|
 | 作者: thirdworld [thirdworld]
 论坛用户 |
登录 |
| 本帖由 [NetDemon] 从 << 黑客进阶>> 转移而来用了一个telnet弄的扩展后门,对方一上线就会把IP把到我的HOTMAIL信箱里。但是有时候收到的却是192.168.x.x这样的形式,只是他的内网IP。如何知道他的网络上的IP地址? 邮件的网页源代源如下: <html><head><script language="JavaScript"> IsNotBulkEnabled=IStatus=IsPrintEnabled=NewMenu=Junk=PutInFldr=Attach=Tools=""; _UM = "curmbox=F000000005&a=7dc4472920a98d4a5f6e2cc884f54f98"; function IfUtf8(C) { var N = (document.charset=="utf-8")?1:0 if (N == C) return true var u = k = document.location.href if (u.indexOf("utf8=")<=0) u += "&utf8=9"; u = u.replace(/(utf8=)\d/ig,"$1"+(N?"1":"0")) if (u != k) { window.location.replace(u) var w = window.open("","","height=1,width=1,menubar=no,resizable=no,titlebar=no,scrollbars=no,status=no,toolbar=no,menubar=no,location=no"); w.close() } } IfUtf8(0) </script><title>MSN Hotmail - 邮件</title><link rel="stylesheet" href="/cgi-bin/dasp/CN/hotmail___9080050023.css"><script language="JavaScript" src="/cgi-bin/dasp/CN/helppane___9080000001F.js"></script><script language="JavaScript" src="/cgi-bin/dasp/CN/hotmail___90900000014.js"></script><script event=onload for=window language=vbscript> on error resume next dim MsngrObj set MsngrObj = CreateObject("MSNMessenger.HotmailControl") If Err.Number <> 0 Then Else MsngrCreateObj ExecuteGlobal "MIR" End if </script></head><!----><body bgcolor=#336699 ><div id="HMname" style="visibility:hidden;position:absolute">qq86680520@hotmail.com</div><a name="top"></a><table border=0 cellpadding=0 cellspacing=0 width=100%><tr valign=top><td width=450 style="padding-top:3px;"><table border=0 cellpadding=0 cellspacing=0><tr><td nowrap>  <a href="http://g.msn.com/8HMBCN/7341??PS=8317" class="F" target="_top">MSN 主页</a>  </td><td><font class="G">|</font></td><td nowrap>  <a href="http://g.msn.com/8HMBCN/7342??PS=8317" class="F" target="_top">我的 MSN</a>  </td><td><font class="G">|</font></td><td nowrap>  <font class="F">Hotmail</font>  </td></tr></table></td><td><span style="width:30px;"> </span></td><td><a href="http://by13fd.bay13.hotmail.msn.com/cgi-bin/logout?curmbox=F000000005&a=7dc4472920a98d4a5f6e2cc884f54f98&t=1096110831&loru=&id=2&fs=1&cb=_lang%3dCN%26country%3dCN&ct=1096110831"><img border=0 src="http://64.4.55.45/crs_1134.gif" alt=".NET Passport" width="100" height="19"></a></td><td><span style="width:27px;"> </span></td><td nowrap valign=middle><font class="G"><label for="q">搜索网络:</label></font></td><td><span style="width:6px;"> </span></td><td width=100% nowrap valign=middle><form method="GET" name="websearch" action="http://cns.3721.com/cns.dll?coagent=msn_sa&type=z&act=info&name" style="margin-bottom:0px;margin-bottom:0px;"><input type="hidden" name="coagent" value="msn_ad"><input type="text" id="q" name="name" size=14 accesskey="S" style="WIDTH:65%"><span style="width:3px;"></span><input type="submit" value="转到" size=4></form></td></tr></table><table border=0 cellpadding=0 cellspacing=0 width=100%><tr><td><img src="http://64.4.55.45/spacer.gif" width=1 height=5></td></tr><tr><td width=100% align=center><IFRAME