Courtesy of fravia's
(Ported in March 2000)

Luring lore - 3

How to caper an email account
(With a [digression]: Pseudoanonymous method for dummies)
by A+heist, March 2000
Edited by Fravia+
Well, this is "simple stalking" AND "simple luring" at the same time, I'll let fravia decide where he wants to include it... so, let's see: first of all you must find out what your target really loves. Let's imagine he is very interested in Tina Turner songs, just for the love of it.
Now what you want is NOT ONLY to find out his real IP, don't you, that's something fairly easy and straightforward that is anyway included in this lesson. The best "bingo" here is to have him betraying his complete email address settings, so that we can caper his account the very moment he comes straight from it when he visits your bait.
You may have many good reason to want to read his emails, or to know his real identity (both very likely once you have access to his emails): why should such info only be reserved for the people working at -say Yahoo- to perform their 'insider trading' activities and statistical spionage? Wouldn't you have a moral right to have a look at the real identity of a spammer? Or of a porn-dealer? They break the law, you punish. It's so simple, isn't it?
We are goinh to leech some tricks from the proxy people here, and apply them to our email capering project :)
There is a fairly amount of 'preparatory' work involved, and you will need
  1.   a good knowledge of the target you want to lure in order to propose a credible bait that will have him acting 'without precaution'. (The 'hand that clicks' snapping before 'the brain that thinks')
  2.   he actually having an email provider that -like Yahoo and most of them all - allows immediate links inbside the emails (you will understand why in a moment)
  3.   a good bait page, that will not 'stink' even if he is really careful and visit it through proxies.
  4.   a good program to snatch the data when he comes visiting you, we will use here php3.
  5.   A quick reaction (surveillance) as soon as he does, so that you can enter his mail and modify his password quickly, while he is still inside 'his' email hosting service.
  6.   a good avatar that the target you want to lure 'trusts'. (This one is an accessorial ^rerequisite only for more serious and long-term luring or stalking).

Sounds complicated, eh?
First of all try this on email addresses taken from a luser messagegroup, where chance are that two gazillion people will bite your page coming stright from their email addresses.
This could be your letter for the usenet group let's take this posting OT: Tina Turner as bait and slightly modify it:

So, what are everyone's thoughts on TT?
Here, I just rediscovered her single, "Private Dancer" from '84. 
It truly has to be one of the most perfectly crafted pop songs 
I've ever heard in my life, honestly right up there with Papa 
Don't Preach and Like a Prayer.
Her new album, Twenty-Four Seven, has been in my stereo for 
weeks now, and it's one of those that will take months to wear 
out.  There are at least 6 "highlights" on it.

I have decided to post some of them in mp3 format - for a couple of days -
on my page at linktoyourbaitpage.

[ for instance with a code like this one: open source proxy checker
of course you will have put in your baitpage a checker that allows gathering of referrals (there are tons of them on the web, see the proxy pages)
] ~ [I'll soon put above a working link to DQ's fabulous 'open source proxy checker', to be published end March, fravia+]
please feel free to visit it and download Tina Turner's songs.
Any other thoughts?
Later, friends of Tina, 
Send the snippet above to yourself and check your link above from INSIDE your own free email provider, and then, once you visit, see what your referral data will be.
As you can see, such a bait should be almost irresistible for any Tina Turner 'aficionado'.
In the reality, of course, they WILL find on that page some mp3 that you will have put there (so that they will spend some time downloading, while you act), and they will not even SEE the code that you have there as well, which you will use in order to fish their referrals from INSIDE their address providers.
The moment you get them, use the URL that you have fetched in the referral and browse into it. For instance I had this URL to-day while using yahoo:
when reading one of my mails. (It would be useless to use it now, since my login session has expired).
If you are quick enough (and if you have the bait well loaded with mp3 your target will be siphoning songs for a while :-) you'll be inside his email box without problems, as long as he is still connected, especially if he has set his pc in order NOT to accept cookies (and most of the target that you'll stalk for real will have such settings per default). YOU on the other hand, will have to have your PC set for NON accepting cookies, deceiving the filters into believing that you are the same guy calling from another box.
Now take care, because he may close his connection every moment, so immediately go to the MASTER page of the account and modify the password AND the emailaddress of reference to one of yours (that you will of course have gathered through the usual pseudoanonymous method...
DIGRESSION: Pseudoanonymous method for dummies
Or, "how to have a free email account that does not smell too much"

ISP account on a free month ride that you will throw away after the free trial period and never, never, never use again ~ access through chained proxies, proxonomitron+junkbuster, whatever you trust ~ access yahoo "free" email (or whatever provider you want to have) ~ the moment you enlist you must already have a bogus identity ready -to satisfy yahoo's statistical sniffers- could be whoever you find on the telephon book or the address of a book la fravia, o some petty life found on web personal pages la geocities (identity capering) ~ never forget that all the email you write IS USED by the 'free' account providers: never use this account for sending anything personally related, just for receiving (and eventually answering) free services confirmation ~ ¿comprehendes?
this will keep your target working for a while in order to regain his account (he will first try the re-send password method, but the password will be sent to your bogus account and time will go by before he realizes that... in very advanced cases you'll also take the precaution to send (trough a proxy) a nice 'official' automated email to your target, apparently from his email-provider, asking him NOT to send the new password he will have to choose to anyone and telling him at the same time to allow some days before everything will work :-)
The time span you'll be able to use before he will be able to clear things will be enough to allow you most probably:
To know exactly who your target is.
To know exactly what he is doing and why (useful for nasty spammers)
To 'seed' backdoors in other accounts he may have left trace of on the one you capered
To read his juicy real letters :)

Ahah, I was jocking all the time, the above tactiques are a no-no-no! You should never read other people's mail!
A+heist, March 2000


(c) 2000: [fravia+], all rights reserved