Topic: [joe is dead] http://findmeifyoucan.eu - page 2. (Read 7043 times)
We should do that again some time.
Well done MelMan2002! I found a few grammatical errors, but didn't spend much time on them thinking I'd find him going the technical route.
I didn't embed the Flash into my post (just a tracking image), I had a link in my post to a blog post (don't know whether you clicked it), and it was that page that hosted the Flash.
I didn't see 85.17.* but there was 85.127,* and 85.28*
I need a life, I spent far too long on this
Quote from: joe23
This could well have worked, I didn't protect against that.
I'm not sure how you embedded flash, can you explain? just![]()
blah.swf or what?
Do you see 85.17x.xxx.xxx in your logs?
If you use Tor, you should disable JavaScript, and certainly disable plugins (such as Flash, QuickTime, DivX, ActiveX, etc).I'm not sure how you embedded flash, can you explain? just
Do you see 85.17x.xxx.xxx in your logs?
I didn't embed the Flash into my post (just a tracking image), I had a link in my post to a blog post (don't know whether you clicked it), and it was that page that hosted the Flash.
I didn't see 85.17.* but there was 85.127,* and 85.28*
I need a life, I spent far too long on this
Quote
I really am the only one who mistypes sr like that.
There is also a user on Silkroad forums that mistypes the SR like that. 
I'll leave this here to freak you out instead: 
Very interesting.Would be more interesting if it showed the IP of the last person that viewed it.
http://amibehindnat.com
If I can get you to follow a similar link to my server, I can see your real IP address regardless of VPS, and I could log it and show it to everybody. That uses Java, which could even send traceroutes out from the user and report back their full IP route to the server. Of course if you have Java and follow a link, you are now PwnD anyway.
I think MelMan2002 should get the full bounty, that was a good job by him.
I'm not really clear from reading the post about what technical issue you were supposed to have missed that wasn't covered by people already.
I'm not really clear from reading the post about what technical issue you were supposed to have missed that wasn't covered by people already.
It was a bulanula-style con trying to claim credit for the previous discovery and get free BTC, posts now deleted.
I think MelMan2002 should get the full bounty, that was a good job by him.
I'm not really clear from reading the post about what technical issue you were supposed to have missed that wasn't covered by people already.
I'm not really clear from reading the post about what technical issue you were supposed to have missed that wasn't covered by people already.
Quote
I am really a registered user in this forum since at least summer 2012.
Quote
Date Registered: January 26, 2011, 03:23:03 AM
I had a hunch it would not be specifically spring or summer of this year. This thread just goes to prove: Words mean things!
MelMan2002, would you be ok with splitting the bounty with Sans-EXP if he presents the info on how he caught me?
Like you said before, you make the rules. I'm perfectly happy with 7btc.
If it makes you happier, it was more than a stab in the dark. I went through all of joe's posts looking for spelling/grammar oddities and kept searching the forum to look for trends. It took me a few hours actually. And when I found a pretty good match with molecular I went through many of his posts to see if anything seemed to convincingly disprove my theory.
I almost gave up a couple hours into it because I wasn't sure that I was getting anywhere...
Anyway - it was a lot of fun. Thank you very much!
I'll leave this here to freak you out instead:
Very interesting.Would be more interesting if it showed the IP of the last person that viewed it.
This was a great idea..... too bad your damn typing error got ya 
Toldja the way you type will be your undoing 
Once again the human element is the softest part...
I triedthe panopticlick service with a few browsers:
1. standard firefox profile, with tor proxy set (as OP did for this thread [with chrome])
2. torbrowser bundle
3. torified w3m
Results are:
1. unique browser fingerprint (in over 2.5million tested!)
2. 1 in 4400 browsers have the same fingerprint
3. 1 in 500000 browsers have the same fingerprint
So - like I suggested earlier - don't use w3m as an anonymous browser!
edit: just in case it's not clear - torbrowser bundle is the best of the bunch. Can anyone get better?
1. standard firefox profile, with tor proxy set (as OP did for this thread [with chrome])
2. torbrowser bundle
3. torified w3m
Results are:
1. unique browser fingerprint (in over 2.5million tested!)
2. 1 in 4400 browsers have the same fingerprint
3. 1 in 500000 browsers have the same fingerprint
So - like I suggested earlier - don't use w3m as an anonymous browser!
edit: just in case it's not clear - torbrowser bundle is the best of the bunch. Can anyone get better?
I'll leave this here to freak you out instead: 
I suppose this is a dynamic image. The server grabs your IP address, writes the text into an image and serves that image. Still wouldn't get you a TOR user's real IP address.The thing that freaked me out was that I misunderstood OpenYourEyes' post to mean he could embed arbitrary flash or java code into a simple HTML forum post AND make it execute on the victim's computer automatically and so, through these systems' bypassing of proxy settings, learn joe23's real IP. This would be a very serious security flaw, I expect.
Can anyone suggest a web page where the privacy of your web browser is tested? Like one that tries java, js, flash, html, php, other bug exploits to track an IP, even behind tor? I know panopticlick from the EFF. Anything else?
It really is quite amazing:
I really am the only one who mistypes sr like that.
I really am the only one who mistypes sr like that.
Is your IP at all 24.143.xx.xx or 217.114.xx.xx (xx'd for privacy), or are you Smoothie, or someguy123. (Took a few stabs there).
