spying instant messages of a certain address

[delphi]

Hi there!
I'm suspecting that my girlfriend is cheating on me, but to be sure I would need to log her conversations at the messenger. Well, the problem is that she knows that it would be really easy for me to log the chats if she used my computer, so she always goes to a lan house to chat at MSN. I know the time she connects because she is in my contact list, and my Windows Live Messenger Plus records all the events of people who enter or leave. She uses a web messenger (ebuddy.com).

Well, there are many applications that allow you to monitor the chatting on your computer, or any computer in the network. Then I think it should be possible to monitor the chatting on whatever computer she is, knowing it's IP address. And since I am able to communicate with her when she is online, maybe there is a way of knowing the IP adress of the computer she is on. Since my computer is 24 hours on, I could write a software to monitor that and record the conversations.

I still have to study the protocol of instant messaging to this version of Windows Live Messenger or to the Web Messenger she uses (that I believe is the same), to see if I can find a way to have access to the instant messages that are received and sent at her address (it's a @hotmail by the way).

What I know until now is that this type of messenger does not provide encryption, thats one thing in my favor... And I also know that if I knew her password, it would be a lot easier, because then I could change something on the configuration of the account, to foward the messages, I don't know...

I read also that a messenger user has to open an UDP port to the world, and that could be a way to spy on it.

Well, I am gonna have to study a lot to do that, and I don't even know if it's possible. I believe it is, but i am not quite sure. So if you guys could give me any help, I would appreciate. Thanks.

[Force4]

Unless you both are physically connected by hubs (and that is of course not the case), there is no chance that you can monitor her messaging or anything else, *at the state things are now*.

However, there are things to do to fix that up.
First of all, it would help a lot if you were on the same LAN. This way you could try some ARP poisoning, or any other "man in the middle" attack. Those will be way harder if you have to break the firewall of that LAN house you're talking about. Especially if its gateway does Network Address Translation (most likely if IPv4...).
And it would also help a lot if you administered that gateway (you could just turn on some Port Mirroring just like me and directly read my girlfriend's conver... huh what am I saying)

To sum up, just hide in the same LAN house she's going to! There you'll be able to try something at least.

But maybe if she stupid (and I'm not saying she is huh), maybe you could just make her download a little trojan/backdoor to do all the work for you. Just say it's some new real fun game .



But hey, there must be better ideas... I'm not one of those who reached 513 at Runaway Robot .
And btw, what am I doing?? Trying to help you spying on your girlfriend! Dude!!

[delphi]

Unless you both are physically connected by hubs (and that is of course not the case), there is no chance that you can monitor her messaging or anything else, *at the state things are now*.

Yeah, thats what I thought, I just wanted to be sure.

First of all, it would help a lot if you were on the same LAN.

That would be good, only that I don't have the minimal idea of what LAN house she is going, it's somewhere near her work, at a different city...

And it would also help a lot if you administered that gateway Laughing (you could just turn on some Port Mirroring just like me and directly read my girlfriend's conver... huh what am I saying)

Yeah even though I don't know where is the LAN house, I would like to know more about this, if someone could post links to material that talks about that or some other interesting things about those kind of tricks, that would be cool...

But maybe if she stupid (and I'm not saying she is huh), maybe you could just make her download a little trojan/backdoor to do all the work for you. Just say it's some new real fun game

That's the problem, she is smarter than me acctually, she wouldn't fall for that in a million years. And the LAN house probably has antivírus and a system where you need administrator privileges to install those kind of trojans.

But hey, there must be better ideas... I'm not one of those who reached 513 at Runaway Robot.

Yeah, I got to the level 25 of the mortal coil, just to be able to post, and I never wanna play that game again.

And btw, what am I doing?? Trying to help you spying on your girlfriend! Dude!!

Yes, you are. And that's the right thing to do, man! Believe it. Thanks a lot.

Considering all of the previous, there are few hopes for me. I was only thinking if there is a way of programming her mail server to save the sent and received instant messages somewhere I have access to. I don't know if that is possible, and if it is, I would have to know her password. And finding out her password is another interesting thing to discuss, hehe.

Well, any links to useful material, any suggestions, any ideas, will be welcome. Thank you all.

[Force4]

Considering all of the previous, there are few hopes for me. I was only thinking if there is a way of programming her mail server to save the sent and received instant messages somewhere I have access to. I don't know if that is possible, and if it is, I would have to know her password. And finding out her password is another interesting thing to discuss, hehe.

Well if she uses any computer at home at some point, finding her password is gonna be easy. There are so many keyloggers out there! (And if she also has her own windows username & password, it's most likely that you'll be able to find that one easily as well, assuming you guys are using WinXP.)

But I've no idea where that could lead you. Indeed, the MSN protocol is not related in any way with any mail server. Therefore, you won't me able to set up a forward directive or anything like it, that would target her instant messages (from the little I know of MSN clients). By the way, storing instant messages is up to the client configuration. Hey wait! If that client is interfaced by HTTP like ebuddy.com, then if any IM storing feature does exist, then it could be online... Then you'll be able to access it.
I don't know anything about ebuddy (and not that much either about MSN cilents anyway), but I would say ebuddy doesn't provide its users with such features. Or does it?

[megatron40]

Here's the problem I see. If you go and spy on her (yes it is spying), then she can't trust you. Trust is entirely lost. You lose anyway. Either try and win her solid or find someone who is more worthy of your trust or just talk to her about your fears. If she's a decent girl she loves talking about feelings so she'll here you out. If she isn't, then go with the second option.

[Force4]

Here's the problem I see. If you go and spy on her (yes it is spying), then she can't trust you. Trust is entirely lost. You lose anyway. Either try and win her solid or find someone who is more worthy of your trust or just talk to her about your fears. If she's a decent girl she loves talking about feelings so she'll here you out. If she isn't, then go with the second option.

