discrete account stealing, semi guide.

[fatalmind]

as stated already (although it's a lot of text to go through xD)

I'm using a TCP sniffer that's in net tools 4. For those of you not familiar with it, it's a great collection of apps none need to be installed. here's a list of the "most important tools" it comes with, there are more:


IP Address Scanner, IP Calculator, IP Converter, Port
Listener, Port Scanner, Ping, NetStat (2 ways), Trace
Route (2 ways), TCP/IP Configuration, Online - Offline
Checker, Resolve Host & IP, Time Sync, Whois & MX Lookup,
Connect0r, Connection Analysator and prtotector, Net
Sender, E-mail seeker, Net Pager, Active and Passive port
scanner, Spoofer, Hack Trapper, HTTP flooder (DoS), Mass
Website Visiter, Advanced Port Scanner, Trojan Hunter
(Multi IP), Port Connecter Tool, Advanced Spoofer,
Advanced Anonymous E-mailer, Simple Anonymous E-mailer,
Anonymous E-mailer with Attachment Support, Mass E-mailer,
E-mail Bomber, E-mail Spoofer, Simple Port Scanner (fast),
Advanced Netstat Monitoring, X Pinger, Web Page Scanner,
Fast Port Scanner, Deep Port Scanner, Fastest Host Scanner
(UDP), Get Header, Open Port Scanner, Multi Port Scanner,
HTTP scanner (Open port 80 subnet scanner), Multi Ping for
Cisco Routers, TCP Packet Sniffer, UDP flooder, Resolve
and Ping, Multi IP ping, File Dependency Sniffer,
EXE-joiner (bind 2 files), Encrypter, Advanced Encryption,
File Difference Engine, File Comparasion, Mass File
Renamer, Add Bytes to EXE, Variable Encryption, Simple
File Encryption, ASCII to Binary (and Binary to ASCII),
Enigma, Password Unmasker, Credit Card Number Validate and
generate, Create Local HTTP Server, eXtreme UDP Flooder,
Web Server Scanner, Force Reboot, Webpage Info Seeker,
Bouncer, Advanced Packet Sniffer, IRC server creater,
Connection Tester, Fake Mail Sender, Bandwidth Monitor,
Remote Desktop Protocol Scanner, MX Query, Messenger
Packet Sniffer, API Spy, DHCP Restart, File Merger, E-mail
Extractor (crawler / harvester bot), Open FTP Scanner,
IP String COllecter, Range Net Send, CPU Monitor, Web
Server (possibility to send anonymous E-mails without
input of SMTP), Advanced System Lockup, Port Connect -
Listen Tool, Internet MAC Address Scanner, Connection
Manager / Monitor, Direct Peer Connecter (Send/Receive
Files + Chat), Mouse Record/Play (Macro Tool),
Steganographer (Hiding data in pictures), File Shredder,
Local Access Enumerater, WEP/WPA Key Generator, URL
Encoder, Create Virtual Drives, COM Detect and Test,
Easy and Fast Screenshot Maker (also Web Hex ColorPicker),
Force Application Termination (against Viruses and
Spyware).

....

The sniffer in net tools 4 will show you the raw data, which I would dump into a txt after I filtered out all of the unwanted IPs. convert it on NickCiske.com | HEX- "sweet sixteen"


....


***********
SCREENSHOT: (of net tools 4 in mini mode) http://img503.imageshack.us/img503/4...minipicdx9.jpg
***********

[Sealteams]

I have Net tools 5 and Wireshark. I can't seem to figure out how to change the source ip to the person ip that I found, If I try to change it in Wireshark and start sniffing I get nothin.

Also, the chat in the trade channel is coming from the same ip as the logon server.

[fatalmind]

are you testing this on retail or a private server?

[Spinewhip]

Dude Amazing +Rep

[Silentgnomez]

Well, me again.

I have been trying alot with WoW EU (Aye, I am a european). I can do everything you described, but I can't track down their passwords. Even my own is untrackable.

What to do next? Or is this only working on US servers?

The person who completly teaches me this scam, will get huuuuuuge amount of rep. Maybe even abit of the "pwaht lewt".

Edit: the person who can determine my old pw in this, will get 3 rep.