FRAMEBORDER=0 SCROLLING=NO MARGINHEIGHT=0 MARGINWIDTH=0 WIDTH=728 HEIGHT=90 SRC="http://rad.msn.com/ADSAdClient31.dll?GetAd?PG=HOTJ07?SC=L4?HM=045443415e5d4a125e4607302f05436e0a4979510e544b4c594b003f470a273d?LOC=R?TF=_NEW?ID=00067FFE8F7D1B02?UC=100?PS=8317?PI=44281?AP=1011" tabindex="-1"></IFRAME></td></tr></table><table border=0 cellpadding=0 cellspacing=0 width=100% ><tr><td colspan=2><img src="http://64.4.55.45/spacer.gif" height=1 width=779></td></tr><tr><td><table border=0 cellpadding=0 cellspacing=0 width=100%><tr> <td rowspan=2 background="http://64.4.55.45/tab.bg.dln.gif"><a href="http://g.msn.com/1HMCCN/141??PS=8317" target="_top"><img src="http://64.4.55.45/CN_CN_118x35.gif" width=118 height=35 border=0 alt="转到 MSN"></a></td><td rowspan=2 background="http://64.4.55.45/tab.bg.dln.gif" nowrap><font class="D">Hotmail</font></td><td rowspan=2><img src="http://64.4.55.45/tab.slide.hm.li.gif"></td><td colspan=12 height=13 bgcolor=#336699></td></tr><tr><td><img src="http://64.4.55.45/tab.separator.off.gif"></td><td background="http://64.4.55.45/tab.bg.off.gif" nowrap> <a href="javascript:G('/cgi-bin/hmhome?');" tabindex=120 class="E">今日焦点</a> </td><td><img src="http://64.4.55.45/tab.separator.on.l.gif"></td><td background="http://64.4.55.45/tab.bg.on.gif" nowrap> <a href="/cgi-bin/HoTMaiL?curmbox=F000000001&a=7dc4472920a98d4a5f6e2cc884f54f98" tabindex=121 class="E">邮件</a> </td><td><img src="http://64.4.55.45/tab.separator.on.r.gif"></td><td background="http://64.4.55.45/tab.bg.off.gif" nowrap> <a href="http://calendar.msn.com/calendar/isapi.dll" tabindex=122 class="E">日历</a> </td><td><img src="http://64.4.55.45/tab.separator.off.gif"></td><td background="http://64.4.55.45/tab.bg.off.gif" nowrap> <a href="javascript:G('/cgi-bin/addresses?');" tabindex=123 class="E">联系人</a> </td><td><img src="http://64.4.55.45/tab.separator.end.gif"></td><td background="http://64.4.55.45/tab.bg.sln.gif" width=100%> </td></tr></table></td><td valign=bottom><table border=0 cellpadding=0 cellspacing=0 width=100%><tr><td background="http://64.4.55.45/tab.bg.sln.gif"><img src="http://64.4.55.45/spacer.gif" width=1 height=35></td><td background="http://64.4.55.45/tab.bg.sln.gif" nowrap align=right><a href="/cgi-bin/options?section=mail&subsection=&curmbox=F000000005&a=7dc4472920a98d4a5f6e2cc884f54f98" class="G">选项</a> <font class="G">|</font> <a href="javascript:CPH('PIM_ReadMessage');" class="G">帮助</a> </td></tr></table></td></tr></table><table border=0 cellpadding=0 cellspacing=0 width="100%"><tr bgcolor="#4791C5"><td colspan=3><img src="http://64.4.55.45/spacer.gif" height=1 width=779></td></tr><tr bgcolor="#4791C5"><td style="padding-left:10px;height:20px;border-bottom"><table border=0 cellpadding=0 cellspacing=0 width="100%"><tr><td width=100% align="left" valign="middle"><font class="G">qq86680520@hotmail.com</font></td></tr></table></td><td align=right style="padding-left:10px;height:20px;border-bottom"><table border=0 cellpadding=0 cellspacing=0><tr><td align="right" valign="middle"><font class="G"> | </font><a href="http://g.msn.com/8HMBCNCN/9846??PS=8317" class="G" target="_top">MSN 特惠信息</a> </td></tr></table></td></tr></table><iframe id="Hfrm" class="NN"></iframe><table border=0 cellpadding=0 cellspacing=0 width=100% class="N" id="HMTB"><tr><td colspan=2><img src="http://64.4.55.45/spacer.gif" height=1 width=779></td></tr><tr><td><table border=0 cellpadding=0 cellspacing=0 width=100% class="O"><tr><td style="width:8px"><img src="http://64.4.55.45/spacer.gif" height=1 width=8></td><td class="P" nowrap onmouseover="MO()" onmouseout="MU()" onclick="MP('/cgi-bin/compose?type=r')"><img src="http://64.4.55.45/i.p.reply.gif" border=0 align=absmiddle hspace=1 alt="答复发件人"> <a href="#" onclick="MP('/cgi-bin/compose?type=r');return false;" tabindex=1>答复发件人</a></td><td class="LL">|</td><td class="P" nowrap onmouseover="MO()" onmouseout="MU()" onclick="MP('/cgi-bin/compose?type=ra')"><img src="http://64.4.55.45/i.p.replyall.gif" border=0 align=absmiddle hspace=1 alt="全部答复"> <a href="#" onclick="MP('/cgi-bin/compose?type=ra');return false;" tabindex=1>全部答复</a></td><td class="LL">|</td><td class="P" nowrap onmouseover="MO()" onmouseout="MU()" onclick="MP('/cgi-bin/compose?type=f')"><img src="http://64.4.55.45/i.p.fwd.gif" border=0 align=absmiddle hspace=1 alt="转发"> <a href="#" onclick="MP('/cgi-bin/compose?type=f');return false;" tabindex=1>转发</a></td><td class="LL">|</td><td class="P" nowrap onmouseover="MO()" onmouseout="MU()" onclick="G('/cgi-bin/getmsg?msg=MSG1096105232.2&mfs=&_HMaction=move&tobox=F000000004&direction=next&wo=')"><img src="http://64.4.55.45/i.p.delete.gif" border=0 align=absmiddle hspace=1 alt="删除"> <a href="#" onclick="G('/cgi-bin/getmsg?msg=MSG1096105232.2&mfs=&_HMaction=move&tobox=F000000004&direction=next&wo=');return false;" tabindex=1>删除</a></td><td class="LL">|</td><td class="P" nowrap onmouseover="MO()" onmouseout="MU()" onclick="DB(0)"><img src="http://64.4.55.45/i.p.block.gif" border=0 align=absmiddle hspace=1 alt="阻止发件人"> 阻止发件人</td><td class="LL">|</td><td class="P" nowrap onmouseover="MO()" onmouseout="MU()" onclick="G('/cgi-bin/notbulk?&from=getmsg&msg=MSG1096105232.2&IsAddressedToUser=')"><img src="http://64.4.55.45/i.p.notjunk.gif" border=0 align=absmiddle hspace=1 alt="不是垃圾邮件"> 这不是垃圾邮件</td><td class="LL">|</td><td id="PutInFTD" class="P" nowrap onmouseover="MME(event, PutInFldr);" onmouseout="MME(event, PutInFldr);" onblur="MME(event, PutInFldr);" onclick="MCH(event,PutInFldr)"><img src="http://64.4.55.45/i.p.putinfolder.gif" border=0 align=absmiddle hspace=1 alt="放入文件夹"> 放入文件夹 <img src="http://64.4.55.45/i.p.downarrow.gif" border=0 align=absmiddle hspace=1></td><td class="LL">|</td><td class="P" nowrap onmouseover="MO()" onmouseout="MU()" onclick="OW('PrintView','680','580','','','','','yes','yes','yes','/cgi-bin/getmsg?curmbox=F000000005&a=7dc4472920a98d4a5f6e2cc884f54f98&msg=MSG1096105232.2&printf=1&wcid=&soid=&skipnextprevmsg=&ShowImages=');"><img src="http://64.4.55.45/i.p.printv.gif" border=0 align=absmiddle hspace=1 alt="打印"> 打印预览</td><td class="LL">|</td><td class="P" nowrap onmouseover="MO()" onmouseout="MU()" onclick="G('/cgi-bin/domsgaddresses?