So I was thinking about Email today, and how to track down those damned spammers.
They consider they are protected, because they sit behind an ‘hidden’ email account, usually one at Google or MSN.
At first it seems like it would not be possible to find out the TCP/IP address of someone you send an email to, especially as the email is a package that is delivered to a mail account and the mail account is read at random.
But consider If we set up a web server, that served uniquely encoded images.
Now when their email client renders the email on THEIR computer, their computer will make a TCP/IP connection to our image server, once that is done their TCP/IP address will be logged and we can then start to build up a Geo-location map of where they are.
Potentially if we construct our server correctly, as soon as the image is requested we can then launch an exploit against the requesting computer.
This would seem to make rather an interesting ‘plug-in’ for metasploit.