You really make me feel like the stupid bad guy .

[delphi]

Here's the problem I see. If you go and spy on her (yes it is spying), then she can't trust you. Trust is entirely lost. You lose anyway. Either try and win her solid or find someone who is more worthy of your trust or just talk to her about your fears. If she's a decent girl she loves talking about feelings so she'll here you out. If she isn't, then go with the second option.

But the value would be greater if I could rub that on her face, you see? And also, I would be admitting that I couldn't hack her chat, and I have my pride to keep. And also I don't fear she is cheating on me. I just would like to know, and if she is, that's ok. And it's also for the profit of the community. Knowing how to spy on messenger could be useful for the community. The government can already spy on that anyway. And also that if I reach to spy her, it would be so much fun!!!

You really make me feel like the stupid bad guy

You're the bad guy but you are not stupid... yeah dude!!

Indeed, the MSN protocol is not related in any way with any mail server.

MSN asks for a "Instant Message Address" when you first register, and that's the address through wich the messages are gonna be sent and received, therefore, the protocol has to be related to the mail server, am I right?

If that client is interfaced by HTTP like ebuddy.com, then if any IM storing feature does exist, then it could be online... Then you'll be able to access it.

Yeah dude, I don't know if ebuddy provides that feature, I believe it doesn't. But every message has to pass through ebuddy server before reaching it's destiny, then enters the "man in the middle" attack that you talked about. Don't you think that something could be done in this sense?

And also, all the data that is interchanged through internet in this city, must come and go through the same array of optic fiber cables, then I could ask somebody that works in the communication companies to configure the multiplexer to save filtered data that interest me. Ok, I'm traveling too much now, forget about it...

[Force4]

MSN asks for a "Instant Message Address" when you first register, and that's the address through wich the messages are gonna be sent and received, therefore, the protocol has to be related to the mail server, am I right?

Completely wrong, but that's okay. Instant messaging is not going through any MX server. It has its own communication process: that's why it's called a protocol. By the way, when your register you can specify any random (not related to Microsoft, but valid, ie. capable of receiving mail) email address as long as you attach a Microsoft "Passport" to it. The email addresses are only used as usernames in that specific process of instant messaging. And it's a general fact with all the existing IM protocols. Take Jabber for instance, here's a little extract of a quick PHP implementation:

Code: Select all

$JABBER->username = "myemail@gmail.com";
$JABBER->password = "mypwd"; 

Well it doesn't tell you much I guess. Oh!... Something more specific, email exchanging uses TCP ports 25 (SMTP), 103 (POP3), and 143 (IMAP),... whereas MSN uses port 1863! It's just two different things.

Yeah dude, I don't know if ebuddy provides that feature, I believe it doesn't. But every message has to pass through ebuddy server before reaching it's destiny, then enters the "man in the middle" attack that you talked about. Don't you think that something could be done in this sense?

Well it might, "anything is possible". I just don't see how! As far as I'm concerned, unless ebuddy (or whatever online client she uses) doesn't provide the users with online conversation storing, then you're screwed. Or at least, I can't do any better. (But again, I can only reach lvl 180 at Runaway Robot .

And also, all the data that is interchanged through internet in this city, must come and go through the same array of optic fiber cables, then I could ask somebody that works in the communication companies to configure the multiplexer to save filtered data that interest me. Ok, I'm traveling too much now, forget about it...

There you go . Well that reminds me of some colleagues of mine that were supposed to protect the entire information system of a 1000-people company. With one little program (Snort) on the firewall, they were reading all the MSN conversations of that company. (That's how we are having fun at lunch break Not very professional, but some stories were worth it!)

[megatron40]

You really make me feel like the stupid bad guy .

Sorry. Unintentional :p

Pop3 port is 110.

Bah. If she's cheating on you, she's not worth spending time on. If you can't trust her, then she's not worth spending time on. Keep your pride. It's only lost if you can be a man about it (don't rub it in ). Could be useful maybe... but it's also an invasion of privacy. Assuming she's cheating, she's a sick girl, but it's still her privacy, which could get you in trouble.

The fun part isn't spying on her per se, the real fun is knowing how to do it! Figure it out, sure. Add it to your arsenal of hacks. Then go find a proper girl. You lose nothing, and you gain everything.

If you like the soaps though, then more power to you.

[Force4]

Pop3 port is 110.

My bad.

Also I concur, the real fun is achieving the challenge!
Why don't you just talk about it with her? (After you got her IM logs of course, and not read them.)
Let me guess, easier to advise than to actually do?

[megatron40]

Always!

[delphi]

Yeah that's right. The fun is not reading the messages. The fun is knowing how to read without permission.

To read with permission is not as fun as to know how to read without permission.

And if I am a criminal because I spy, then she is also a criminal because she is adulterer (maybe, I'm not sure). But if she had nothing to hide, she would be using MSN at home, don't you think? She doesn't even open her email at home, cause she knows I have keylogger.

Well, I promise I'll study about that after my body gets rid of all the alcohol. Merry Christmas to you guys.

[Protov]

You could try to get her Pc in an Virtual private network with you, things should be a lot easier if that is done.

[PaRaDoX]

No.

The solution to your spying problem is to NOT SPY.

Even if you do find something, you are more in the wrong than she is, since cheating is not a felony (unlike what you are trying to do).

Why create conflict? Don't retaliate (with spying) to a perceived threat which may not even exist. At most, you lose your girlfriend this way, rather than losing your freedom.


In other words, why sacrifice a lot to gain a little?

[Liidian]

Please! FFS! WE DONT WANT TO KNOW THE STORY!
2nd, Atleast i am not here for helping people btw. "Then why're you here bitch?!?!" I am here for the lulz