Thread: [Guide] Never Getting Your Password Stolen!
View Single Post
Old 06-05-2008   #1
yigh
Level 21 Grammar Nazi

 
yigh's Avatar
 
Join Date: Feb 2008
Age: 15
Gender: Male
Posts: 730
DZ Gold: 6.50
Trade Rating: (0)
NeoSim (B/S): 0 / 0
DLs/ULs: 72 / 1
Thanks: 28
Thanked 70 Times in 30 Posts
Nominated 3 Times in 1 Post
TOTW Award(s): 0
Rep Power: 5 yigh will become famous soon enoughyigh will become famous soon enough

Points: 4,479, Stage: 18
Points: 4,479, Stage: 18 Points: 4,479, Stage: 18 Points: 4,479, Stage: 18
Next stage: 9%, 459 Points needed
Next stage: 9% Next stage: 9% Next stage: 9%
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
Time Spent Online:
1 Day 19 Hours 41 Minutes N/A
Red face [Guide] Never Getting Your Password Stolen!
This thread practically gave birth to this guide.
This is an Attempt to help people catch bad programs that send away your login information to bad peoples that take away all your work!
Imagine! Your SuAP was gone the next time you logged in. Yeah... brace yourself for some horrid feelings, because deep down, you know it could have been prevented if only you had read this guide!
Now, there are two methods,

The Popular Method
The Easy Method
And The STD Method.(I am in no way making fun of people with STDs)

Ok, The Popular Method. You need Ethereal, which is now called wireshark.
Basically, with wireshark, you record by going to Record>Options.


Now, you need to Change the Interface to your Network adapter. I dont know about routers, but if you use Ethernet connection to your Pc, Your IP should show under it.


Now, before you click start find and open your program. Click start. Now, what if the program was a real password stealer? You dont want to lose you account, so you enter a fake username.
I suggest "yighispwnfulbeast" because that is what the example will assume you are doing.
Now, click send. You should see more Ips and stuff come up on the Wireshark interface.

Next, is the Filtering.
See the little green bar? you need to come to this site to find the command.
I found it for you,
Code:
   data-text-lines yighisapwnfulbeast
But one issue I have with wireshark, is that they always change stuff. If the above doesnt work, you need to go look again.
Now, See how many SEND addresses there are 1 is Ok. More than 1, I would be worried. The number may change depending on the login method of the program.
This has some flaws, because it records ALL the internet activites, and sometimes, stuff may seem like they aren't. Dont know why this is so popular.
I admit I am not a poweruser of this program. There may be better ways. This is just mine.

But I think WPE Pro is a LOT easier. And wow, what a Coincidence! That is the Easy Method!
First, you need WPE Pro. Dont be fooled, it does not cost any money
Now, You open it up.
You should see something like this

Now, Target the program you want to check. Click the play button.
Recording has begun. Now login with a fake username and stop(by clicking the stop button). Now Check that there is only 2 Ips. A third IP usually means that there is some third party receiving info.

Why 2 IPs?
Remember, You are only getting the packets of the programs, so it should only consist of the program sending a packet to the neo server, and neo server sending it back. That is why there are 2 IPs.

Thirdly ,the STD Method
This is basically the easiest way. But kinda ineffective.
2 Parts. Luck and Experience.
Luck is just in case the experience part fails
Experience means to let other people experience, or use the program. After a while, no accusations or anything, usually 1-3weeks, the program would be clear for using.

Hope you guys learned something
~Yigh
Offline  
The Following 9 Users Say Thank You to yigh For This Useful Post:
doger (06-11-2008), jessicat09 (06-30-2008), Juggs (06-05-2008), mars208 (07-31-2008), MissYee (07-15-2008), Omsy (07-07-2008), MC (06-15-2008), starshining (09-04-2008), TripelS (06-15-2008)