How can I get real user host or ip if that host is shadow.(e

kanof · Post by **kanof** » Sun Oct 28, 2001 3:20 am

I ever to saw someone use bot find real user host. On webnet, host will shadow.

eg.
<nick> test@202.44.15.Zg743=
!ip <nick>
Bot say: ip <nick> = 202.44.15.112

how can I do? please.

ppslim · Post by **ppslim** » Sun Oct 28, 2001 2:33 pm

There must be some sort of command that gets this reply from the server. If you know it, you will have to tell us about it, and what arguments the command takes.

Without this, we can;t do a thing.

Wcc · Post by **Wcc** » Mon Oct 29, 2001 3:44 am

If this network is doing what I think it is, it uses an encrypted string to mask userhosts. There is nothing you can do without the algorithm.

Ian-Highlander · Post by **Ian-Highlander** » Mon Oct 29, 2001 9:14 am

Heh, there is a command to get the normal full unmasked host. Only downside, you have to be a Sysop to use it.

/userhost <nickname> returns full unmasked hostmask of a user but requires you to have a certain flag first to allow you to use that command. (Being a TechAdmin on a server has its perks

)

Other than that I dont know of any way round it.

Regards

Ian-Highlander

ppslim · Post by **ppslim** » Mon Oct 29, 2001 11:14 am

To finish this one off in style.

THis basicaly means that it will be imposible to get the real hostmask.

Errtu · Post by **Errtu** » Mon Oct 29, 2001 11:51 am

open a dcc chat to the person. close the dcc right after initiating it and you'll see what ip your client/eggdrop tried to connect to (=real ip, not masked). Yeah, i think it's virtually impossible to combine this in a script, but this is a way to get their real ip.

Wcc · Post by **Wcc** » Mon Oct 29, 2001 12:34 pm

Im willing to bet the person that you saw use a bot to unmask that host had cracked the masking keys. Than you would just make a simple proc to apply this algorithm to the hostmask.

Unless, of course, this bot had IRCop privleges. On UnrealIRCd 3.2 beta 1 and up, the algorithm is almost impossible to crack.