SHARE
TWEET

How a dox is performed by @WodX#1337

WodX Jun 17th, 2019 (edited) 260 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. HOW TRUTHGAMINGS FINDS PEOPLE'S IP-ADDRESS AND PERSONAL INFORMATION by @WodX#1337
  2. #TODO: DNS lookup guide, add more contact information sites, Maltego guide, Recon-ng guide, reverse image search guide, finding deleted information guide, ranking information difficulty, fix misspellings, incorrect grammar etc, getting specific information like phone number, family members etc.
  3.  
  4. #FAQ
  5. Q: Is it illegal to dox someone?
  6. A: No, it's not illegal to dox someone, as long as all the information you've gathered is public.
  7.  
  8. Q: Can I share the dox without getting in trouble?
  9. A: Sharing a dox document is illegal and can get you in trouble.
  10.  
  11. Q: Is it easy to perform a dox?
  12. A: No, it's not easy to perform a dox, and it takes a lot of practice to perform a propper dox.
  13.  
  14.  
  15. NOTE: terms are mentioned at the bottom of this document. If you find a strange word, you'll most likely find the definition at the bottom. I'm updating this document almost every single day. Remember to stay updated!
  16.  
  17.  
  18. Happy reading! :)
  19.  
  20.  
  21. #GETTING A TARGET'S IP-address AND HOW TO TRACK THEIR ISP (IP-SNIFFING AND -TRACKING)
  22. IP-sniffing can be useful to get the about-location of your target, or with other words, the location of your target's ISP (internet provider), which is always located close to your target.
  23.  
  24. #IP-SNIFFING THROUGH NETWORK TRAFIC
  25. In order to pull someone's IP-address, you need to have a socket between your machine and your target's machine on the services port. This can be done by e.g. making your target join your party. Note that this depends on what service you're using. E.g. on Discord, when you call somebody, both you and the person you call connects to a server. This makes it impossible for you to pull their IP-address. Skype on the other hand, doesn't use servers for calls. You can simply create a socket between your machine and your target's machine, when the target accepts the call. When you've created a socket between your machine and you target's machine, launch either Wireshark or LANC (or any other network analyzation tool) and select your active Wi-Fi adapter. If there are a lot of network activity going on, on your network, you might need to filter out the irrelevant data. In Wireshark, this can be done by using the command line '<TP> && <TP>.port == <PORT>' - change <PORT> to the port of your socket and <TP> to either 'tcp' or 'udp' - depends on what transport protocol your socket is using. Truthgamings said himself, that he uses Wireshark, LANC and Cain and Able to pull his targets IP-addresses. I recommend you using only one of them, as they all do the exact same thing.
  26.  
  27. #TARGET ISP TRACKING USING THEIR IP-ADDRESS
  28. When you've found your target's IP-address, you can use an IP-locator website like https://ip-tracker.org/ (the one Truthgamings is using).
  29.  
  30. #IP-PULLING USING AN IP-LOGGER (LINK)
  31. You can use an IP-logger to get your target's IP-address and other useful stuff like user-agent which contains the name of their machines OS and browser. This method of pulling their IP-address might be difficult, as it requires social engineering.
  32.  
  33. #EXAMPLE OF IP-LOGGERS
  34. https://blasze.com/
  35. https://grabify.link/
  36. https://iplogger.org/
  37.  
  38.  
  39. #GETTING PERSONAL INFORMATION ABOUT YOUR TARGET (DOXING)
  40. There're a lot of different methods to gather personal information about your target. You can use reverse username search sites, or even just Google, thee search engine. The one I'd recommend is using Google as your tool.
  41.  
  42. #REVERSE USERNAME SEARCH WITH GOOGLE
  43. Step one to gather information about your target, could be by simply googling their username. You might stumble upon some of your target's social media accounts, or forum posts and comments made by them. Whenever you find anything related to you target, it's very important you fully analyze the website, to find as much information as possible about them. On forums, you might find their email-address, birth date etc. On social media, you can look up who's following them and who's liking their posts. Remember that on e.g. Instagram, they might've written their real name in their bio. NOTE that it may be difficult to gather information about your target, if they don't use a unique username like "BastianCoolGuy08". In some cases, you can even gather information by looking at their username, like the example I mentioned before. "BastianCoolGuy08" - We can guess, that the target is from the year 2008 (10-11 years old), and their first name might be Bastian. If you find your target's Youtube channel, go look on their "about" page. You might find some helpful information like business mail (might be their personal mail if they are not famous), age etc. Just analyze any link that could potentially reveal any information. Youtube videos, Youtube comments, Steam groups made by them etc. Everything related to any kind of social media.
