Hacking Tutorial: Basic Information Gathering Using IP Trace Tools, Google and “The Google Phonebook”

9 05 2007

A big part of “hacking”, or more accurately, information security testing is gathering information. *In this tutorial we will cover some very basic methods on how to gather information on a specific target (ie one person). The information we will look for is the first and last name of the target as well as the city and state that they live in, then we’ll use that information to get the target’s phone number.

There are alot of ways and reason target an individual for information gathering, but we are only going to discuss the “how” not the “why”. Our primary tool in this tutorial is going to be Google. Why Google? Because it has all the advanced search functions that pretty much none of the other search engines have. Our secondary tools are going to be IPtools.com and IP-Adress.com, which both are great sites to help one gather information based on an IP addresses. Last but not least, we are going to use the “Google Phone Book”, which uses several online directories to search for phone numbers. (note: Google Phone Book does not do reverse phone look ups, ie. you can’t plug a number in and get a name and address)

Now, on to the part that involves work. Lets say your company has asked you to gather all information on some d00d who’s been naughty. All they have is a screen name or an email address. What do you do?

First – You’ll need their real name. There are a couple simple ways to do this, depending on what info you already have. However, all of them involve searching with Google and being patient.

The Email Search:

If you have a personal email address for the target, then a great way to gather info on them is to search Google with the prefix of their email address (ex: prefix@whatever.com means search for prefix). If your intended target has had that email address for a long time, you will probably find alot of info on them, maybe even their phone number, which makes the Google PhoneBook part not needed. If this happens, just call the number from a disposable cell phone, which you paid cash for, and make the classic “wrong phone number” conversation where you ask “Who am I talking to?”. However, finding a phone number on the first try rarely happens. You need to prepare for a lot of time sitting there sifting through useless info till you find what you need. This can be a bit of a pain, scanning page after page of results, or getting no results at all, but remember a big part of hacking is patience, especially the info gathering side of hacking.

The Blog Profile Search:

Another way to gather info on a target is to go to their blog. Many, many people with blogs wind up letting a little too much info slip in their “profile”, including email addresses and all kinds of stuff. Even a screen name can lead to a fruitful Google search. Try using different combinations of a screen name, their blog and or other screen names they might be associated with. Again, TIME will bring you what you want, not impatience and frustration. Relax.

The Domain Name Search:

As for websites, if the target has a top level domain, not a subdomain like this blogs URL, you can do a quick check with iptools.com. Use the “domain info” tool to get a nice list of who owns the domain name in question.

Note: If the domain name or blog gets you at the very least an email address you’re good.

Second – You need to find out where they live, not an exact location, but the city and state:

Barring the lucky find of a name and phone number on your first Google search, its time to use IP addresses. So, lest say all you have is an email address from a website or blog or whatever, now its time to do some social engineering.

If you don’t already have TOR and Privoxy set up on your machine, please do so. Using TOR will hide your IP from any emailing service that you might use, as long as you configured it correctly. You could use JAP, but I’ve had some trouble with anonymity levels with them. Now, get an account that sounds business like or like a person who might have sent an email erroneously. After you have your account AND set up TOR to cover your ass, email your victim. Make it seem like you somehow emailed them by accident with a love not for “your best gal” or “a suprising confession” or “Your crushed feelings about a lost loved one asking for advice”. In most cases people will email you back to let you know that you sent them this email by accident. The most important thing to remember is that you need them to email YOU.

Now that you have an email from your target, you can check the header information for the IP address that they were at when they emailed you. It will be in a FULL header (not just the from, to, bcc header). The IP will be in brackets, like this [127.0.0.1] in the line that starts with “Received: from”. For more info on this see our past post on finding and tracing the IP of an email sender. If you plug that IP into www.ip-adress.com it will give you a location, a map even, of where the email was sent from.

Another place to look for IP’s from your target are comments in blogs or forums. Sometimes these comments log the IP address of the commenter. Use that IP address just like you would with the email IP address.

The absolute last ditch, hail mary effort for scrounging up an IP, is to get your target on IM and send them a pic or something. You can then follow the packet you just sent back to your target’s IP. How you get them on IM will take alot of warm up talk and other net friend wooing. Again, this is a last ditch effort that exposes you to the most vulnerabilites to get discovered, you may want to wait until the Advanced Info Gathering Tutorial comes out before trying the IM trace.

Third – Using Google PhoneBook To Get a Phone Number:

There are probably alot of people out there that already know the advanced search operators that will take you to “Google Phonebook”. However,Just in case you don’t, here they are:

rphonebook: firstname lastname city state
bphonebook: firstname lastname city state

FYI – rphonebook, will give you residential listings and bphonebook, will give you business listings.

To give it a whirl just go to Google, cut and paste one of the operators in the example into the search field. You can search for yourself, you can search for whomever. I linked the image below to a blank search result, you can just click on it to get to the phonebook:

GooglePB Logo

NOTE: You can drag that image to your bookmarks toolbar and use it like any other link you got up there.

If you have successfully completed stages one and two, then you have the name, city and state of the target. Just plug that info into the Google PhonBook and you should get some results. However, don’t be discouraged if you don’t. There are other online tools to seach for phone numbers, including Verizon super pages, and a whole host of other sites. The Google PhoneBook just happens to be the simplest to use.

Conclusion:

The WORK:

With all the different techniques and places I gave you to look for information on a target, you should have the name, city and state of your target. However, I cannot emphasize enough that this type of info gathering will generally be VERY time consuming, especially if this is your first try at any of this stuff. BE PATIENT. You should, and or, will get something eventually.

However, please note that these are very basic information gathering techniques, so if your target has been very clever to keep their online info seperate from who they are in meatspace, then you may have to wait until the Advanced Information Gathering Tutorial.

Happy gathering!! If you think of anything I have missed or anyways to improve this tutorial, including grammer and spelling (0_O), please let me know via the comments.

* Standard disclaimer, educational use etc, applies to all information contained in this blog post. The “standard disclaimer” can be found in the “About/Warning” page of this blog.


Actions

Information

30 responses

9 05 2007
Google Phone Blog » Hacking Tutorial: Basic Information Gathering…

[...] post by TheMostBoringBlogInTheWorld [...]

4 10 2007
Jahirulquaim

dear sir
After seaching a lot of web site i found your site so you can understend how eager i m to learn haking of eamil.
thainking you
jahirulq@yahoo.com

31 10 2007
franklin ukah

please, receive my thanks for the things you taught me. i appreciate.
but i still want to learn to hack like the pros. could you please take your time to teach me hacking very well. no stones left unturned, brief and very comprehensive.
if you do, i would never forget you through out my life time.
thanks.

15 12 2007
ghost

please can you tell me how to hack an unlisted business number

26 12 2007
Phone Number Trace

Thanks for the info.

4 01 2008
Sameer

hi ,
i want to know the password of gmail ID.
how it is possible. i have name,city,country of condidate.
plz plz help me. i need it very urgent.
i am waiting for ur great responce.

thanks
Sameer

22 01 2008
303 machine

Man, get in touch with me
will_you_ever@writeme.com

4 05 2008
Anonymous

Very Nice Guide/Tutorial… If You Do Have The Time To Teach Me Something On A More… “Personal” Basis…
Hit Me Up.
terroritz4evr@hotmail.com

[-But Then Again... In Giving Him My Email, I'm Making It Easy For Him To Gather Data...-]

Jus Jokes.

Quixx.

28 05 2008
Steve

get in touch with me please !!!

11 07 2008
SSH

Nice web. Useful

11 07 2008
indika

i have name,city,country of condidate.

11 07 2008
Sam

Wow keep doing the job

11 07 2008
runDll

Hi, guys
I would like to learn how to hack, please help me
Thanks

11 09 2008
FuNkY

Check this website for alot more valuable stuff !

http://www.unkn0wnfunk.com/forum/

27 10 2008
sumit

hi..i want remote hacking ..tell me how and plz help me

7 02 2009
miri

I came via google and i have to say: http://www.ip-adress.com is my favorite bookmark now. Thank you!

28 03 2009
Reverse Phone Number

I have this great tool that I developed on my site that I think you should give a try. Let me know what you think of it. – Walter

25 04 2009
ibrahim

hahahah

6 09 2009
Boss Resurfacing

Off topic – Help with PM?
lost password
Boss Resurfacing
Boss Resurfacing

6 12 2009
dfsdfd

Bad

31 12 2010
Jeff

I have all the info EXCEPT the IP addy, which gmail hides from recipients. I need to get into this gmail account. I’ve got the name, the email, the street address, everything but the one piece I need. How to solve this?

20 01 2011
Isatul

Please am connected to a wireless network that is passworded, can anybody tell me how to crack or hack into the wireless network? Reply urgently please.

31 03 2011
Pradip

I want to know password of the some other person e-mail id…
I feel that it is impossible…

is it possibple for u… then reply me..

24 06 2011
n@t_known

I want remote hacking. Could you teach me that please?

29 02 2012
Floldwewnen

серебряные украшения серьги кольца, серебряная ложка книга. ювелирные украшения из серебра тц рио, Запонки серебряные мужские. ювелирные изделия из серебра с аметистом как почистить серебряные кольца.

старинные украшения + из серебра серебро ложка купить. старинные ювелирные клейма серьги серебро. таможенный ввоз столовое серебро где купить серебряные брелки с изображением орла.

24 05 2012
FoerceJoicS

Ну что тут скажеш

_________________
Фильмы онлайн здесь

15 06 2012
Ronaldinho

fantastic issues altogether, you simply received a new reader. What may you suggest in regards to your submit that you just made a few days in the past? Any sure?

4 08 2012
shivam

i want to learn about basic hacking i anybody know plz contact shvm288@gmail.com thanks…..

26 09 2013
dorarpollard.blog.com

Whats up are using WordPress for your blog platform?

I’m new to the blog world but I’m trying to get started and set
up my own. Do you need any html codung expertise to make your oown blog?
Any help would be greatly appreciated!

1 06 2014
PokerVoVo.com Judi Poker Online

It’s nearly impossible to find well-informed people on this topic,
however, you seem like you know what you’re
talking about! Thanks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




Follow

Get every new post delivered to your Inbox.

Join 47 other followers

%d bloggers like this: