How to hack IP addresses (proven way with steps) – ICTShore …
Maybe someone scared you claiming to know your IP address. On the other hand, you could be the one trying to scare a friend by getting his IP address. Or, maybe, you just want to hear the truth about hacking IP address. Look no further, because in this guide we will give you all the truth. We will explain you how to hack IP addresses by following this agenda:
A quick introduction to what IP addresses areHow to hack IP addressesHow hackers find out an IP addressWhat can a hacker do when he knows your IP address
After reading this guide, you will be able to find out the IP address of potentially anyone, silently.
Is this legal?
Under most circumstances, it is. Knowing someone’s IP address is part of a “normal” communication over the Internet, so there is no problem in doing that. However, if you use the IP address to violate someone else’s PC, you are committing a crime under many jurisdictions. We do not endorse such activity. Everything you read should be tried on systems you own and control personally. We are not responsible for your actions.
Furthermore, remember that this is not legal advice. We are IT guys, not lawyers. If you are looking for legal advice it’s better to call your attorney.
Before Hack IP addresses
Before we start hacking, we should spend a few words on IP addresses. In IT, and in hacking specifically, never do anything without knowing what you are doing. Indeed, this concept is important here. A lot of people talk about “hack IP addresses” without even knowing what an IP address is. This can lead to unjustified fear among the ones being hacked or exaggerated glory among those who hack. What “hack an IP address” really mean? What can you do with that? Now, we are going to demystify IP address hacking.
What is an IP address?
An IP address is nothing more than a numeric identifier. It identifies a PC, smartphone, or any other device in a network, like the Internet. You can think of it like a snail mail address. If I know your snail mail address I know where you are, and I can send you some letters. With an IP address, I can know (roughly) where your device is, and send you some Internet traffic.
In other words, you are identified by your IP address over the Internet. Typically, your Internet provider assigns a public IP address to your router in your house. When your devices in your home network want to send traffic over the Internet, they will use that public IP address (shared among all of them).
The communication over the Internet happens with packets. Each piece of data is put in a packet, you can think of it as a letter. On the envelope, you always write source and destination IP addresses. The Internet will take care of delivering the packet to the right destination. Now, as you can see, if you send traffic out you will write your IP as source IP. This is the only way the other part can know it, and send some traffic back.
Do we really need to use our real IP address as source?
Of course! Imagine you want to download a movie, see a web page, or anything else you do over the Internet. You contact a third-party server, which sends you the content you requested. It needs to know where to send it, so it needs to know your IP.
Read more about IP addresses in this detailed article.
Am I in danger?
It depends, but in most cases, you aren’t. As from the paragraph above, knowing someone else’s IP is legitimate. You need it to send traffic back. What if your IP address ends up in the wrong hands? Just by knowing your IP address, nobody can harm you. However, they can start to scan your PC and see if you have vulnerabilities they can use to gain access to your data. We will get to that later.
How to find out someone’s IP address?
In the following section, we are going to cover an out-of-the-box technique. However, it relies on a simple principle: your victim needs to send you some traffic. If he does that, boom, you have his IP address. Your PC already learns such an IP address, but it doesn’t show it to you. We will see how to see it.
The Proven Way to Hack IP addresses
Some misconceptions and old techniques
The Internet is full of poor content about hacking IP addresses. You might read about hacking IP addresses with Skype and get excited about that, but since 2017 this is not possible anymore. So, for this article, we are going to use the best way to hack an IP address. We are going to use the only way that depends uniquely on you, not third-party services. Because of that, it will always work.
Furthermore, it is simple to apply and easy to use.
What’s behind our technique
The idea behind our technique is simple. You basically give your victim a link: they can open it with their mobile, PC, or any sort of device. On that link, they will see an image of your choice (we recommend using a fun one). However, your system will also track automatically their IP address and more information, like the browser they are using and their operating system.
While this happens, they will see the fun image and have a laugh about it. They have no way of knowing that you are tracking their IP address.
Step #1 – Register a website (for free! )
You want to give your victim a valid link to click, and it must be valid online. Therefore, we need to register a website. There are a lot of free services online to register a website, and among them, we have chosen x10 hosting. Go to their website and register a new account.
Create your account and this will give you a free website.
As a first thing, they will ask you to select a domain image. Use a credible one for the kind of images you want to share.
Select the domain name.
Continue with the registration and verify your email. Once you complete the process, you will end up on the homepage where you will have to create a website. Now you are going to say “Wait, I thought we already created that! ”… well, sort of. Until now, we created the name. Now, we have to prepare the software running behind it.
