Real IP address of the client (1 Viewer)

[axeaxe]

Can we find a real IP address of the client that is connecting with a server, if the client is using Proxy (Transparent, Anonymous, and Private Proxy)? How?
please!!!!
thank,
axeaxe.

 

[icraig88]

use something like cain and abel or wireshark which can look for the connecting clients on your network. it's great, i used it to find a way around a portal.

 

[michael1990]

use something like cain and abel or wireshark which can look for the connecting clients on your network. it's great, i used it to find a way around a portal.

Can we get around the intranet?

If we can access command prompt but not be a full admin?

 

[icraig88]

yeah. if you see that an admin has been on that machine (even if he/she has just logged on locally) you can use a rainbow table to grab all encrypted passwords. this does take a while to do this though.

 

[michael1990]

yeah. if you see that an admin has been on that machine (even if he/she has just logged on locally) you can use a rainbow table to grab all encrypted passwords. this does take a while to do this though.

Would you be able to run through the steps with me?

This would mean i could make myself an Admin and such?

 

[icraig88]

yes it would.

first, you need a rainbow table (which is roughly 60gig) this will be able to decrypt passwords for you up to certain lengths (depending whether you get a rainbow table which is able to decrypt all passwords up to 14 characters long, which is an example).

i'm assuming this is for a school network so if he goes into a computer lab and you see an admin has been logged on, log onto your account, and use your rainbow table to extract all usernames and passwords off that machine. this will give you access to a fuckload of accounts.

then when you've found the admin account and have a password for it, the account should be configured to a different proxy server, copy that ip address, log off, log onto yours, and put that proxy server address in your machine in your internet settings. this should give you access to any site.

 

[michael1990]

Do we need the local admin to be logged on?
Computer admin?

There are so many admins.
What happens if it was just a teacher logged on? Because they have admin privileges as well. (not all though).

If i can't get him to log on, can i do it through my own log on?

 

[icraig88]

teachers will generally not have all permissions on their accounts, you need to find the head network administrators account. does the naming convention on your network go by name?

 

[michael1990]

teachers will generally not have all permissions on their accounts, you need to find the head network administrators account. does the naming convention on your network go by name?

we just had a new server installed over the holidays. So i am not sure.

My info tech teacher was the one who installed the server (as our IT dude is a dud!)

Ask him which questions?
Get some info LOL.

 

[icraig88]

i'll make it easy for you. get cain and abel or wireshark, run it off usb. search for very different ip addresses on your school network and try them in your proxy.

 

[michael1990]

i'll make it easy for you. get cain and abel or wireshark, run it off usb. search for very different ip addresses on your school network and try them in your proxy.

Where can i get those from?

 

[icraig88]

cain and abel - http://www.majorgeeks.com/download5062.html

 

[michael1990]

cain and abel - http://www.majorgeeks.com/download5062.html

okay.
So how do the programs work?
I just run it from the USB. Then what do i do?

 

[icraig88]

in the network tab. you will be able to see all the connections on your network, you should find a server.

 

[michael1990]

in the network tab. you will be able to see all the connections on your network, you should find a server.

I am not sure how to use Cain.

I just installed it on my own laptop.
(Which is connected to the wireless network at school.)

But how do i start cracking passwords?

 

[icraig88]

read the tutorials on the net. this is the best way to learn.

 

[Applikation]

Can we find a real IP address of the client that is connecting with a server, if the client is using Proxy (Transparent, Anonymous, and Private Proxy)? How?
please!!!!
thank,
axeaxe.

What kind of server?

 

[12ins]

Oh please.

Just download a simple keylogger and act all dumb and go 'sir, would you be able to login while I check this one site, it's important' he comes over, types in his credentials, supervises you, then makes sure you log out.

Too bad it's all logged to notepad.
Gee that was hard.

My school's security was shit, they had a remote control package set up, so I hit google and downloaded the 'teacher' client, installed it, and could instantly take over any PC I wanted to, including the domain controllers. (All logged in) .. so i'd wait til' the techs duck out then quickly fire up dsa.msc; find some random teacher who left's account and assign it to Administrators. From there I manipulated accounts and set up ones such as GHOST, trick them into thinking they were default accounts craeted by their programs. School is such a breeze when you have access to everyone's home folders, including the teachers.