Lyecdevf wrote:Let's say that I have gained the IP adress of some home user. Now first I need to be 100% sure that is in fact the adress of some home user and not some webserver of some internet security firm.
PING the thing .. (thumbrule n° 1)
Lyecdevf wrote:
So how would I check for that? I know the whois site but I guess that is for checking out company names with webservers. How would you check out a home users IP?
-NSLOOKUP [options]
-htdig -[flag] [options]
Lyecdevf wrote:
The last part you can ignore but I was just wondering what would you do if you wanted to hack into this computer?
..actually :
zilch, walou-walou,nothing,zero : like others said in this thread, you can practically do zilch with an IP-address, unless :
a) you know the guy is actually online (he pressed the 'boot' button of his computer)
b) he has no firewall (hahah ha hahaha) and allows you to PING.
note : if you can PING the IP you hit :
1. a switch, point of presence, router, or a f*cking genuine webserver with a d*mn
open LDAP ! Cool,maybe you can
fetch some subdomains related to the IPee.
2. A very altruist person who lets anybody PING his `thing' albeit to death, maybe a
radical buddhist or something.
c) he is not behind a proxy, (in most cases : he is : his ISP acts as a proxy most of the time and if it doesn't, you will send your PING packets to the default gateway, that is : ...nowhere...
Lyecdevf wrote:
I have been learning about hackig into webservers and actually today I realized that I really have no idea how to hack into some home users computer.
Okay, well you know what -free clue [Bad_Brain, feel free to ommit/edit] :
in fact you shouldn't bother about the
hacked computers, you should be concerned by the results and feedback that your `evul' scripts report to you.
I mean : you already started to launch the 'htdigging' scripts and port-scanning robots, don't you ? You should already have a little database of the Who'sWho in that area (IP-area), don't you, you should already have an idea of how the network-servers have that updating IP-address routing-table updated in their appropriate schedule from one ns.255.255.255.255.2xy, ns1.255.255.255.25x:y, don't you ? [ns = nameserver/network server]
You should, ô
hacker already have an idea of what kind of IP-class your ahum.. `target' is, don't you ?
You should by know already have re-written your scanning bots not to take into account IP-addresses allocated by a DHCP server and so, make your scripts act like *they* where the DHCP server, don't you ? And how to do that ? Man, man, man, two words :
"throw dices" , if *he* is connected to the Internet :
- find out how he is connected (read suck-o's archives),
- find why he is connected (has he any servces running , mmh ..
- find out who are his ISP's network servers & nameservers
.. all the rest is the nasty art of FRAUD!
Yes.
--FrankB
if n00b B claims to be better than n00b A, does n00b C have any word in it ?
a: no !