IRCspoofing.shtml

Complete guide for newbies to spoof one's identify on IRC


Lots of people have always wondered how to go IRC totally anonymously, meaning how to fake their IP or how to get kewl address like "gates.is.owned.a0l.hax0rz.com". In this small text I try to explain how this spoofing can be done in practice.

The easiest way to fake your real IP is connecting to an IRC server throught Wingate or Proxy server. This can be done by inputting the proxy's or wingate's address and port to your mIRC client's firewall part (goto Options -> Connect -> Firewall). Make sure you are using proxy server and you have checked the "Proxy" protocol, if using Socks4 firewall you must check the "Socks4" protocol and so on.


You may be now asking where do I find these proxys and wingates, it's easy to find working proxies but working wingates can be fairly rare. Take a look of Cyberarmy's proxy-list page first http://www.cyberarmy.com/lists/proxy, next you may want to go to a normal search-engine, such as google.com and look for words "proxy list". NOTE, not all proxys/wingates allow you to use them, so go throught a list and test what ones can be used to bounce you into IRC.

Next i'll explain how u may go to an irc server with a kewl address such as (op.me.so.i.can.mass.deop.com). In order to be able to use that kind of kewl addresses you have to buy a shell account with vhost support (or obtain the information of a shell account by asking a friend etc.). There are lots of Shell providers out there and buying an basic bouncer account is not that expensive, my shell account from strategical.net was $5 a month, so it's not that expensive isn't it? (Bouncer take a note: Strategical.net seems to be an ultimate shell provider 'cause I have paid for only one month and now I'm using it 4th month, and I have never had any problems with their services, vhosts are fast and always up). However you have to be at least 18 years old to buy a shell account, so you may have to ask your mother, father etc. to buy it for you (I wouldn't suggest credit card payment, but instead look for providers that accepts cheques or money orders). When you have an account up, you open up a mIRC client and connect to the shell provider (/server strategical.net 37612), in that example you shell providers address is strategical.net and the port where their BNC daemon is listening on is 37612. Next it will ask for a password, you would type following: /quote pass mypass. Then you choose a vhost to bounce throught, and then when you know what one to use you type /quote vip vhost.ya.chose.here. Now you can connect to an IRC server, type following: /quote conn irc.server.here 6667. Now if your vhost isn't banned from that server/network you can chat there just as normal.

I don't have a shell account and I don't want to pay for having one, is there any other way to connect to IRC except wingates/proxys?

yes, I first explain WinBNC and how you can bounce throught your friends address who is running a WinBNC daemon for you. WinBNC daemon is similar to BNC daemons that shell account providers are running on their servers, offering password protection, vhost support etc. So, you have to have a friend who is willing to let you bounce throught their address to the IRC server. Obviously they need to have WinBNC daemon software (if they are on an other operating system than Windows they need BNC, ezBNC etc. daemon what is made for other platforms) so you could connect throught their computer and address. Just go for some web search-engine and look for winbnc etc. Before your friend runs the daemon for you he have to specify listening port, password and admin password, it may be recommended to specify the list of IP/DNS's that can use the BNC (this list must of course include your IP so you can connect to you friends BNC). This configuration can be done modifying bnc.cfg file that comes with WinBNC package using notepad or some other text-editor. Setting the correct values is very easy and it is well explained in the bnc.cfg file (just read the instruction on bnc.cfg file and you'll be fine). Now, when correct values is set your friend opens hes MS-DOS prompt and goes to directory where the WinBNC was unzipped and runs the bnc.exe file. Then they give their IP address, their WinBNCs password and port to you and now you fill these values to your IRC client for ex. /server 144.64.24.100 porthere passwordhere. When connected to your friends WinBNC you simply type /quote conn irc.server.here ircserversport password (note that your friend for pretty sure doesn't have vhosts so you can connect using hes address only).

Take a note that there are other bouncers that can be used to do the same job, but usually they have features for spying and other non-wanted activities so I recommend you don't bounce throught these kind of bouncers even if someone offers you their 'lame' bouncer to use.

If you don't have a friend who would run a BNC for you, there are still methods for anonymous IRC'ing, lets take a look of one useful feature that SubSeven trojan offers. The feature we are after for is port redirect, it can be used to redirect all data to its destination (for ex. to IRC server) throught the SubSeven victim, meaning the destination host is not communicating with you, instead it's communicationg only with the SubSeven victim, so there will be no traces of you on the destination host (the SubSeven victim is running a kinda BNC for you without knowing about it).
Once you have a SubSeven victim you must connect to it with your SubSeven client and set up the port redirect. It asks input port, output port and output host, input port is the port where you connect with you IRC client, output port is the port of IRC server and the output host is the destination IRC server where we want to connect. Now, you should input something like 2000 to the input port field, 6667 or what ever port where the IRC server is listening on to the output port field and the IRC servers address to the output host field, for ex. irc.pdq.net.

Now when you have done that you can close you SubSeven client and open up your IRC client. There in IRC client type following: /server sub7victimsip inputportyouspecified (for ex. /server 212.213.100.2 2000). Now it connects you to the specified IRC server with your victims IP address (you can check it by doing a /whois on yourself).

You may have heard about Freedom project (http://www.freedom.net), it's made to give their clients (customers) full anonymity over the Internet. It works good on IRC, web browsing, mail, telnet etc. but I heard they are not giving free trials anymore, so you have to pay for having their services. Go check their page, maybe you are interested in their offers, but I wouldn't pay to them 'cause basically you can get the same anonymity by other (free)methods.

Also, you may have heard Blackangel project by The Hackology Network (http://www.hackology.com), this Blackangel sounds fascinating and hopefully they in Hackology have strength to finish that project and get it done soon.


Hyperlinks
http://www.hackology.com

Credits and Greetz
hypnosis <hypnosis@mbnet.fi>, Hal <Ph4ra0h@aol.com>

EOF