I've done the webbugs in emails before, the problem is anymore most email clients seem to turn off image loading by default.
Adrian On Mon, Sep 21, 2009 at 10:07 AM, Allen Deryke <[email protected]>wrote: > Yeah, but excel prompts about this stuff so much that most people would > just click "ok". > > Also links to external images in emails or docs is a great way to pull this > off. > > -- Allen Deryke > > On Sep 21, 2009, at 9:47 AM, Adrian Crenshaw <[email protected]> > wrote: > > But would that illicit a warning? > > Adrian > > On Mon, Sep 21, 2009 at 3:23 AM, Dimitrios Kapsalis <<[email protected]> > [email protected]> wrote: > >> The only way I can think of this occuring in a word doc is to write a >> macro. >> >> The macro can just ping your box, this should be enough to get the IP. >> >> On Mon, Sep 21, 2009 at 2:56 AM, Andrew Ellis < <[email protected]> >> [email protected]> wrote: >> >>> You could add a tab to firefox's default tabs (the ones it loads on a >>> new session) that points to a webserver you control. Eventually, the >>> stolen laptop's new user will open firefox anew and you'll have the >>> new IP. Obviously if the person stealing your box mounts the drive >>> rather than logging in, this won't help. >>> >>> -andrew >>> >>> On Sun, Sep 20, 2009 at 3:49 PM, Adrian Crenshaw <<[email protected]> >>> [email protected]> wrote: >>> > I recently had a conversation with an author about webbugs, and it >>> brought >>> > another idea to mind. I seem to remember John Strand saying something >>> about >>> > Val Smith doing something with detecting insider threats by leaking a >>> > document and seeing who opens it. (sorry I can't remember more). >>> > >>> > Here is the question, anyone know how to make a doc/docx/pdf load >>> something >>> > from an external site so you can at least find the ip of someone who >>> opened >>> > the document? >>> > >>> > Thanks, >>> > Adrian >>> > >>> > _______________________________________________ >>> > Pauldotcom mailing list >>> > <[email protected]>[email protected] >>> > <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> > Main Web Site: <http://pauldotcom.com/>http://pauldotcom.com >>> > >>> >>> >>> >>> -- >>> Andrew Ellis >>> <http://www.samurainet.org/blog>http://www.samurainet.org/blog >>> _______________________________________________ >>> Pauldotcom mailing list >>> <[email protected]>[email protected] >>> <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: <http://pauldotcom.com/>http://pauldotcom.com >>> >> >> >> _______________________________________________ >> Pauldotcom mailing list >> <[email protected]>[email protected] >> <http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: <http://pauldotcom.com>http://pauldotcom.com >> > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: <http://pauldotcom.com>http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
