Catch Catfish on the Internet with Grabify Tracking Links [Tutorial]

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

gratify is an IP logger and tracking link generator that was recently featured on MTV's catfish as a way of determining whether or not someone was being honest about their location today we'll explore the ways you can track and be tracked on the Internet on this episode of cyber weapons lab [Music] [Applause] [Music] lots of websites on the internet track you today and grab a Phi is a tool that allows you to access the benefit of all these tracking technologies this is useful for anyone from people looking to validate whether or not someone's a catfish to people looking to check up on their own security and today I'm excited to introduce Joel who goes by J links the creator of the tool who's going to explain who is for and what it's capable of thanks Cody so it gratifies one of my projects that I've been working on for a while you can access it by going to my personal website J links dotnet or simply googling grab a fight perfect so what exactly is grab a fight for and who is it useful for so grab a fight can be used for many things people out there use it simply for a URL shortening but it also has other purposes such as people have often used it for catching catfish so being able to tell whether a person is real or fake you can tell that by looking at the login which we'll get into a bit later on it can also be used for security analysts developers and just being able to see analytics on links that people have been clicking so if I'm for example a person who's maybe getting messages from someone that's not being honest about who they really are what are some ways that someone could possibly give themselves up by clicking out a link like this well that's quite easy first off you need to create a link so let's create one for example.com now here you can actually enter any URL you want so it could be a link to an image a Facebook profile a website anything you want after you've entered it in simply click on create URL and I agree to the Terms & Conditions next you'll be greeted with your tracking page this is where you'll see all your logs and all your results so back to your original question if we sent this to someone that we weren't too sure about and we have them click the link we're going to use me as an example here it simply redirects me to example.com which was the link I originally which you'll see at the top here now if we were to refresh the tracking page we would see that we now have one result if we're to click on this result you can see that the person's location is Australia based in Sydney their browser the operating system the whole user agent and their ISP along with some other information from here we can derive whether they real or fake based off the information they have been telling us so that was really fast and I also noticed that there were some gratified links that returned a lot more information why is it that some gratified links are virtually have no signs that you're being tracked and others might have a redirect page and return a little bit more data this is because some of the links require a page to be rendered so if we turn on smart looking for example and then we copy that link and go to it again you notice a slight redirect page and their translator and then it redirects us to again example.com now if we go back here and refresh the page you will notice that we now have two links if we click on the last link you'll notice that there is a lot more information compared to that first link let's click on that first link again and now let's click back on the second link as you can see there is lots more information Smart Lipo allows us to log a lot more than what a simple what a normal grab if I link would do so as you can see we've got the standard stuff IP address date time country but now we've also got a few more things such as battery so you can see what percentage the battery is at charging the orientation of the device the timezone their language if they're using an incognito window or not if they're using an AdBlocker screen size in local IP again we've got browser operating system user agent and all the other stuff such as hostname is p in any referring URLs now before you had mentioned a couple things that were particularly difficult to hide and if we were using browser extensions or something else to try to mask this information you mentioned that things like the battery percentage and whether it was charging or not the orientation or even some things that are more difficult to change or people might not think to change like the language on the time zone could give away someone who otherwise was doing a relatively good job of hiding who they are yes that's correct it's easy enough to check on a VPN to hide your address but that only hides your IP address there's many more things that can be logged as you can see in front of us now I have personally got on a VPN myself so this is my VPNs IP and I have set the country to be Australia but you can also see that we have a time zone here now this time zone for recording purposes are also spoof of spoof this to be in Auckland which if we google Auckland we can simply see that there is in New Zealand so from here we can assume that the user is using a VPN because the real time zone is still set to Auckland another way to figure out if they're using a VPN is based off the local IP now usually a VPN would be ten point something something something that's a good way to tell usually if they're not on a VPN the IP will be 192.168 and then so on so with us it's kind of seems like not only can you identify the device that was used to send the information you can even identify it perhaps like which network they were on at a given time if it was something that had maybe unique IP is like a university or a coffee shop network that maybe wasn't the usual one this totally great you could do that it's very common for universities to have different subnets for their local IPS in different areas so just by someone clicking a link you could potentially see that they were in the library or in the cafe based off the subnet of their local IP so on the reverse side how would we see how for example a browser extension or something else that spoofing our user agent would be able to protect our privacy and hide us from tracking tools like this so a lot of this information here is actually derived off of the user agent such as the browser the operating system and a few other things now changing our user agent to spoof let's say an iPhone will change this information to say that we're using iOS and we may be using Safari doing something like this can spoof gratify into thinking you're a different device so if we were dealing with someone who might be a little bit more tech savvy and find something like a grab a filing suspicious are there ways that we might be able to still manage to get their information as well yes definitely so there's a few different things we can do if you don't like the idea of sending something access grab a file Inc we can quite easily change this to something completely different there's a few different ways the first one is clicking on you other link shorteners now here we've got a different a whole bunch of different link shorteners so for instance let's use a google one now we've got this link here we can simply copy it paste it in and again we go to the same example page and if we refresh this we'll see that we will have three locks now there's another way you can also change the domain and make the link custom so for example if we wanted to change it to be dark P&G or okay let's change this let's go let's make it look like f form so we can say show thread ID equals this and then we won't have dot JPEG on the end and let's go and change the domain to something like BMW form no we can simply copy this link paste it in and as you see this looks like a legitimate link to a BMW forum we go to it the perfect link for any the perfect trap for any BMW enthusiast exactly so they click on this and then again they're taking to example domain now remember this link that we're taking him to it can be anything you want at the start we just entered example.com now if we go back here refresh the page you'll see that now we've got four locks and that's a few ways that you can use gratify thanks to Joel's demonstration you can see how the average user might use grab a PHY to identify a catfish or even see if their own devices are leaking too much information now while there are some limitations for tracking tech-savvy users who might be using a VPN and a user agent spoofer grab a thigh is in general a great tool for determining whether the person on the other end of an internet connection is being honest if you have any other questions about grab a pie you can check out the null byte article linked in the description that's all we have for this episode of cyberweapons lob make sure to LIKE comment and subscribe and if you have any ideas for future episodes send me a message on Twitter because I'd love to hear from you we'll see you next time

Info

Channel: Null Byte

Views: 640,304

Rating: undefined out of 5

Keywords: wht, wonderhowto, nullbyte, null byte, hack, hacking, hacker, hacks, hackers, how to hack, howto, how to, tutorial, guide, cyber weapon, cyber weapons, cyber, Grabify, jLynx, Tracking Links, Catfish, Catching a catfish, Windows, mtv, catfish the tv show, tv show, mandy, jose, mtv catfish, catfishing, deceptive, social engineering, trolling, web, social, social networks, facebook, twitter, tinder, identity, device details, ip address, location

Id: lru-UWQ06I0

Channel Id: undefined

Length: 10min 40sec (640 seconds)

Published: Fri Apr 26 2019