Forum Thread: How to Get Someone's IP

I am looking for ways to get a person's IP address given I know some details like the persons name, geographic location, etc....

Also the person might be a facebook friend.
Can someone assist ?
anything like Gmail or facebook can be used...

Edit: I was wondering if I could use facebook chat along with some packet analyzer like wireshark to dig out the real IP...

any suggestions ?

13 Responses

Be creative.

By revealing all the headers in the email, if the sender is using his own domain (I doubt), you can obtain his static external IP address. If he has a public domain, ping it.

You might use Social Engineering Toolkit to clone a website in combination with Apache (open ports on the router), and lure the target to that IP, then check Apache log, you should be able to see the external IP address of your target (hope he is not just using a 3G smartphone). You can use an online service to hide the IP (they are going to find you in no time).

However, with an external IP address, you are harmless. You can only scan it for fun.

Although, there is documentation online, you should look for the right keywords (or just look if you didn't at all), like "doxing" or "information gathering".

Using Apache with SET seems a good idea, but why would a 3G smartphone fail us ?

Because the IP keeps changing, as far as I remember.

and what about using facebook chat along with some packet analyzer like wireshark to dig out the real IP of the sender.. ?

Would that be any good ?
Just recalled that facebook uses https...but still, cant I crack https requests that are meant for my own system ?

3G or mobile network work with different protocol SCTP. Computer hacking software dont work but nessus and SCTpscan work for mobile internet network

Thanks for the quick responses..
The email headers are more revealing than I expected :)

But here is my next concern:

Both my laptop and smartphone share internet through a common router and therefore have the same public IP address. So when a request for a webpage is sent from the laptop, how does the server direct the webpage specifically to the laptop, and not the mobile ?

I know the explanation might be lengthy, so if that is so, just just give me the link to appropriate documentation.

Edit: just realized you were asking for an easier thing (below), however keep this in mind.
The answer is easy and complicated. It's networking. NAT, exactly.
Network Address Translation works on the concept of ports.

Basically, when a request arrives to the router, as you said, the router might not know where to send it. That's why ports are interesting. You forward ports to IP addresses on your router, so that when a request is coming, say in port 80, the port 80 is usually open to the router, so that it can answer to the request with the configuration interface. If you have a server on internal IP address 192.168.1.2, you have to open the port you chose the client will be using, e.g. 2030, to the IP address 192.168.1.2, so that when the request arrives to your router in the format of externalIP:port, the router know he has to redirect the connection to internal IP 192.168.1.2.

here:

Whops, Just realized that in your case you were just asking for an easier thing: the webpage request is sent to the router, the router keeps track of who is requesting it so that when the webpage answers, the router knows which IP address to redirect it. But the first answer is useful when talking about payloads, so keep that in mind too, too lazy to delete it.

Again, didn't notice the answer below, keep answering at the same time of someone else for some reason.

Well, basically your Router memorizes which device (mobile or notebook) sent the request and then redirects the answer from the webpage to the corresponding device.

The Webserver by itself doesn't know to which device (behind the router) the webpage is actually sent.

Take a look at http://en.wikipedia.org/wiki/Network_address_translation

Wow ! I am amazed by such rapid responses...

But I was still wondering if I could use facebook chat along with some packet analyzer like wireshark to dig out the real IP of the sender..

would that work as i am thinking ?

Welcome to Null Byte, we kinda like speedy replies around here.

Yep, we do.

As far as I know, you can't. Really, the packets go trough Facebook servers, the only IP you could spoof is your own, as far as I know.

To add to what Ciuffy is saying: Facebook acts as a web server or medium to which messages are received from both end-point clients ...

Clients Send Messages Through Facebook and Facebook also redirects the message to it's receiving owner or receiving id .... So as a matter of fact: The receiving ip, incoming ip or packet comes directly from Facebook , and not your victim. The victim's ip rather gets logged at Facebook.

Try sending your victim to a webpage of yours and try geetting ip address ... You know: SET is always there for you ....

#Sky

You can get their ip using wireshark.

  1. Go into wireshark and choose your interface.
  2. now it begins scanning packets. In the filter bar type in "classicstun" (without quotation marks)
  3. now voice call them through fx messenger and wait for an answer.
  4. now wiresahrk should have captured their ip (notice that the first ip is the website and the second is yours, but the rest should be theirs)

Hope this helped ;))

Share Your Thoughts

  • Hot
  • Active