&action=Modify&msg=MSG1096105232.2')"><img src="http://64.4.55.45/i.p.cont.individual.gif" border=0 align=absmiddle hspace=1 alt="联系人"> 保存地址</td><td width=100%> </td></tr></table></td><td style="CURSOR:auto"><table border=0 cellpadding=0 cellspacing=0 width=100% class="O"><tr><td width=100%> </td></tr></table></td></tr><tr><td colspan=2><img src="http://64.4.55.45/spacer.gif" height=1 width=779></td></tr></table><table id="FldrTable" onclick="MCH(event,PutInFldr,true)" class="U"><TR><TD class="W" onmouseover="MO_D()" onmouseout="MU_D()" onclick="PI('MoveTo','F000000001')" title="收件箱">收件箱</TD></TR><TR><TD class="W" onmouseover="MO_D()" onmouseout="MU_D()" onclick="PI('MoveTo','F000000002')" title="已发送的邮件">已发送的邮件</TD></TR><TR><TD class="W" onmouseover="MO_D()" onmouseout="MU_D()" onclick="PI('MoveTo','F000000003')" title="草稿">草稿</TD></TR><TR><TD class="W" onmouseover="MO_D()" onmouseout="MU_D()" onclick="PI('MoveTo','F000000004')" title="垃圾箱">垃圾箱</TD></TR></table><script language="javascript" > var PutInFldr = new MenuObj("PutInFldr", "FldrTable", "PutInFTD", "", "T", "P", "Q","Hfrm",""); </script><script language="javascript"> function OpenWin(url,self) { if(self == null) window.open(url); else window.location.href=url; } </script><table border=0 cellpadding=0 cellspacing=0 width=100% bgcolor=#DBEAF5><tr><td width=10><img src="http://64.4.55.45/spacer.gif" width=10 height=1><form name=msgr><input type=hidden name=msgFromName value="FQ-Y52R3B0N8I6Y"><input type=hidden name=FromText value="FQ-Y52R3B0N8I6Y"></form><form name=move action="/cgi-bin/getmsg"><input type=hidden name=curmbox value="F000000005"><input type=hidden name=msg value=MSG1096105232.2><input type=hidden name=wo value=""><input type=hidden name=js><input type=hidden name=_HMaction value=""><input type=hidden name=cmd><input type=hidden name=IsAddressedToUser value=""><input type=hidden name=tobox></form><form name=block><input type=hidden name=curmbox value="F000000005"><input type=hidden name=_HMaction><input type=hidden name=IsSingleMsg value=1><input type=hidden name=from value=getmsg><input type=hidden name=ReportLevel value=""><input type=hidden name="MSG1096105232.2" value=on></form><script> function PI(a,b) { document.move._HMaction.value=a document.move.tobox.value=b document.move.submit() } function HM(l){G('/cgi-bin/HoTMaiL?'+l)} function GM(l){G("/cgi-bin/getmsg?"+l)} function MP(l){G(l+"&curmbox=F000000005&a=7dc4472920a98d4a5f6e2cc884f54f98&msg=MSG1096105232.2&start=3195&len=637")} function S(t,a,b,c,d,e,f,g,h,i){G('/cgi-bin/'+t+'?msg='+a+'&start='+b+'&len='+c+'&mfs='+d+'&cmd='+h+'&lastmsgid='+e+'&msgread='+f+'&etype='+g+'&wo='+i)} function DB(a) { frm.action="/cgi-bin/kill" frm.ReportLevel.value=a frm._HMaction.value=a frm.submit() } var frm=document.block </script></td><td width=100% valign=top><table border=0 cellpadding=0 cellspacing=0 