Step #2 – Creating the website itself
The home will look like the one below. From there, just click the green Add Website button on the top right.
Click on “Add Website”.
A quick wizard will open. From there, we have to tune a few items. Before everything else, select “Custom Website” website. Then, as a website name, write something that reminds the website, like its domain name. As the last thing, leave the address path empty. Then, click on Add Website.
Website configuration.
Create the website, then select “Continue to my website” on the next page. Congratulation, we are almost there!
Step #3 – Download the IPFinder script
Now your website is ready. All we need to do is uploading the script that will take care of saving IP addresses and delivering the images to the user. Fortunately, you don’t need to write that script on your own: instead, we did it for you. It uses a PHP file, three HTAccess files, and two folders.
Our IPFinder script comes in a useful zip package that you can download for free by using the link below. Just click on it and download the zip file.
Now that you have it, don’t even unzip it. We will do that on the website directly: move on to the next step.
Step #4 – Upload the IPFinder Script
From the website pages, select the File Manager option. This will open a new window that looks similar to Explorer in Windows. A website is just a collection of files on a public server. With this File Manager, you can have a look at those files. To them, we need to add our script.
Here, select the file manager.
Once you are in the file manager, select Upload (1). This will open a new window, where you can click “Browse” and search for the file you downloaded. Select that compressed file () and wait for the upload to complete. Then, close this window and click Reload (2) in the previous window.
Upload IPFinder, then click Reload.
Now you should see a new file in the list, right below “cgi-bin”. This is our zipped package containing IPFinder, and we just need to extract it.
Step #5 – Extract the IPFinder
Select the so that its background turns blue. Then, from the top menu, select Extract.
Select the file (1) and launch the extraction (2).
A new window will pop-up. Just click on Extract File(s) without changing anything. Then, wait for the process to finish, and, as soon as it does, click the Close button. You will have some more files and folders on your list. In case you don’t, just hit the Reload button as we did previously.
At this point, I recommend you to delete the file. You don’t need it anymore, as we have extracted its content. So, just click it and then click the delete button at the top. This step is not mandatory, but it is a good practice.
Step #6 – Adding images
Our IPFinder comes without images. However, it is a script that shows an image and logs the IP of the viewer. Therefore, you need to add your own images. So, find a jpeg image that you think would work for this purpose. At the moment, our script only supports JPEG/JPG images. Once you have that image, rename it with a simple name without spaces. Then, double-click on the images folder to view its content.
Doube click on the images folder.
Once you are in, you will see only a. htaccess file. That’s OK, now upload the image the same way we uploaded the IPFinder script. For example, we will be using an image named Now click “Up One Level” to return to the main folder.
Step 7# – Using IPFinder
Now your IPFinder is ready to go. How do we use it? It is very simple, as it automatically creates the URL we need. Your URL to share with your victims will be something like this one.
In this URL, each part is customizable.
The domain name is the name of your website, the one you selected when you created the account. You won’t be able to change this. In our case, this is “coolimages” image name is the name of the picture you uploaded, so in our case, this is “”The user ID is something you should select carefully. Here you can write any combination of letters and numbers you want. Now we will see how to use it
Selecting the User ID
IPFinder will save a new text file for each victim that sees the image in the log folder. That file contains the date, time, and the User ID you specify. The purpose of this field is to let you differentiate between users. Think about it, what if you want to give the link to multiple people? How can you know which IP corresponds to which person? You cant. With this approach, you would send to John the link to / and to Alice the link to / They will both see the same picture, but you will log their IPs separately.
Hack IP addresses, getting the results
Browse the log folder. You will see some text files with the names explained above. Open any of them and read their content (select it and click Edit). In each, you will see something like this.
IP:
Browser info: Mozilla/5. 0…
Note that for privacy we have hidden some parts of the IP address and some parts of the browser info in this example. However, from your script, you will get the entire IP address and the full browser information.
What can you do with hacked IP addresses?
At this point, you have your IP finder in place. You shared some images, thus getting some IP. You can know truly hack IP addresses, but you are still wondering what can someone do with IP addresses. On the other hand, you might be the one who believes to be hacked, and you want to know if you are in real danger. Look no further, here we will tell you the ultimate truth about what happens after you hack IP addresses.
Hack IP addresses to scare people
A lot of self-proclaimed hackers hack IP addresses just to scare people. They contact the person and tell them they know their IP address, and maybe their browser. A normal PC user will believe they have accessed their PC, how would they know which browser they use otherwise? So, people get scared and start believing in the hacker.
