Grab a target’s IP address using social engineering and a picture

In this post, I will describe a simple method to get the IP address of a target, using Python, DDNS, port forwarding and a picture.

  • Register a DDNS here and point it to your external IP address.
  • Forward external port 80 to your computers internal IP and internal port 8000 at your router.
  • Make an empty directory and place a picture in it.
  • cd to this directory and run python -m SimpleHTTPServer

At this point you are ready to grab the IP of your target.

The URL should look something like http://whatever.yourddnsis.com/picfilename.jpg
All you need to do is get the target to click on the link, or look at the picture if it is posted somewhere, i.e a forum.
You could send them an email, PM them in a chat and many other ways, use your imagination!

Keep an eye on the terminal where you started the python server and the targets IP should pop right up.

Bear in mind that if the target gets suspicious and is tech savy, they will be able to find your IP address quite easily by pinging your DDNS hostname.
For this reason it is advisable to change your DDNS to a different IP as soon as you have harvested the targets IP address.