Remote logon used to get computer thief

[MIB]

WHITE PLAINS, N.Y. (AP) - October 2, 2008 -- A laptop thief got caught - after the computer owner tracked him remotely.

Jose Caceres said he used a remote access program to log on every day and watch his computer being used, and then tipped off police, leading to the arrest of a 34-year-old male suspect.

Caceres, 27, of White Plains, said his computer was stolen in early September when he left it on top of his car while carrying things into his home.

His first efforts to figure out who stole the laptop by logging on remotely were stymied, Caceres said. "It was kind of frustrating because he was mostly using it to watch porn," he said. "I couldn't get any information on him."

But then the suspect typed in a name and address to register on a Web site, and a few hours later, police caught the suspect.

The man was charged with grand larceny, said police Lt. Eric Fischer in Wednesday editions of the Journal News.

Tech-savvy victims are increasingly supplying police with information leading to arrests, authorities said. In May, a White Plains woman whose laptop was stolen also used remote access technology to sign on, then activated the stolen computer's camera and snapped pictures of the man using it.

"This is what happens when you have victims who get involved and use the available technology to their advantage," said Fischer, commander of the White Plains police detective division.

http://abclocal.go.com/wpvi/story?section=news/bizarre&id=6427276

[ErrorLoading]

Why would anyone ever steal a laptop and not format it before ever connecting it to any form of network?  Smarts.

[trevelyn]

laptops for the most part have integrated parts.  and the last time i quoted someone for a bummed mobo it cost 3/4 of the systems price.  Not every thief knows how to spoof a MAC address i'm sure, and the MAC is hardcoded into the NIC right? couldn't ISP's filter for a specific MAC? they have to have the power at least.

[Zazen]

unless they use the magic of.. a router. come on, no way are ISPs going to go on a massive MAChunt for some guys stolen laptop, that's loony

[trevelyn]

hahaha the packets from the router have no trace of internal MAC addresses? how do they know where the packets go??? i think j00 underestimate the OBSCENE POWER OF A GRAND ISP LIKE ... DUHN DUHHHNN  DUUUUUUUUUUUHHN VERIZON! HAH

[trevelyn]

aaaactually, if you weren't so easy to give up you could go trolling with catchme-ng running.  unless the thief replaced the wlan card in the system, the MAC will be the same and the 802.11 packets that can be sniffed, whether a network protocol is encrypted or not, by anyone smart enough.  That will give you at least a chance if the thief stayed locally.  think about how windows zero config works; even if it's not connected it always looking for an AP, meaning it's sending packets that can be found by you.

http://weaknetlabs.com/code/catchme-ng/

[Zazen]

hahaha the packets from the router have no trace of internal MAC addresses?

Is there some trick you know to get macs from already-routed traffic? please share!

[PHY-6]

ha @ leaving his lappy on top of his car.
ha @ all the thief did was use it for porn.
ha @ women getting more tech-intellectual than what's probably for the best these days.

[Nod]

ha @ leaving his lappy on top of his car.
ha @ all the thief did was use it for porn.
ha @ women getting more tech-intellectual than what's probably for the best these days.

[PHY-6]

Awh. You were a cute baby.

[trevelyn]

hahaha the packets from the router have no trace of internal MAC addresses?

Is there some trick you know to get macs from already-routed traffic? please share!

hey. i forgot about this thread. I'm not sure how to gain mac addresses from routed traffic no, i was saying the possibility wasn't ruled out since i have gotten internal ip's by fucking with the TTL of traceroute packets.  And again:

i think j00 underestimate the OBSCENE POWER OF A GRAND ISP LIKE ... DUHN DUHHHNN  DUUUUUUUUUUUHHN VERIZON! HAH

: i don't work for VeriZon, so i have no idea. 

there was an offshoot of traceroute that helped me understand it more, i forget what it was called firewalker or firesomething.. firewalking.  iunno, but if you wanna learn more about it i'd look for that program first.

[Zazen]

I'm not sure how to gain mac addresses from routed traffic no, i was saying the possibility wasn't ruled out since i have gotten internal ip's by fucking with the TTL of traceroute packets.

That's a neat trick but it seems like it'd be kind of limited nowadays with NAT everywhere and there's definitely no way to extend it to get a mac. But surely there must be some clever way? 15 minutes of google gives me nothing..

[trevelyn]

yeah me too, i looked further into it too.  that bytes.

[trevelyn]

http://www.phonelosers.com/forums/index.php?topic=3713.msg41087#msg41087