fake-cloud-hosting-service

How to Grab a IP Address Using Fake Cloud Hosting Service

by

How to Grab IP Address Using Fake Cloud Hosting Service

Welcome back today we will be looking in to grabbing IP address’s using a fake cloud hosting service this will act as a honey pot to grab IP address’s of attackers unsuspectingly while they break into your cloud hosting service and try to steal your files. To achieve this we will be using a Website by Fuglekos called privateBox.

Fuglekos privateBox

Fuglekos privateBox is an online service by the popular IP address grabbing service fuglekos. Funlekos privateBox will act as a trap for targets that won’t reveal their IP address via image or short links. It can also provide a good IP trap for hackers who believe the privateBox’s fake cloud service to be genuine.

Visit funglekos official website to start using privateBox to grab IP address it can be a great alternative to standard short link and image ip grabber methods as privateBox can be used as a Honey pot to trick a target into thinking the site is a genuine cloud service. : http://www.fuglekos.com/privateBox/

Quote from Fuglekos privateBox

“HOW can you lay a trap for someone who just wont open an image link? Or: How can you verify if you are victim of keylogger malware, or other kind of surveillance? The answer is Fuglekos privateBox!

Essentially, it is a “fake” type of dropbox service. The difference is that none of the buttons on the site actually do anything, its just for the looks, even some fake files showing, and while you are logged in, you can monitor (almost)REALTIME the ip-address of the next who logs in using your credentials! No need to click refresh button, it uses JavaScript in the background to update every 60 seconds. When someone falls into your trap, the website will pop up a red box with the IP and timestamp, while playing a loud “ding”-sound. You also receive an e-mail.

So if its a hacker you want to catch, then create a login on privateBox and wait for him to go check it out, believing that he will get access to your private documents 😉 If he has you keylogged so that he sees every keystroke you make, or is otherwise surveilling you, and he has the credentials, he will log in and you will immediately get notified!

If you believe that you are being key-logged or otherwise under surveillance, then just log in to privateBox and wait to see if they fall into the trap!

The site itself doesn’t reveal any information about its REAL purpose, so you can of course use this trick in combination with social engineering, to manipulate your target to go to the site you just “hacked” and log in with the credentials you give him.”

PrivateBox

First go to the following web link http://www.fuglekos.com/privateBox/ and register a new account using a disposable email service such as EmailOnDeck or ThrowawayMail. Funglekos does not permit the use of disposable fake email address’s we have had a little look about for a fake mail service that is not blocked by Funglekos and found a Fake mail service called EmailOnDeck that works perfect.

Enter valid user name and password and fill capture in email field enter address of disposable mail.

Login to Fake Email and confirm Funglekos privateBox Account by following the activation link.

When you first login to privateBox you will see web user interface that looks like the screen shot below it the fake cloud hosting page has a few buttons and fake files although they don’t actually do anything there just there to lure the attacker in to the honey trap.

Now lets assume a hacker was using key-logger remotely to see what keystrokes the target typing or somebody was passively observing keystrokes. But unknown to the attacker the target knew his credentials where being stolen as the target already knows its a trap he will set up a little trap of his own for the attacker by creating a fake cloud service and then patently wait for the attacker to come and steal there files from the fake cloud service they set up. Each time an attacker logs in and their each time an IP does not match the IP of a session created by the target an alarm will go of and the attackers IP address will be displayed on screen the fake hosting service with refresh new IP address’s every 60 seconds. The screen shot below shows notification of attacker logging in to the fake cloud service on their browser and IP being logged by the victim and then forwarded back to the target’s browser this can help gather a bit information about the attackers who are trying to steal your files.

Visit Funglekos official website to start using privateBox: http://www.fuglekos.com/privateBox/

If you enjoyed this article please consider sharing it on social media and with your friends thanks for supporting HackingVision.