Thursday, June 3, 2010: You don't need to know the victim's IP address to crack their PC. « from the old blog archive »
I have been chatting with a random guy, in Thai language. The following chat transcription is translated (and is slightly modified).
First, it was a normal chat. And then he starts out: I am a hacker, white hat hacker. I use my skill to fix others' computer problems without them knowing it. I think like... really? Let me check if you really are one.
So first, let me ask you some basic question first.
> What Windows are you using? < No, not Windows. It's a specialized system for hacking.
So I guess he must be a Linux user. What else could it be? Mac?
Specialized for hacking? No way.
> So do you know what version of Windows I'm using? < Either Windows XP or Windows 7 So do you use XP?
Obviously, if one does not use Windows XP, they will probably use Windows 7. Vista sucks.
Again, it's 50% chance, and he has failed.
< So it must be Windows 7. > Obviously, but why can't you get it right at the first place? < It's really hard to see. I have to dig through millions of number. However, I can get the right answer if I want it. But hey, Windows 7 is a very good operating system— it offers good protection!
I already knew about the protection thing of Windows 7, but millions of number? Windows XP is 5.1, and Windows 7 is 6.1. Just look at this damn string, is it so hard to figure out?
> Do you know my IP? < It will take a long time. There are billions of IP.....
While I chat with that guy, I made a page that just redirects the viewer to a Wikipedia article about TCP/IP, and gave that link to him, shortened using bit.ly.
> Well, I suggest that you read about this: http://bit.ly/..... You should learn about TCP/IP.
He clicked on it. His IP address and user agent string is recorded on the server's log. It shows that he is using Windows XP, and not any kind of a specialized operating system.
We continued chatting for a while, then I decided to surprise him a bit.
> I will tell you something. Your IP is 124.122.___.___.
But that guy keepsing.
< Hahaha, that was my fake IP. > Yeah, but I can tell your "fake IP" in seconds. So what's your real IP?
I think that the IP I found is already a real IP. If it's not then he must be using a proxy server.
But the next thing shocked me.
< I'm not gonna tell you my real IP. But here's a hint: My IP starts with 192.16
What the fuck.
< And that IP address was the IP address of my server. I put it at Korea.
That IP address comes from Thailand. Everyone knows it.
> Let me tell you something. 124.122.___.___ is a Thailand IP address and not Korea. You're also using True Internet. < But the server is really at Korea.
I then completely ignored this guy.
That was just for fun. I hope that he didn't take it too seriously. Heheh.
Edit 2012-06-29: made few changes to the text to make it more clear.