width=100%><tr><td valign=top width=100% class="HT"><style> .HT {padding-top:5px} .TH{border:0px;cell-spacing:0px;margin:0px;width:100%} .TH TD{padding-bottom:3px} .LH {padding-bottom:5px;white-space:nowrap} TT, PRE {font-size:12px} </style><table class="TH"><tr><td nowrap>发件人 : </td><td> <FQ-Y52R3B0N8I6Y></td></tr><tr><td nowrap>发送 : </td><td>2004年9月25日 17:40:31</td></tr><tr><td nowrap>收件人 : </td><td>Master</td></tr><tr><td nowrap>主题 : </td><td>WinEggDropShell Online Notification</td></tr><tr><td style="padding-bottom:0px"><img src="http://64.4.55.45/spacer.gif" width=70 height=1></td><td width=100% style="padding-bottom:0px"></td></tr></table> </td><td class="HT" align=right valign=top ><table border=0 cellspacing=0 cellpadding=2><tr><td><a href="javascript:S('getmsg','','','','','MSG1096105232.2','','','prev','')" tabindex=1><img src="http://64.4.55.45/i.p.previous.gif" border=0 alt="转到上一封邮件"></a></td><td>|</td><td><a href="javascript:S('getmsg','','','','','MSG1096105232.2','','','next','')" tabindex=2><img src="http://64.4.55.45/i.p.next.gif" border=0 alt="转到下一封邮件"></a></td><td>|</td><td nowrap><a href="javascript:HM('')"><img src="http://64.4.55.45/i.p.folder.gif" align=left border=0>垃圾邮件</a></td><td>|</td><td nowrap><a href="javascript:HM('curmbox=F000000001')"><img src="http://64.4.55.45/i.p.folder.inbox.gif" align=left border=0>收件箱</a></td></tr></table></td></tr></table><table border=0 cellpadding=0 cellspacing=0 width=100%><tr><td width=100% style="padding-bottom:5px"></td></tr></table><table bgcolor=#FFFFFF height=209 width=100%><tr><td valign=top> <table border=0 cellspacing=8 cellpadding=0 width=100% align=center nowrap> <tr><td> <div><pre> IP Address: 192.168.1.145 (请输入您的密码: Start Time: 9/25/2004 17:40:41) </pre></div> </td></tr> </table> </td></tr></table><div class="HT" style="padding-bottom:5px;"><table width=100% border=0 cellspacing=0 cellpadding=2><tr><td><a href="javascript:MP('/cgi-bin/compose?type=r')" tabindex=1> <img src="http://64.4.55.45/i.p.reply.gif" border=0 align=absmiddle hspace=1 alt="答复发件人"></a></td><td>|</td><td><a href="javascript:MP('/cgi-bin/compose?type=ra')" tabindex=1><img src="http://64.4.55.45/i.p.replyall.gif" border=0 align=absmiddle hspace=1 alt="全部答复"></a></td><td>|</td><td><a href="javascript:MP('/cgi-bin/compose?type=f')" tabindex=1><img src="http://64.4.55.45/i.p.fwd.gif" border=0 align=absmiddle hspace=1 alt="转发"></a></td><td width=100%></td><td><a href="javascript:S('getmsg','','','','','MSG1096105232.2','','','prev','')" tabindex=1><img src="http://64.4.55.45/i.p.previous.gif" border=0 alt="转到上一封邮件"></a></td><td>|</td><td><a href="javascript:S('getmsg','','','','','MSG1096105232.2','','','next','')" tabindex=2><img src="http://64.4.55.45/i.p.next.gif" border=0 alt="转到下一封邮件"></a></td><td>|</td><td nowrap><a href="javascript:HM('')"><img src="http://64.4.55.45/i.p.folder.gif" align=left border=0>垃圾邮件</a></td><td>|</td><td nowrap><a href="javascript:HM('curmbox=F000000001')"><img src="http://64.4.55.45/i.p.folder.inbox.gif" align=left