You can get IP, and geolocational info just from reading the bytecode of the packets exchanged between your boxes
— The ip of the user may be dynamic right ?
— It will be changing everytime whenever he connects to internet
— DHCP is a myth.It leases the same IP to you 90% of the time. PAT could potentially create problems for you though
Message permanent page
— 80% dynamic
— However, if you get their routers public facing IP, you could theoretically exploit it, and pivot off of it to their box
— Realistically though, its easier to just spearfish your users, and hope someone clicks on a crafted payload in the email or link you leave
— Higher payout than specifically targetting someone in the modern day.
— As far as I know, you can get the cookies of your website. But you can not access the cookies of any other domains that are stored in the browser
— This action will be restricted by the browser