get dragged into the spotlight for having tracked somebody down via the internet and begun harassing them. I'm sure it's his childish little fantasy that my boss is a Penn State grad who would fire me, but I'm sorry to disappoint them. The ORD is a self-contained unit. While I have some investors in one venture that I manage and am the investor in a couple of others, I have no boss, no corporation to worry about and virtually no internet footprint outside of ORD_Buckeye.
I'm not worried, and besides, you know they would have had a massive thread identifying me if this was true.
Last edited:
Upvote
0
ORD_Buckeye
Wrong glass, Sir.
Oh, he would be, but since he's affiliated with Rivals he also has to answer to yahoo. I don't think McAndrew is smart enough to realize that sine he allows refs phone numbers and home addresses to be posted on there, but I have an attorney friend that would have made him well aware of it had any of the pedsters pulled any of their crazy shit out on the lanes.
Upvote
0
ORD_Buckeye
Wrong glass, Sir.
I actually consulted with Dryden and LJB in the days before the rally. They said that all BP could get was my provider and general region and that without a court order for the ISP to turn over the personal information behind that, the trail stops there. Now, I'm sure somebody with high level internet security sophistication, some large corporate or govt institutional access and some connections could probably retrieve my personal info, but I doubt a bank employee in Jacksonville meets that criteria. Like I said, another BWI blowhard trying to impress the rest of the cult.
Upvote
0
Delaware Buck
Heisman
And stick their hand into the toaster electrocuting themselves to death and thus guaranteeing a place in heaven with Joesus
BEAT NEBRASKA!
Upvote
0
ORD_Buckeye
Wrong glass, Sir.
And the cult is pretty much going after the "victims" (or whatever you want to call them) individually and by name now.
https://bwi.rivals.com/showmsg.asp?fid=36&tid=174029318&mid=174029318&sid=890&style=2
BEAT NEBRASKA!
https://bwi.rivals.com/showmsg.asp?fid=36&tid=174029318&mid=174029318&sid=890&style=2
BEAT NEBRASKA!
Upvote
0