border=0>收件箱</a></td></tr></table></div></td><td width=10><img src="http://64.4.55.45/spacer.gif" width=10 height=1></td><td valign=top width=160><IFRAME FRAMEBORDER=0 SCROLLING=NO MARGINHEIGHT=0 MARGINWIDTH=0 WIDTH=160 HEIGHT=600 SRC="http://rad.msn.com/ADSAdClient31.dll?GetAd?PG=HOTSO8?SC=D1?HM=045443415e5d4a125e4607302f05436e0a4979510e544b4c594b003f470a273d?LOC=I?TF=_NEW?ID=00067FFE8F7D1B02?UC=100?PS=8315?PI=44281?AP=1090" tabindex="-1"></IFRAME></td></tr></table><table border=0 cellpadding=0 cellspacing=0 width=100%><tr><td height=24 colspan=2> <a href="http://g.msn.com/8HMBCN/9853??PS=8317" class="HH">获取来自 MSN 的最新更新</a> </td></tr><tr><td height=24><table border=0 cellpadding=0 cellspacing=0><tr><td nowrap>  <a href="http://g.msn.com/8HMBCN/7341??PS=8317" class="F" target="_top">MSN 主页</a>  </td><td><font class="G">|</font></td><td nowrap>  <a href="http://g.msn.com/8HMBCN/7342??PS=8317" class="F" target="_top">我的 MSN</a>  </td><td><font class="G">|</font></td><td nowrap>  <font class="F">Hotmail</font>  </td><td><font class="G">|</font></td><td nowrap>  <a href="http://g.msn.com/8HMBCNCN/7344??PS=8317" class="F" target="_top">MSN Messenger</a>  </td> </tr></table></td><td nowrap align=right><a href="javascript:CPH('PIM_ReadMessage');" class="G">帮助</a> </td></tr><tr><td height=20 style="BORDER-TOP:1px solid #87b3d0" nowrap colspan=2> <font class="G">© 2004 Microsoft Corporation. 保留所有权利。</font> <a href="http://g.msn.com/8HMBCN/12264??PS=8317" target="_top" class="G">使用条款</a> <a href="http://g.msn.com/8HMBCN/12263??PS=8317" target="_top" class="G">隐私声明</a> <a href="http://g.msn.com/1HMCCNCN/8725??PS=8317" class="G">抵制垃圾邮件策略</a></td></tr><tr><td colspan=2><img src="http://64.4.55.45/spacer.gif" height=1 width=779></td></tr></table><IMG SRC="http://h.msn.com/c.gif?RF=&PI=44281&DI=1035&PS=8317" width=1 height=1></body></html><!-- H: BAY13-F1.phx.gbl --> <!-- V: WIN2K3 09.09.00.0052 i --> <!-- D: Sep 1 2004 12:33:38--> <!-- S: 0--> -------------------------------------------------------------- 哪一段是说明对方IP的?请指教~ |
| 地主 发表时间: 04-09-25 19:16 |
 | 回复: Xnewbie [xnewbie]  论坛用户 |
登录 |
|
没有,你必须使用POP邮箱。 |
| B1层 发表时间: 04-10-03 19:37 |
 | 回复: tom_grace [tom_grace] 论坛用户 |
登录 |
|
首先你用foxmail之类的软件将邮件以POP3的形式收下来。 然后打开邮件,在文件一项打开属性,看原始文件,邮件头应该包含这些信息。 但是你应该找不到他发信的IP。你只能看到他的邮箱服务器的IP地址! |
| B2层 发表时间: 04-10-03 21:05 |
 | 回复: zhs72212 [zhs72212]  论坛用户 |
登录 |
不错,正在争取发帖子。 |
| B3层 发表时间: 04-10-05 14:28 |
 | 回复: lcp2004 [lcp2004] 论坛用户 |
登录 |
|
天文我看不懂~!~ |
| B4层 发表时间: 04-11-10 20:20 |
 | 回复: clonepig [clonepig] 论坛用户 |
登录 |
|
晕菜 |
| B5层 发表时间: 04-12-03 15:38 |
 | 回复: Domain [aomin]  论坛用户 |
登录 |
|
h不懂! |
| B6层 发表时间: 04-12-10 16:47 |
 | 回复: lgf [lgf]  论坛用户 |
登录 |
 晕! |
| B7层 发表时间: 04-12-14 22:15 |
 | 回复: zoull2004 [zoull2004] 论坛用户 |
登录 |
|
晕 |
| B8层 发表时间: 04-12-19 12:31 |
| 回复: lijingxi [lijingxi]  见习版主 |
登录 |
|
用Outlook Express 应该能找到电子邮件的IP地址! |
| B9层 发表时间: 04-12-21 15:45 |
|
20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon
粤ICP备05087286号
论坛: 菜鸟乐园 标题: 如何在收到的邮件中找出对方的IP地址?