I’ve heard stories about “hackers” who managed to extort money from someone with this approach. They basically make them believe they had access to their data and threatened to share some personal pictures or something like that. The truth is, they didn’t even know if those pictures really existed. However, they approached everyone with the same words. As a result, they would scare the hell out of anyone holding such kind of pictures. Of course, such activity is illegal.
Geolocating you
If you get someone’s IP address, you can geolocate it very approximately. The location will be a few square kilometers accurate in urban areas, and a few dozens square kilometers accurate in rural areas. This is a rule of thumb and might vary, but you will be never accurate enough.
Only your service provider, and thus the police, can locate you precisely with your home address. For the others, you need to get by with only knowing the city or county.
Truly gain access to the device or to personal data
If someone knows your IP address, he can scan you. This means he can try to detect the system you are running and your vulnerabilities. Now, since the public IP address of yours is on your home router, they will do that for your router. They will gain access to your router and, from that, they will adopt the same approach to gain access to your PC.
This process is long and complex and requires a skilled hacker. However, it always follows the same guidelines.
Find exposed services (with nmap) and try to detect the hardware and software version with the TCP signatureLook for common exploits on the exposed services, or for that specific hardware/softwareTry to gain access with brute forceTry to create a custom exploit
Of course, the fourth step is so hard that many hackers will simply give up. That step if for someone with skills and budget that wants to hack specifically you.
How can I defend myself?
In many connections, rebooting your router will change your public IP address. That’s it. If a hacker was attacking you, they will have to find your IP again.
Furthermore, you can increase the level of security by using a VPN or a proxy chain like TOR. In this case, you basically contact a server you trust (maybe own) somewhere on the Internet. Then, that server makes requests on the web for you. In case someone tracks your IP address, they will track the IP address of that server. This is for a whole new article, however.
Conclusion
In this article, we have presented how to hack IP addresses. If you followed our guide carefully, you have now a website you can use to hack IP addresses silently. You also know what to do with such addresses, and hackers do with them. Now it’s up to you! Go out there and practice this technique, but be always conscious of what you’re doing.
What are your thoughts on hack IP addresses? Do you feel safe? Did you manage to scare a friend of yours? What would you like to learn after this? Just let me know in the comments!
How a Hacker Might Exploit Your IP Address
A hacker is simply an online vandal, if you think about it. What do vandals do but damage things that don’t belong to them, for no good reason other than to do it. A hacker wants to worm his way into a network of his choosing to do serious (or not-so-serious) damage, such as stealing email addresses or your personal data.
Hacking is mostly focused on causing trouble for big companies and government agencies. But anything is fair game, and that’s why some junior hackers will stoop so low as to hack the IP addresses of our computers, just to mess things up for a bit.
Your network identifier: an IP address.
As you likely know, every computer that is connected to a network or the Internet has its own IP address. Everyone on the Internet has to have an IP address to send emails, look up information or buy online. It’s as simple as this: When you’re connected, you have an actively working IP address. And depending on where you are, your IP address can change.
A lot of Internet chatter that says our IP addresses can reveal our identities is not accurate. As experts have pointed out, if our IP addresses were truly the gateway to all of our personal and private information, then the entire Internet would be one big mess. But fortunately, our IP addresses alone do not make us easy targets.
Unfortunately, that doesn’t mean hackers will leave IP addresses alone. Remember—hackers simply like to mess things up, so they’ll still see what disruption they might be able to cause.
But just how would the hacker get into your computer anyway?
Ports: like doors to your home.
In the world of TCP/IP, the interface between the networks and your programs occurs through a system of electronic channels called ports. Each of these ports has a unique number that identifies it. So, in a sense, the ports are pipelines in the computer through which data can flow to and from a particular application and the network protocol software.
Each IP address has ports associated with it. Those ports are an important part of your computer system: Several programs (applications) might be running on the same computer, and the built-in network software on your computer needs to have a way of knowing what incoming packet of data is intended for what application. It needs to know, for example, how to send incoming emails to your email program.
That’s how that happens.
A building with rooms.
So we have IP addresses, ports and programs. Think of them as an address on your computer, a doorway into a room, and a room itself. With this picture in mind, look at your port as a back door that allows entry into your house…your computer. Completing the analogy, the room is a single application (program) you’re running.
If you’re connected to the Internet and running a program, a related port (identified by a number) will be open. That’s good for you, but it could allow someone who knows your IP address (an outsider, a hacker) access into your connection, with some ability to engage or affect the program you’re running.
Behind the door.
Fortunately, each room/program is somewhat self-contained and doesn’t have connecting doors to the other “rooms” in your computer. So, even if a hacker gets your IP address, sneaks into your port through the big back door and gets into your program, that’s as far as they can go.
Is there a way to block the door? Yes. That’s where a firewall comes into the picture. It essentially blocks intruder activity from getting through the ports.
Making your IP address invisible.
One way to keep hackers at bay is to hide your true IP address. One way to do this is to set up a personal Virtual Private Network (VPN). With a VPN, your online requests are routed through a vast network of computers, and you use a temporary VPN to communicate online. A hacker would not see your true IP address and wouldn’t be able to connect to your computer.
For more information, see our pages on hiding an IP address and Virtual Private Networks.
Related Articles
What is Hacking?
What is Malware?
Building a Better Password
Ethical hacking: TCP/IP for hackers – Infosec Resources
In this article, we’ll discuss TCP/IP: the importance of mastering it and how this mastery can be beneficial to hackers. We will then look at how hackers are able to attack TCP/IP and the different network attacks associated with it. We’ll also discuss the methods that security teams can use to protect themselves from these TCP/IP attacks.
Overview of TCP/IP
TCP/IP is actually the most widely-used protocol today. TCP/IP is currently the most common standard for communicating devices within computer networks.
The TCP/IP stack is divided into several layers, each of which is important for particular aspects of communication. It is possible to develop each of these layers without affecting adjacent ones. With TCP/IP, data encapsulation is achieved in different headers across different transportation layers of the protocol stack.
Despite attempts to make TCP as secure as possible, there still are some attacks that abuse it.
What are some essential TCP/IP hacking techniques?
Hackers are able to attack some flaws that exist within the TCP/IP protocol suite. There are three major attacks:
Address spoofing
TCP sequence number prediction
Port scanning
Let’s briefly discuss these techniques.
Hackers have always been able to manipulate the direction that an IP packet takes based on the implementation of the IP header. Whoever has access to the IP header can act as a routing device and determine where the packet goes. This is true for both the source and destination of the traffic.
Hackers can then impersonate another host’s IP address within the network and send packets appearing to originate from this host.
This attack attempts to correctly guess the sequence number used to identify packets in a TCP connection. If hackers are able to achieve this, they can counterfeit packets heading to the target host on the network. The target host has no way of knowing that these counterfeit packets are from a malicious host.
The attacker achieves this by listening to the communication between the sender and receiver. All the attacker needs is the sender’s IP address and the correct sequence number, and this attack succeeds.
Hackers are able to perform port scans in order to identify open ports and the services present and running within the network’s hosts. This is done with the intention of pinpointing and attacking a vulnerable target.
There are several different types of port scans that can be used:
TCP “connect()” scan: This is a UNIX system call that can be used to open a connection with an interesting port. The call to “connect()” will only succeed if there is a listening server, or else the port is not in use. This method is very easily discoverable and will be detected in a proper security audit
TCP SYN scan: This is an alternative that can be used to the “connect()” scan. Here, the hacker sends a SYN packet to the target. This tricks the target that an incoming connection is pending
TCP FIN scan: Hackers can use this as an alternative to the two methods above. Instead of sending a SYN packet, the hacker sends a FIN packet. This technique will not work where certain packet filters have been enforced
Once a port has been identified to be open, hackers can then target them for attacks. These attacks will also largely depend on the services that are running on the ports.
What are some network attacks associated with TCP/IP?
Hackers have discovered flaws within the implementation of TCP/IP. These vulnerabilities have led to the possibility for different kinds of attacks. The following are the main classes of attacks that result from these vulnerabilities:
Denial-of-Service attacks
Spoofing attacks
Let us discuss how each of these vulnerabilities work.
Denial-of-Service attacks prevent valid and legitimate users from gaining access to information that they should be able to access. The attacker transmits huge amounts of bogus data to the target, with the intention of rendering it unusable by overwhelming it. The target eventually runs out of memory or CPU processing and might ultimately crash.
The two main types of flooding attacks are:
CHARGEN and ECHO
SYN flooding
There are also other Denial-of-Service attacks that hackers can use — for instance, the famous Ping of Death, which inflates the size of a ping packet and causes a system to crash.
Some TCP/IP implementations offer some two key services, CHARGEN and ECHO. CHARGEN runs on TCP and UDP port number 19, while ECHO runs on TCP and UDP number 7.
For any incoming UDP packet, CHARGEN will respond with randomly selected characters numbering anywhere between 0 and 512. ECHO will respond to any incoming packets with whatever it has just received.
These two services are intended to be for diagnosis of the system, but instead, hackers have found a way of abusing these into tools that can perform Denial-of-Service attacks. This is possible because it is quite easy to set up a chain of requests between two servers targeting the CHARGEN port on one server and targeting the ECHO port on the other while spoofing one’s server’s IP address.
Once this is done, the spoofed IP address of one server will appear legitimate to the victim and the chain of request and response will be established. Such an attack will result in great traffic on the network, leaving network users with slow internet access.
This attack can be leveraged to target a particular target of interest, leaving users without access.
This attack involves the sending of bogus SYN packets to a target host, flooding (hence consuming) all new network connections to a target host. This results in legitimate requests to TCP connections failing to receive any connection; thus, the service is denied.
Spoofing attacks are attacks that trick systems within the network into believing that the attacker is either a legitimate server or client. The following are the two major categories of spoofing attack:
Client-side spoofing
Server-side spoofing
Hackers are able to perform this type of spoofing by impersonating an authorized client to a server. There are a few methods by which this can be done.
One of the common ones is IP spoofing. Hackers craft packets with a spoofed source IP address, then impersonate legitimate clients on the network. One application of this is when dealing with servers requiring IP-based authentication. Using this technique, it is easy to fool such servers.
Server-side spoofing operates in a different manner. Instead of a hacker impersonating a legitimate client within the network, the focus is on impersonating a server in order to allow clients on the network to connect to them. The motivation behind this attack is to collect sensitive information from clients as they willingly submit it to the “legitimate” server.
Other attacks
Some TCP/IP-based attacks involve abusing routing infrastructure, domain name systems and numerous other TCP/IP implementations. Let’s briefly consider a few.
Routing infrastructure attacks
Routers make routing decisions based on the information stored within the routing table. Routers will periodically share routing information in order to keep their routing tables up-to-date. These updates are known as Link State Updates (LSU).
The possible threats here are mainly from spoofing attacks. A hacker can break into router A and make it send bogus routing control packets to routers B and C, causing them to switch traffic to router A. The hacker then sets up a man-in-the-middle to spy on traffic coming from routers B and C.
DNS misuse attacks
Since there are numerous types of DNS attacks, we decided to categorize them into four main groups:
Volumetric DoS attacks: This attack involves overwhelming the DNS server by flooding it with a high number of requests. These may originate from one or multiple sources and lead to service degradation or unavailability
Exploits: These attacks exploit various bugs that affect the DNS services
Stealth/slow drip attacks: These attacks involve sending low amounts of traffic to the DNS server, resulting in capacity exhaustion within the server. This may ultimately lead to service degradation
Protocol abuse: These attacks abuse DNS leading to data exfiltration
Other TCP/IP attacks also include no-file security, x-windows and distributed coordinated attacks.
What are some detection and protection methods for TCP/IP-based attacks?
The following are some of the methods that can be applied by security teams in order to prevent or defend against TCP/IP-based attacks:
System configuration improvements
When a system is properly configured, all the possible loopholes are sealed and hackers are unable to exploit them for attacks. For instance, when vulnerable protocols are disabled within a system, hackers will not have smooth access to the target.
Router configuration improvements
Information within the routing table can be accessed by hackers and altered for malicious intent. Where proper router configurations are implemented, hackers may not be able to gain unauthorized access into systems.
Firewall/SIEM/IDS/IPS installation
Properly configured security solutions such as firewalls, intrusion detection systems and intrusion prevention systems are able to identify malicious traffic within the network and notify the security team in real time. This is effective at thwarting attackers’ attempts to breach networks.
Conclusion
Some of the discussed TCP/IP-based attacks above are quite old, yet only recently are we seeing intelligent security solutions able to pick most of them up. Scanning tools are also getting better as more attacks get discovered. Knowing how to exploit these issues is essential for ethical hackers, who can then suggest solutions to resolve them and make networks safer.
Sources
Guang Yang, “Introduction to TCP/IP Network Attacks“
Brenden Claypool, “Stealth Port Scanning Methods“
TCP/IP (Transmission Control Protocol/Internet Protocol), TechTarget
What IP Means and How It Works, Lifewire
TCP/IP, Computer Hope