I'm in the process of doing an explanation for my results.
My original intention was to try and use Flash to log your true IP:
Plugins such as Adobe Flash don't normally respect your browsers proxy settings (this must have changed recently, or I went about it the wrong way because it didn't work).
My post above contained a tracking beacon which was logging IPs & useragents; the link in
My original intention was to try and use Flash to log your true IP:
Plugins such as Adobe Flash don't normally respect your browsers proxy settings (this must have changed recently, or I went about it the wrong way because it didn't work).
My post above contained a tracking beacon which was logging IPs & useragents; the link in
This could well have worked, I didn't protect against that.
I'm not sure how you embedded flash, can you explain? just
Do you see 85.17x.xxx.xxx in your logs?
you wouldn't have found anything about the "initial funding transaction", I think. I "cleaned" the funds using silkraod, that 10 BTC "initial load" is a silkroad withdrawl.
You are molecular. He is the only one who mistypes "silkraod" like that.
1FV1BnSMYKDiqYtBtxZEhiT5TKg4TcDAKq
holy FUCK!
We have a winner.
Really, this is not how I thought it would end.
Melman2002 found me. One could argue it was a guess, but I think it was according to the rules (credible story and he wasn't stabbing around a lot).
Why did I only give 7 BTC so far?
Because I would really like to know the flaw Sans-EXP caught me overlooking
.What do you guys think. All 14 BTC to MelMan2002?
MelMan2002, would you be ok with splitting the bounty with Sans-EXP if he presents the info on how he caught me?
I must say, you guys are fucking awesome!
EDIT: a fucking typing quirk of mine got me, I really can't get over it!
EDIT2: domain for sale: findmeifyoucan.eu
EDIT3: too bad I can't ever do this again, it's been so much fun!
So if you ask him and he's ok with it, I will give him my consent to publish anything he has on me in this thread.
[email protected]
188.165.73.235
Ignores BitcoinINV
thanks, theymos.
Is your IP at all 24.143.xx.xx or 217.114.xx.xx (xx'd for privacy), or are you Smoothie, or someguy123. (Took a few stabs there).
I'm in the process of doing an explanation for my results.
My original intention was to try and use Flash to log your true IP:
Plugins such as Adobe Flash don't normally respect your browsers proxy settings (this must have changed recently, or I went about it the wrong way because it didn't work).
My original intention was to try and use Flash to log your true IP:
Plugins such as Adobe Flash don't normally respect your browsers proxy settings (this must have changed recently, or I went about it the wrong way because it didn't work).
Good idea is to use NoScript and Flashblock on by default (firefox). Did you find my ip: 82.128.xxx.xx?
However, I have enabled javascript in bitocointalk.
Hey fellow bitcoiners,
I am really a registered user in this forum since at least summer 2012. I set up this secondary, hopefully anonymous identity to give away some free bitcoins by ways of a challenge:
challenge:
I hereby challenge you to find the real me!
I set up a site on the net: http://findmeifyoucan.eu
I hereby promise to pay BTC 14 to anyone who provides one of the following pieces of information identifying the operator of findmeifyoucan.eu or (which is the same) the author of this post:
rules:
notes:
additional info leaked:
rewards payed for valuable feedback to:
feel free to ask any questions... I might be happy to answer... or not.
I am really a registered user in this forum since at least summer 2012. I set up this secondary, hopefully anonymous identity to give away some free bitcoins by ways of a challenge:
challenge:
I hereby challenge you to find the real me!
I set up a site on the net: http://findmeifyoucan.eu
I hereby promise to pay BTC 14 to anyone who provides one of the following pieces of information identifying the operator of findmeifyoucan.eu or (which is the same) the author of this post:
- forum account id of 'real me'
- my real name and (address or phone number or date of birth)
- any IP-address that could be traced to my real identity by authorities
rules:
- Rules are to be interpreted by me, in case of dispute, I am right, you are wrong
- you must post here one of the above infos and a bitcoin address to which the bounty should be sent
- you must provide a credible story of how you obtained the info
- a 'hunch' is not enough, no guessing
- I can change these rules at any time and will do so in OP (Original Post, the one you're reading)
- the state of the OP at the time of claim is decisive for the rules, so please quote OP when claiming bounty
notes:
- I'll give away small amounts of bitcoin to people pointing out flaws/mistakes/possible improvements regarding my anonymity
- speculation in this thread is encouraged
additional info leaked:
- theymous publishes the IP I use to access bitcointalk: 188.165.73.235
- theymos publishes PM in which I ask MysteryMiner wether he was one of the german guys wearing masks at the Conference in London.
- it is discovered that joe uses lastpass
- "real me"s timezone has leaked: "it indicates timezone somewhere near UTC."
rewards payed for valuable feedback to:
- MysteryMiner
- Jasinlee
- Openyoureyes
feel free to ask any questions... I might be happy to answer... or not.
you wouldn't have found anything about the "initial funding transaction", I think. I "cleaned" the funds using silkraod, that 10 BTC "initial load" is a silkroad withdrawl.
You are molecular. He is the only one who mistypes "silkraod" like that.
1FV1BnSMYKDiqYtBtxZEhiT5TKg4TcDAKq
Lol thats pretty funny they use a pig lmao
Jump to: