There are several online tutorials (some of YouTube) that claim that they can check a Skype user IP address using CMD.
One tutorial which I tried to replicate was here:
https://sinister.ly/Thread-Finding-IP-Address-Through-Skype-CMD
The jist of the instruction is to open CMD as an administrator, and then use netstat -nbt
So, I am testing this theory. I am online right now with a friend, whose IP is 108.239.16.221. I also have about 20 other friends showing online at the moment. Lets see what CMD sees.
Here is my output from netstat -nbt
I was told that it should be possible to track the IP in CMD during a file transfer (if I send that user a file), and it may be possible, but I do not know how to initiate the netstat fast enough for it to capture the file transfer in process. Unless I send a really large, the transfer seems to go through too fast for me to open netstat in time.
Followiing the same steps, I was able to see the needed IPs as soon as I initiated a call to the user. However, sending a file or simply an instant message through Skype was still producing packets, so I was able to see the packets leaving through the Skype port as long as my Skype kept seeing the user online.
The filter I applied looked like this: ip.src==192.168.43.54 and udp.srcport==36327.
I went back to CMD and did netstat -nbt, and I did not see port 36327 (the port my Skype was using for that connection) being listed as in use, even during an active Skype session.
One tutorial which I tried to replicate was here:
https://sinister.ly/Thread-Finding-IP-Address-Through-Skype-CMD
The jist of the instruction is to open CMD as an administrator, and then use netstat -nbt
So, I am testing this theory. I am online right now with a friend, whose IP is 108.239.16.221. I also have about 20 other friends showing online at the moment. Lets see what CMD sees.
Here is my output from netstat -nbt
Number one, as you can see, IP 108.239.16.221 is NOT in the results for Skype connection. Second, upon closer look, the IPs that do come up are Skype and Microsoft IPs. I am guessing, their servers.
So, -nbt command is NOT for locating connections to individual Skype users.
See proof below.
| ||||||||||||||||||||||||||
United States| 91.190.217.44 IP address location & more: | |
|---|---|
| IP address [?]: | 91.190.217.44 [Whois] [Reverse IP] |
| IP country code: | LU |
| IP address country: |  Luxembourg |
| IP address state: | Luxembourg |
| IP address city: | Luxembourg |
| IP address latitude: | 49.6117 |
| IP address longitude: | 6.1300 |
| ISP of this IP [?]: | Skype Communications Sarl |
| Organization: | Skype Communications Sarl |
| 65.52.108.74 IP address location & more: | |
|---|---|
| IP address [?]: | 65.52.108.74 [Whois] [Reverse IP] |
| IP country code: | US |
| IP address country: |  United States |
| IP address state: | Virginia |
| IP address city: | Boydton |
| IP postcode: | 23917 |
| IP address latitude: | 36.6676 |
| IP address longitude: | -78.3875 |
| ISP of this IP [?]: | Microsoft bingbot |
| Organization: | Microsoft bingbot |
| 64.4.23.147 IP address location & more: | |
|---|---|
| IP address [?]: | 64.4.23.147 [Whois] [Reverse IP] |
| IP country code: | US |
| IP address country: | United States |
| IP address state: | California |
| IP address city: | San Jose |
| IP postcode: | 95141 |
| IP address latitude: | 37.3394 |
| IP address longitude: | -121.8950 |
| ISP of this IP [?]: | Microsoft Corporation |
| Organization: | Microsoft Corporation |
| 23.99.210.20 IP address location & more: | |
|---|---|
| IP address [?]: | 23.99.210.20 [Whois] [Reverse IP] |
| IP country code: | US |
| IP address country: | United States |
| IP address state: | Iowa |
| IP address city: | Des Moines |
| IP postcode: | 50307 |
| IP address latitude: | 41.6005 |
| IP address longitude: | -93.6091 |
| ISP of this IP [?]: | Microsoft Corporation |
| Organization: | Microsoft Azure |
I was told that it should be possible to track the IP in CMD during a file transfer (if I send that user a file), and it may be possible, but I do not know how to initiate the netstat fast enough for it to capture the file transfer in process. Unless I send a really large, the transfer seems to go through too fast for me to open netstat in time.
However, I did get to the desired resut (the accurate IP info) using Wireshark packet capture,
I got the idea from this video:
https://www.youtube.com/watch?v=jgKbO9R76yMFollowiing the same steps, I was able to see the needed IPs as soon as I initiated a call to the user. However, sending a file or simply an instant message through Skype was still producing packets, so I was able to see the packets leaving through the Skype port as long as my Skype kept seeing the user online.
The filter I applied looked like this: ip.src==192.168.43.54 and udp.srcport==36327.
I went back to CMD and did netstat -nbt, and I did not see port 36327 (the port my Skype was using for that connection) being listed as in use, even during an active Skype session.
No comments:
Post a Comment