We have already seen in previous articles the basic methods used by a pentester, and we have seen that the first step used is the collection of information on the target (IP address, operating system, browser version, etc.
These are deployed to detect the faults of a machine on a network in order to better secure the latter.
In this post, we will see together how get a person's IP address when opening the email and other information with a technique called Email Tracking. It's a quick and easy technique.
It consists of using web services that allow you once the sent mail is read, to resend an email to the sender with several information such as:
- The recipient's IP
- Internet browser
- The access provider
- The opening hour of the email
These services can be used within the framework of a company wanting to know if the recipients read the emails sent and if so, for how long. By the way, that's the main purpose of these services, but not for pentesters.
Indeed, there are several services that allow this type of operation such as SpyPig, didtheyreadit and ReadNotify.
Here we will do a demonstration with didtheyreadit.com.
I won't go into too much detail, but after signing up to didtheyreadit.com, just send an email from your email account just adding “didtheyreadit.com” to the end of the recipient's address.
For example, to track an email sent to "firstname.lastname@example.org", send it to "email@example.com".
Of course the recipient will not see his email address as such.
Once the email is sent, it will go through the didtheyreadit.com mail server which will add a certain number of codes to your email which will be activated each time the recipient opens the email.
Once the recipient reads your message, a full report will be sent to your email address. You will then obtain information such as the location of the PC, the browser used, theperson's IP address and many others.
Make good use of it!