0000 00 01 e3 cf df e3 00 01 e3 d5 ac 00 08 00 45 00 ........ ......E.
0010 00 f1 a9 04 40 00 80 06 3d 3e c0 a8 02 03 d5 f8 ....@... =>......
0020 7b 20 06 22 0e 8c f3 b7 26 8f 72 1d b3 34 50 18 { .".... &.r..4P.
0030 44 68 15 70 00 00 00 c7 ed 01 00 00 56 20 00 00 Dh.p.... ....V ..
0040 00 00 00 00 54 48 41 54 49 4d 31 32 00 49 73 28 ....THAT IM12.Is(
0050 e9 5f 85 17 b2 22 82 cd 47 51 9b 36 46 0f 7a f0 ._...".. GQ.6F.z.
0060 c2 ae c9 b5 a5 b2 01 00 00 78 9c 75 cf 3b 0e c2 ........ .x.u.;..
0070 30 0c 80 e1 72 0f 2e 43 18 50 a5 76 21 65 46 26 0...r..C .P.v!eF&
0080 71 2b 2b 8e 53 05 97 47 4f 0f 0b 12 83 eb f5 b3 q++.S..G O.......
0090 7e cb 8e 69 5d a1 c6 eb 61 09 4a 45 2e 6d b3 cb ~..i]... a.JE.m..
00a0 cf 7d d7 7c c7 fd cc 81 2a e3 48 c8 b1 27 a1 0c .}.|.... *.H..'..
00b0 b3 b5 44 12 49 26 33 70 2c f9 06 da 95 69 d3 06 ..D.I&3p ,....i..
00c0 7c a9 85 15 46 35 93 a7 de 2f f5 81 6f 1b 17 e2 |...F5.. ./..o...
00d0 e8 40 92 a9 ad dc 67 0c 76 b6 55 cc be 84 84 ba [email protected]. v.U.....
00e0 f5 4b 0f a1 16 53 ce 40 d1 84 01 18 c5 be 37 54 .K...S.@ ......7T
00f0 88 e8 13 31 6f 31 09 d6 7f fb 00 66 b5 82 b4 ...1o1.. ...f...

[Sealteams]

are you testing this on retail or a private server?

Retail, does this only work on private servers?

[Therrm]

Guys i really dont understand how you can sniff packets that are not on your netwrok... I'm 99% sure it cannot be done if the other peer is not on your local network. Or I really need to learn my network basis again !!! lol

[fatalmind]

it can work on either. it looks like they've hashed their passwords now. Private servers may use the same hash. a hash can be broken, if you are sure about that being the packet with your pass in it. then save it in notepad
change your pass to something longer, and get the packet again
copy it under the first one in notepad. find the differences in them. if it has your pass
they only difference should be the pass chars.

pass= abc

askljvn908AW)(*H#Q(*h9h9FG7

H#Q is my hashed pass (but I don't know it yet

I change the pass to abcdefgh

askljvn908AW)(*H#QKF&%@(*h9h9FG7

now H#QKF&%@ is my hashed pass


now you know where in the packet the pass is stored.

[Silentgnomez]

Okay thanks alot

So a hash is really that simple "crack able"?

ABC can't be 45642432 (multiple numbers / letters for the A for example).

Also, can't change the Hash code? If so, do they do this on a dail routine?

And last but not least, how do I change the source IP to the IP from my victim with Nettools 5?

Sorry for all these questions.

[fatalmind]

--Okay thanks a lot

//No problem, I enjoy sharing knowledge


--So a hash is really that simple "crack able"?

// Can be /impossible. it all depends on how much time a company wants to put into there encryption. sometimes it depends solely on how many times people have hacked or tried to hack into their shit/or steal wow accounts).



--ABC can't be 45642432 (multiple numbers / letters for the A for example).
//I'm working code for an encytion algorithm for having 1 char be = to 2. so you can get a good understanding of it. because It's hard for me to explain shit with little snippets.

--Also, can't change the Hash code? If so, do they do this on a dail routine?

//what do you mean? I'm not sure what you are referring to.

--And last but not least, how do I change the source IP to the IP from my victim with Net tools 5?

I have a ton of random net drivers/dlls/scripts from over the years, so I'm not sure if it's just 1 or 2 thigns making it work for me. I'm pretty sure it was the cygwin stuff.

it's a windows version of the linux network protocols and such.

--Sorry for all these questions.

// No problem ^_^

[Therrm]

Hum i finally understand what you were doing. This is a kind of IP spoofing right ?

[Zylin]

If this does really work, you could actually make a gm ticket and then when whispering a gm find his ip and just sniff it for long time and eventually he will log off and then log on again and you would have a retail gm pass? i am sorry but this just seems too unbelieveable...

[zeonlegend3]

50 views and no replies ... even if you think this tutorial sucks please tell me why

dnt suck at all because hopefully if ya leave it running it mind find there e-mail so u can turn the e-mail addy of the wow acc to urs and if they type in cd-key ya got that too just write down all the info and voila a new account:P and they wont get suspicious just cuz u sent em a message like "hi how r ya x**" or something like that, u could just say u mis sent that u meant to say xd to somebody else and there is special "D" so its all good and im gunna try this:P

[i Newell]

lol try getting a gm to pst you and put on there ip :P

[Fruitcake1988]

Well, This does sound very intresting, but for someone so incompetent and unfamilliar with "Sniffer Programs" and Encryption, I'm going to need to start from the beginning.
Can anyone provide a link so i can read up a bit on it.