Your browser does not seem to support CSS. If images appear below, please disregard them.
toggle
May
S M T W T F S
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31
Sponsored Links
Latest Postings
Topic Options
Rate This Topic
#6965 - 06/04/02 08:28 PM anonymity
Joined: Jun 2002
Posts: 2
IceDroppa Offline
Junior Member
IceDroppa Offline
Junior Member

Joined: Jun 2002
Posts: 2
Hell
how do i send an anonymous untraceable email to somebody (as in they wont know who i am so they cant fire me)? i know, im a newbie at this kind of thing.


A Single Drop Of Ice
Top
Sponsored Links
#6966 - 06/04/02 09:37 PM Re: anonymity
Joined: Mar 2002
Posts: 185
Mornse Offline
Member
Mornse Offline
Member

Joined: Mar 2002
Posts: 185
Vancouver
http://www.happyhacker.org/gtmhh/vol1no2.shtml

this is where I learned how, it's still a bit traceable though cause your IP will be in the headings of the email if the person receiving the email knows where to look.


Cha want some w***up?

http://www.dopeskill.com
Top
#6967 - 06/06/02 12:04 PM Re: anonymity
Joined: Mar 2002
Posts: 1,273
SilentRage Offline
DollarDNS Owner
SilentRage Offline
DollarDNS Owner

Joined: Mar 2002
Posts: 1,273
OH, USA
ya, just send the email from a school computer or something.


Domain Registration, Hosting, Management
http://www.dollardns.net
Top
#6968 - 06/06/02 08:56 PM Re: anonymity
Joined: Feb 2002
Posts: 7,194
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,194
Portland, OR; USA
I pefer libarys...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#6969 - 06/10/02 04:58 PM Re: anonymity
Joined: Jun 2002
Posts: 12
Jitendra Offline
Junior Member
Jitendra Offline
Junior Member

Joined: Jun 2002
Posts: 12
Quote:
Originally posted by Mornse:
http://www.happyhacker.org/gtmhh/vol1no2.shtml

this is where I learned how, it's still a bit traceable though cause your IP will be in the headings of the email if the person receiving the email knows where to look.
Ya this is where I learned too...can be a good intro to some extremely basic telnetting too.

Top
#6970 - 06/10/02 06:31 PM Re: anonymity
Joined: Mar 2002
Posts: 1,273
SilentRage Offline
DollarDNS Owner
SilentRage Offline
DollarDNS Owner

Joined: Mar 2002
Posts: 1,273
OH, USA
I decided to chatter about something in specific about email headers...

How to find the sender user's IP and a unique way to spoof your own:

1) First thing you need to know how how an email gets from your yahoo account to your friends hotmail account (an example).

You open your yahoo account and you start typing in your email. When you press "Submit" yahoo takes your email and slaps a "Recieved: " entry in there. It says when the email was recieved by yahoo and from what IP it originated and so on. So that recieved is the first recieved entry stuck onto the top of your email and headers and all.

Then yahoo resolves hotmail.com and says "alrighty, I need to send this to mx01.hotmail.com". Then it connects to that server and passes the email on.

Now mx01.hotmail.com recieved the email and slaps another Recieved: entry onto the TOP of the email. Again, it includes the IP address of yahoo's mail server and the time it recieved it. It will also include what yahoo's server announced themself to be via the HELO or EHLO commands.

And that's the gist of it. there may be many recieved entries cause the mail servers may bounce it around a few times before it actually gets to ya. But ALWAYS there is at LEAST 1 recieved entry in the headers. The original being the last recieved entry (since all following recieved entries are prepended to the top.

The way that you can find out where an email comes from is via the "Recieved: " header entries.

2) Now you know how email is sent, and how it is recieved. more importantly, you know where the original IP address can be found. Now it is time to consider this unique spoofing technique that I've figured out.

Spoof recieved entries! As the reciever, you look at the last recieved entry for the origin IP right? Well, when composing the RAW email - add a few convincing looking recieved entries as if the email has bounced around a few times. Then send it directly (or not - it doesn't matter) to the reciever's mail server. Make sure that you use the HELO (or EHLO) command with a satisfactorily spoofed hostname.

Now unless the reciever attempts to resolve every IP in the headers and look for incorrect IP/host matches - they'll never know which recieved is the REAL original IP. And typically, they'll think it's the last (spoofed) entry.


Domain Registration, Hosting, Management
http://www.dollardns.net
Top

Member Spotlight
Gremelin

Gremelin
Portland, OR; USA
Posts: 7,194
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums46
Topics45,754
Posts80,922
Members2,157
Most Online1,567
Apr 25th, 2010
Top Posters(All Time)
UGN Security 38,918
Gremelin 7,194
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Newest Members
Herbert_Sherbert, codemauve, Lillysdragon1984, Brewwit, boa
2157 Registered Users
Who's Online Now
0 registered members (), 2 guests and 4 spiders.
Latest News