  44.  
  45. #SOCIAL ENGINEERING
  46. You could gather information about your target, by simply making your target give it to you. This might sound dumb, but if you know how to social engineer, this might be an easy method.
  47. Easy information to gather by using basic social engineering: their country, first name, age, month or year of birth, PayPal mail etc.
  48.  
  49. #DISCORD
  50. Believe it or not. Discord can be very useful to gather information about your target, as they might've linked their social media accounts to their Discord user. This saves you a lot of time. Make sure to use this method if you have the chance!
  51.  
  52. #REVERSE USERNAME SEARCH WITH WEBSITE
  53. Truthgamings said that he used reverse username search tools to dox his target in the African rebel video. He could've used sites like https://usersearch.org/ or even downloaded tools like drizzy's dox tool. I, myself, haven't used a dox tool once for performing a dox. That proves, that it's not an essential thing to use a dox tool, to perform a dox.
  54.  
  55. #USERNAME HISTORY
  56. You could gather information about your target like their first and or last name, age, year of birth etc. by looking at their old usernames.
  57.  
  58. #USEFUL SITES FOR USERNAME HISTORY LOOKUP
  59. Minecraft: https://namemc.com/
  60. Steam: https://steamid.uk/
  61. Discord: https://yagpdb.xyz/ (bot) - this requires social engineering, as your target has to join a server with the bot.
  62.  
  63. #GETTING YOUR TARGET'S ADDRESS
  64. If your target's age is less than 18, and you know the name of their mother or father, you can use contact information sites, to get their address. The site depends on which country your target is from.
  65.  
  66. #CONTACT INFORMATION SITES
  67. https://www.whitepages.com/ - multiple countries
  68. https://krak.dk/ - Denmark
  69. https://118.dk/ - Denmark
  70. https://www.degulesider.dk/ - Denmark
  71.  
  72.  
  73. REMEMBER: it's not possible to dox anyone. Some people are good at hiding their identity online.
  74.  
  75.  
  76. #DOX TEMPLATE - USE IT IF YOU WANT
  77. https://pastebin.com/qXf2w3bm
  78.  
  79.  
  80. #LIST OF PORTS - CTRL + F to find the port for your service
  81. https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers/
  82. https://pastebin.com/dE5PUb9h
  83.  
  84. #USEFUL TERMS
  85. Machine = computer.
  86.  
  87. Port = port is like a gate to a specific part of an IP-address. E.g. port number 80 and 443 is used for webservers (websites). You can run multiple servers on the same IP-address thanks to different ports. The port will make sure you end at the right destination of a server, when creating a socket to the server.
  88.  
  89. Target = a person you focus on.
  90.  
  91. Dox = getting personal information about a target.
  92.  
  93. Wireshark = a popular tool for network analyzation.
  94.  
  95. LANC = a popular tool for IP-pulling/sniffing. This tool is very user friendly for beginners, as it has a simple graphical user
  96. interface and it shows only the information you need.
  97.  
  98. IP-pulling/sniffing = getting someone's IP-address by analyzing your network traffic.
  99.  
  100. IP-address = Internet Protocol address, used to define your machine on WAN.
  101.  
  102. WAN = Wide Area Network, the whole internet.
  103.  
  104. Network analyzing = Monitoring, capturing and reading packets from in- and outgoing connections.
  105.  
  106. Socket = a connection where a client and a server are communicating, by sending and recieving packets from each other.
  107.  
  108. Client = an user that are connected to a server.
  109.  
  110. Packet = message you send and receive from a server or client.
  111.  
  112. TCP = Transmission Control Protocol is a transport protocol. This type of protocol is used for among other, when packets needs to get received in the correct order. This type of protocol is especially used for game servers.
  113.  
  114. UDP = User Datagram Protocol is a transport protocol. This type of protocol can e.g. cause packets to get received in an incorrect order.
  115.  
  116. Social Engineering (SE) = tricking or manipulating your target into doing something or giving out useful information about something. This term being is used a lot in the hacking industry.
  117.  
  118.  
  119. #VISUALISATION OF HOW IP-SNIFFING WORKS by @WodX#1337
  120. https://imgur.com/a/uv2p3Hc/
  121.  
  122.  
  123. #DOWNLOADS
  124. Wireshark: https://www.wireshark.org/download.html
  125. LANC: https://mega.nz/#!baJVHAqB!S3aDWYZc-KFEgsJJ23vZVY7ovHyXeiaIfHugo56bf2w
  126. Dox tool by drizzy:  http://drizzybot.com/releases/download.php
  127.  
  128.  
  129. This document was written by @WodX#1337.
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top