— You would probably need to actually exploit their browser to pull saved passwords
And at that point, unless you have a redirector, you're essentially making call backs to your own web server, which is dumb
— You can get IP, and geolocational info just from reading the bytecode of the packets exchanged between your boxes
Message permanent page
— The ip of the user may be dynamic right ?
— It will be changing everytime whenever he connects to internet
— DHCP is a myth.It leases the same IP to you 90% of the time. PAT could potentially create problems for you though
— 80% dynamic
— However, if you get their routers public facing IP, you could theoretically exploit it, and pivot off of it to their box
— Realistically though, its easier to just spearfish your users, and hope someone clicks on a crafted payload in the email or link you leave
— Higher payout than specifically targetting someone in the modern day.