I.P hacking Tricks
Hi guys. initial of all, i would like to mention that I did not build this tutorial myself, I found it onHacking Library
I think that it helps to extend your data .
the tutorial feels like that :
Introduction
1. Welcome to the essential NETBIOS document created by acid precipitation. This document can teach you some easy things regarding NETBIOS, what it will, a way to use it, a way to hack with it, and a few different easy DOS commands which will be helpful to you within the future. THIS DOCUMENT IS FOR NEWBIEZ ONLY!!! If you're NOT a initiate then do not go any farther reading this as a result of if you are good enough you almost certainly already are aware of it all. therefore do not waste yourt time reading one thing that you just already recognize.
1. Hardware and code
1a. The BIOS
The BIOS, short for Basic Input/Output Services, is that the management program of the computer. it's chargeable for beginning your laptop, transferring management of the system to your software package, and for handling different low-level functions, like memory access.
NOTE that the BIOS isn't a code program, to that extent because it isn't purged from memory once you shut down the pc. It's
firmware, that is essentially code on a chip.
A convenient very little feature that almost all BIOS makers embrace could be a startup arcanum. This prevents access to the system till you enter the proper arcanum.
If you'll be able to get access to the system once the arcanum has been entered, then there square measure various software-based BIOS arcanum extractors accessible from your native H/P/A/V website.
NETBIOS/NBTSTAT - What will it do?
2. NETBIOS, additionally referred to as NBTSTAT could be a program run on the Windows system and is employed for characteristic a distant network or laptop for file sharing enabled. we will expoit systems exploitation this technique. it's going to be recent however on home pc's generally it still works nice. you'll be able to use it on your friend reception or one thing. i do not care what you are doing, however bear in mind, that you just square measure reading this document as a result of you would like to be told. therefore I am going to teach you. Ok. So, you ask, "How do i purchase to NBTSTAT?" Well, there square measure 2 ways in which, however one's quicker.
Method 1:Start>Programs>MSDOS PROMPT>Type NBTSTAT
Method 2:Start>Run>Type Command>Type NBTSTAT
(Note: Please, facilitate your poor soul if that won't like feeding you with a baby spoon.)
Ok! currently since you are within the DOS command below NBTSTAT, you are in all probability speculative what all that crap is that is on your screen. These square measure the commands you will use. i am solely about to provide you with what you would like to grasp since you're attempt to be l33t. Your screen ought to seem like the following:
NBTSTAT [ [-a RemoteName] [-A informatics address] [-c] [-n]
[-r] [-R] [-RR] [-s] [-S] [interval] ]
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its informatics address.
-c (cache) Lists NBT's cache of remote [machine] names and their informatics addresses
-n (names) Lists native NetBIOS names.
-r (resolved) Lists names resolved by broadcast and via WINS
-R (Reload) Purges and reloads the remote cache name table
-S (Sessions) Lists sessions table with the destination informatics addresses
-s (sessions) Lists sessions table changing destination informatics addresses to laptop NETBIOS names.
-RR (ReleaseRefresh) Sends Name unharness packets to WINS then, starts Refresh
RemoteName Remote host machine name.
IP address Dotted decimal illustration of the informatics address.
interval Redisplays designated statistics, pausing interval seconds between every show. Press Ctrl+C to prevent redisplaying
statistics.
C:\WINDOWS\DESKTOP>
The only 2 commands that square measure about to be used and here they are:
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its informatics address.
Host Names
3. Now, the -a implies that you'll kind within the HOST NAME of the person's laptop that you just are attempting to access. simply just in case you do not have associatey plan what a bunch Name feels like here's an example.
123-fgh-ppp.internet.com
there square measure several variations of those adresses. for every completely different address you see there's a brand new ISP allotted to it laptop. look into the distinction.
abc-123.internet.com
ghj-789.newnet.com
these square measure differnet host names as you'll be able to see, and, by characteristic the last couple words you'll be able to tell that these square measure 2 computers on 2 completely different ISPs. Now, here square measure 2 host names on identical ISP however a special set server.
123-fgh-ppp.internet.com
567-cde-ppp.internet.com
IP Addresses
4. You will resolce these host names if you wish to the informatics address (Internet Protocol)
IP addresses direct completely different numbers. associate informatics feels like this:
201.123.101.123
Most times you'll be able to tell if a laptop is running on a cable association attributable to the informatics address's numbers. On quicker connections, sometimes the primary 2 numbers square measure low. here's a cable association informatics.
24.18.18.10
on dialup connections IP's square measure higher, like this:
208.148.255.255
notice the 208 is beyond the twenty four that is that the cable association.
REMEMBER tho', NOT ALL informatics ADDRESSES are going to be LIKE THIS.
Some corporations build informatics addresses like this to fool the hacker into basic cognitive process it is a dialup, as a hacker would expect one thing huge, sort of a T3 or associate OC-18. Anyway this provides you a plan on informatics addresses that you'll be exploitation on the nbtstat command.
Getting The informatics Through DC (Direct Connection)
5. First. you are going to wish to search out his informatics or host name. Either can work. If you're on mIRC you'll be able to get wise by typewriting /whois (nick) ...where (nick) is that the persons nickname while not parenthesis. you'll either get a bunch name or associate informatics. copy it down. If you are doing not get wise otherwise you aren't exploitation mIRC then you want to direct hook up with their laptop otherwise you could use a person to work out his informatics or host name. It's really higher to try and do it while not the person as a result of most sniffers don't work now-a-days. therefore you would like to ascertain an on the spot association to their laptop. OK, what's an on the spot connection? once you are:
Sending a file to their laptop you're directly connected.
AOL INSTANT traveller permits an on the spot association to the user if accepted.
ICQ once causation a file or a talk request acception permits an on the spot association.
Any time you're causation a file. you're directly connected. (Assuming you recognize the user isn't employing a proxy server.)
Voice Chatting on Yahoo establishes an on the spot association.
If you've got none of those programs, either i recommend you get one, get a person, or browse this next statement.
If you've got any means of causation thema link to your {site|website|web website} that allows site traffic statistics, and you'll be able to log in, send a link to your website, then check the stats and obtain the informatics of the last traveler. it is a easy and simple technique i exploit. It even fool some smarter hackers, as a result of it catches them off guard. Anyway, once you're directly
connected use either of the 2 strategies i showed you earlier and obtain into DOS. kind NETSTAT -n. internetSTAT could be a program that is name is brief for NET STATISTICS. it'll show you all computers connected to yours. (This is additionally useful if you think that you're being hacked by a computer program and is on a port that you just recognize like Sub Seven: 27374.) Your screen ought to seem like this showing the connections to your computer:
------------------------------------------------------------------------------------------------
C:\WINDOWS\DESKTOP>netstat -n
Active Connections
Proto native Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 205.188.8.7:26778 ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED
C:\WINDOWS\DESKTOP>
------------------------------------------------------------------------------------------------
The first line indicated the Protocol (language) that's getting used by the 2 computers.
TCP (Transfer management Protocol) is getting used during this and is most generally used.
Local address shows your informatics address, or the informatics address of the system you on.
Foreign address shows the address of the pc connected to yours.
State tells you what quite association is being created ESTABLISHED - means that it'll keep connected to you as long as you're on the program or as long because the laptop is permitting or is needing the opposite computers association thereto. CLOSE_WAIT means the connection closes occasionally and waits until it's needed otherwise you resume connection to be made again. One that won't on the list is TIME_WAIT which suggests it's regular. Most Ads that run on AOL square measure exploitation TIME_WAIT states.
the means you recognize the person is directly connected to your laptop is attributable to this:
------------------------------------------------------------------------------------------------
C:\WINDOWS\DESKTOP>netstat -n
Active Connections
Proto native Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 abc-123-ppp.webnet.com ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED
C:\WINDOWS\DESKTOP>
------------------------------------------------------------------------------------------------
Notice the host name is enclosed within the fourth line rather than the informatics address on all. this can be nearly always, the opposite laptop that's connected to you. So here, now, you've got the host name:
abc-123-ppp.webnet.com
If the host name isn't listed and also the informatics is then it NO drawback as a result of either one works precisely the same. i'm exploitation abc-123-ppp.webnet.com host name as associate example. Ok therefore currently you've got the informatics and/or host name of the remote system you would like to attach to. Time to hack!
Open up your DOS command. Open up NBTSTAT by typewriting NBTSTAT. Ok, there is the crap once more. Well, currently time to do out what you've got leanred from this document by testing it on the informatics and/or host name of the remote system. Here's the sole factor you will need to grasp.
IMPORTANT, browse NOW!!!
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its informatics address.
Remember this?
Time to use it.
-a are going to be the host name
-A are going to be the informatics
How do i do know this?
Read the Statements following the -a -A commands. It tells you there what every command takes.
So have you ever found that one you've got to use?
GOOD!
Time to begin.
Using it to your advantage
6. kind this if you've got the host name solely.
NBTSTAT -a (In here place in hostname while not parenthesis)
Type this can be you've got the informatics address solely.
NBTSTAT -A (In here place in informatics address while not parenthesis)
Now, hit enter and wait. currently Either one in all 2 things came up
1. Host not found
2. one thing that appears like this:
--------------------------------------------
NetBIOS native Name Table
Name kind standing
---------------------------------------------
GMVPS01 <00> distinctive Registered
WORKGROUP <00> cluster Registered
GMVPS01 <03> distinctive Registered
GMVPS01 <20> distinctive Registered
WORKGROUP <1E> cluster Registered
---------------------------------------------
If the pc responded "Host not found" Then either one in all 2 things square measure the case:
1. You screwed up the host name.
2. The host isn't hackable.
If best is that the case you are in nice luck. If two, this method is not hackable exploitation the NBTSTAT command. therefore strive another system.
If you bought the table as on top of to return up, look into it fastidiously as i describe to you every half and its purpose.
Name - states the share name of that sure a part of the pc
<00>, <03>, <20>, <1E> - square measure the Hexidecimal codes supplying you with the services accessible on it share name.
Type - Is obvious. It's either turned on, or activated by you, or forever on.
Status - merely states that the share name is functioning and is activated.
Look on top of and appearance for the subsequent line:
GMVPS01 <20> distinctive Registered
See it?
GOOD! currently this can be necessary therefore listen up. The Hexidecimanl code of <20> implies that file sharing is enabled on the share name that's on it line with the hex range. in order that means that GMVPS01 has file sharing enabled. therefore currently you would like to hack this. Here's a way to bed. (This is that the onerous part)
LMHOST File
7. there's a get into all Windows systems referred to as LMHOST.sam. we'd like to easily add the informatics into the LMHOST file as a result of LMHOST essentially acts as a network, mechanically work you on thereto. therefore move to begin, Find, FIles or Folders. kind in LMHOST and hit enter. once it comes up open it employing a text program like wordpad, however make certain you are doing not leave the checkmark to "always open files with this extension" on it. merely bear the LMHOST file till you see the part:
# This file is compatible with Microsoft LAN Manager a pair of.x TCP/IP lmhosts
# files and offers the subsequent extensions:
#
# #PRE
# #DOM:
# #INCLUDE
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry within the file with the characters "#PRE" can cause
# the entry to be preloaded into the name cache. By default, entries square measure
# not preloaded, however square measure parsed solely once dynamic name resolution fails.
#
# Following associate entry with the "#DOM:" tag can associate the
# entry with the domain given by . This affects however the
# browser and logon services behave in TCP/IP environments. To preload
# the host name related to #DOM entry, it's necessary to additionally add a
# #PRE to the road. The is often preloaded though it'll not
# be shown once the name cache is viewed.
#
# Specifying "#INCLUDE " can force the RFC NetBIOS (NBT)
# code to hunt the desired and break down it as if it were
# local. is mostly a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# it's forever necessary to supply a mapping for the informatics address of the
# server before the #INCLUDE. This mapping should use the #PRE directive.
# In addtion the share "public" within the example below should be within the
# LanManServer list of "NullSessionShares" so as for consumer machines to
# be able to browse the lmhosts file with success. This key's below
# \machine\system\currentcontrolset\services\lanmans erver\parameters\nullsessionshares
# within the written account. merely add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords permit multiple #INCLUDE
# statements to be classified along. Any single made embrace
# can cause the cluster to succeed.
#
# Finally, non-printing characters may be embedded in mappings by
# initial close the NetBIOS name in quotations, then exploitation the
# \0xnn notation to specify a hex price for a non-printing character.
Read this over and over till you perceive the means you would like your association to be set. Here's associate example of {how to|the means to|a way to} add associate informatics the way i might do it:
#PRE #DOM:255.102.255.102 #INCLUDE
Pre can preload the association as shortly as you go online to information superhighway. DOM is that the domain or informatics address of the host you're connecting to. embrace can automaticall set you to it file path. during this case as shortly as I go online to information superhighway i will be able to get access to 255.102.255.102 on the C:/ drive. the sole drawback with this can be that by doin the NETSTAT command whereas you're connected, and obtain the informatics of your machine. that is why it solely works on easy computer machines. as a result of individuals in lately square measure laptop illiterate and don't have any plan of what these commands will do. they need no plan what NETSTAT is, therefore you'll be able to use that to your advantage. Most computer systems square measure quite onerous to hack exploitation this technique currently as a result of they're safer and might tell once another system is attempting to achieve access. Also, besure that you just (somehow) recognize whether or not they square measure running a firewall or not as a result of it'll block the association to their laptop. Most home systems are not running a firewall, and to form it higher, they do not savvy operate the firewall, therefore, feat the outlet within the system. to assist you out some, it might be a good plan to choose informed some programming languages to point out you ways the pc reads info and learn some things on TCP/IP (Transfer management Protocol/Internet Protocol) If you would like to search out out whether or not they square measure running a firewall, merely mount up a Proxy and do a port scan on their informatics. you'll notice if {they square measure|they're} running a firewall as a result of most ports are closed. Either way, you continue to have a higher likelihood of hacking a home system than hacking Microsoft.
Gaining Access
7. Once you've got additional this to you LMHOST file. you're essentially done. All you would like to try and do is go to:
Start
Find
Computer
Once you get there you just kind the informatics address or the host name of the system. once it comes up, merely double click it, and boom! there is a user interface for you therefore you do not ought to use DOS any longer. you'll be able to use DOS to try and do it, however it's a lot of easy and fun this fashion, therefore that is the solely means i place it. once you open the system you'll be able to edit, delete, rename, do something to any file you would like. i might additionally delete the command get into C:/ as a result of they'll use it if they assume somebody is in their laptop. or just delete the road thereto. Then here's once the programming comes in handy. rather than exploitation the NBTSTAT technique all the time, you'll be able to then program you own trojan on your OWN port numberand transfer it to the system. Then you'll have easier access and you'll even have a higher user interface, with a lot of options. don't permit quite one association to the system unless they're on a quicker association. If you're downloading one thing from their laptop and that they do not know it and their association is being slow, they'll check their NETSTAT to examine what's connected, which is able to show your informatics and build them suspicious. Thats it. All there's thereto. currently leave and scan a network or one thing and realize a laptop with port twenty one or one thing open.
Hi guys. initial of all, i would like to mention that I did not build this tutorial myself, I found it onHacking Library
I think that it helps to extend your data .
the tutorial feels like that :
Introduction
1. Welcome to the essential NETBIOS document created by acid precipitation. This document can teach you some easy things regarding NETBIOS, what it will, a way to use it, a way to hack with it, and a few different easy DOS commands which will be helpful to you within the future. THIS DOCUMENT IS FOR NEWBIEZ ONLY!!! If you're NOT a initiate then do not go any farther reading this as a result of if you are good enough you almost certainly already are aware of it all. therefore do not waste yourt time reading one thing that you just already recognize.
1. Hardware and code
1a. The BIOS
The BIOS, short for Basic Input/Output Services, is that the management program of the computer. it's chargeable for beginning your laptop, transferring management of the system to your software package, and for handling different low-level functions, like memory access.
NOTE that the BIOS isn't a code program, to that extent because it isn't purged from memory once you shut down the pc. It's
firmware, that is essentially code on a chip.
A convenient very little feature that almost all BIOS makers embrace could be a startup arcanum. This prevents access to the system till you enter the proper arcanum.
If you'll be able to get access to the system once the arcanum has been entered, then there square measure various software-based BIOS arcanum extractors accessible from your native H/P/A/V website.
NETBIOS/NBTSTAT - What will it do?
2. NETBIOS, additionally referred to as NBTSTAT could be a program run on the Windows system and is employed for characteristic a distant network or laptop for file sharing enabled. we will expoit systems exploitation this technique. it's going to be recent however on home pc's generally it still works nice. you'll be able to use it on your friend reception or one thing. i do not care what you are doing, however bear in mind, that you just square measure reading this document as a result of you would like to be told. therefore I am going to teach you. Ok. So, you ask, "How do i purchase to NBTSTAT?" Well, there square measure 2 ways in which, however one's quicker.
Method 1:Start>Programs>MSDOS PROMPT>Type NBTSTAT
Method 2:Start>Run>Type Command>Type NBTSTAT
(Note: Please, facilitate your poor soul if that won't like feeding you with a baby spoon.)
Ok! currently since you are within the DOS command below NBTSTAT, you are in all probability speculative what all that crap is that is on your screen. These square measure the commands you will use. i am solely about to provide you with what you would like to grasp since you're attempt to be l33t. Your screen ought to seem like the following:
NBTSTAT [ [-a RemoteName] [-A informatics address] [-c] [-n]
[-r] [-R] [-RR] [-s] [-S] [interval] ]
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its informatics address.
-c (cache) Lists NBT's cache of remote [machine] names and their informatics addresses
-n (names) Lists native NetBIOS names.
-r (resolved) Lists names resolved by broadcast and via WINS
-R (Reload) Purges and reloads the remote cache name table
-S (Sessions) Lists sessions table with the destination informatics addresses
-s (sessions) Lists sessions table changing destination informatics addresses to laptop NETBIOS names.
-RR (ReleaseRefresh) Sends Name unharness packets to WINS then, starts Refresh
RemoteName Remote host machine name.
IP address Dotted decimal illustration of the informatics address.
interval Redisplays designated statistics, pausing interval seconds between every show. Press Ctrl+C to prevent redisplaying
statistics.
C:\WINDOWS\DESKTOP>
The only 2 commands that square measure about to be used and here they are:
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its informatics address.
Host Names
3. Now, the -a implies that you'll kind within the HOST NAME of the person's laptop that you just are attempting to access. simply just in case you do not have associatey plan what a bunch Name feels like here's an example.
123-fgh-ppp.internet.com
there square measure several variations of those adresses. for every completely different address you see there's a brand new ISP allotted to it laptop. look into the distinction.
abc-123.internet.com
ghj-789.newnet.com
these square measure differnet host names as you'll be able to see, and, by characteristic the last couple words you'll be able to tell that these square measure 2 computers on 2 completely different ISPs. Now, here square measure 2 host names on identical ISP however a special set server.
123-fgh-ppp.internet.com
567-cde-ppp.internet.com
IP Addresses
4. You will resolce these host names if you wish to the informatics address (Internet Protocol)
IP addresses direct completely different numbers. associate informatics feels like this:
201.123.101.123
Most times you'll be able to tell if a laptop is running on a cable association attributable to the informatics address's numbers. On quicker connections, sometimes the primary 2 numbers square measure low. here's a cable association informatics.
24.18.18.10
on dialup connections IP's square measure higher, like this:
208.148.255.255
notice the 208 is beyond the twenty four that is that the cable association.
REMEMBER tho', NOT ALL informatics ADDRESSES are going to be LIKE THIS.
Some corporations build informatics addresses like this to fool the hacker into basic cognitive process it is a dialup, as a hacker would expect one thing huge, sort of a T3 or associate OC-18. Anyway this provides you a plan on informatics addresses that you'll be exploitation on the nbtstat command.
Getting The informatics Through DC (Direct Connection)
5. First. you are going to wish to search out his informatics or host name. Either can work. If you're on mIRC you'll be able to get wise by typewriting /whois (nick) ...where (nick) is that the persons nickname while not parenthesis. you'll either get a bunch name or associate informatics. copy it down. If you are doing not get wise otherwise you aren't exploitation mIRC then you want to direct hook up with their laptop otherwise you could use a person to work out his informatics or host name. It's really higher to try and do it while not the person as a result of most sniffers don't work now-a-days. therefore you would like to ascertain an on the spot association to their laptop. OK, what's an on the spot connection? once you are:
Sending a file to their laptop you're directly connected.
AOL INSTANT traveller permits an on the spot association to the user if accepted.
ICQ once causation a file or a talk request acception permits an on the spot association.
Any time you're causation a file. you're directly connected. (Assuming you recognize the user isn't employing a proxy server.)
Voice Chatting on Yahoo establishes an on the spot association.
If you've got none of those programs, either i recommend you get one, get a person, or browse this next statement.
If you've got any means of causation thema link to your {site|website|web website} that allows site traffic statistics, and you'll be able to log in, send a link to your website, then check the stats and obtain the informatics of the last traveler. it is a easy and simple technique i exploit. It even fool some smarter hackers, as a result of it catches them off guard. Anyway, once you're directly
connected use either of the 2 strategies i showed you earlier and obtain into DOS. kind NETSTAT -n. internetSTAT could be a program that is name is brief for NET STATISTICS. it'll show you all computers connected to yours. (This is additionally useful if you think that you're being hacked by a computer program and is on a port that you just recognize like Sub Seven: 27374.) Your screen ought to seem like this showing the connections to your computer:
------------------------------------------------------------------------------------------------
C:\WINDOWS\DESKTOP>netstat -n
Active Connections
Proto native Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 205.188.8.7:26778 ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED
C:\WINDOWS\DESKTOP>
------------------------------------------------------------------------------------------------
The first line indicated the Protocol (language) that's getting used by the 2 computers.
TCP (Transfer management Protocol) is getting used during this and is most generally used.
Local address shows your informatics address, or the informatics address of the system you on.
Foreign address shows the address of the pc connected to yours.
State tells you what quite association is being created ESTABLISHED - means that it'll keep connected to you as long as you're on the program or as long because the laptop is permitting or is needing the opposite computers association thereto. CLOSE_WAIT means the connection closes occasionally and waits until it's needed otherwise you resume connection to be made again. One that won't on the list is TIME_WAIT which suggests it's regular. Most Ads that run on AOL square measure exploitation TIME_WAIT states.
the means you recognize the person is directly connected to your laptop is attributable to this:
------------------------------------------------------------------------------------------------
C:\WINDOWS\DESKTOP>netstat -n
Active Connections
Proto native Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 abc-123-ppp.webnet.com ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED
C:\WINDOWS\DESKTOP>
------------------------------------------------------------------------------------------------
Notice the host name is enclosed within the fourth line rather than the informatics address on all. this can be nearly always, the opposite laptop that's connected to you. So here, now, you've got the host name:
abc-123-ppp.webnet.com
If the host name isn't listed and also the informatics is then it NO drawback as a result of either one works precisely the same. i'm exploitation abc-123-ppp.webnet.com host name as associate example. Ok therefore currently you've got the informatics and/or host name of the remote system you would like to attach to. Time to hack!
Open up your DOS command. Open up NBTSTAT by typewriting NBTSTAT. Ok, there is the crap once more. Well, currently time to do out what you've got leanred from this document by testing it on the informatics and/or host name of the remote system. Here's the sole factor you will need to grasp.
IMPORTANT, browse NOW!!!
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its informatics address.
Remember this?
Time to use it.
-a are going to be the host name
-A are going to be the informatics
How do i do know this?
Read the Statements following the -a -A commands. It tells you there what every command takes.
So have you ever found that one you've got to use?
GOOD!
Time to begin.
Using it to your advantage
6. kind this if you've got the host name solely.
NBTSTAT -a (In here place in hostname while not parenthesis)
Type this can be you've got the informatics address solely.
NBTSTAT -A (In here place in informatics address while not parenthesis)
Now, hit enter and wait. currently Either one in all 2 things came up
1. Host not found
2. one thing that appears like this:
--------------------------------------------
NetBIOS native Name Table
Name kind standing
---------------------------------------------
GMVPS01 <00> distinctive Registered
WORKGROUP <00> cluster Registered
GMVPS01 <03> distinctive Registered
GMVPS01 <20> distinctive Registered
WORKGROUP <1E> cluster Registered
---------------------------------------------
If the pc responded "Host not found" Then either one in all 2 things square measure the case:
1. You screwed up the host name.
2. The host isn't hackable.
If best is that the case you are in nice luck. If two, this method is not hackable exploitation the NBTSTAT command. therefore strive another system.
If you bought the table as on top of to return up, look into it fastidiously as i describe to you every half and its purpose.
Name - states the share name of that sure a part of the pc
<00>, <03>, <20>, <1E> - square measure the Hexidecimal codes supplying you with the services accessible on it share name.
Type - Is obvious. It's either turned on, or activated by you, or forever on.
Status - merely states that the share name is functioning and is activated.
Look on top of and appearance for the subsequent line:
GMVPS01 <20> distinctive Registered
See it?
GOOD! currently this can be necessary therefore listen up. The Hexidecimanl code of <20> implies that file sharing is enabled on the share name that's on it line with the hex range. in order that means that GMVPS01 has file sharing enabled. therefore currently you would like to hack this. Here's a way to bed. (This is that the onerous part)
LMHOST File
7. there's a get into all Windows systems referred to as LMHOST.sam. we'd like to easily add the informatics into the LMHOST file as a result of LMHOST essentially acts as a network, mechanically work you on thereto. therefore move to begin, Find, FIles or Folders. kind in LMHOST and hit enter. once it comes up open it employing a text program like wordpad, however make certain you are doing not leave the checkmark to "always open files with this extension" on it. merely bear the LMHOST file till you see the part:
# This file is compatible with Microsoft LAN Manager a pair of.x TCP/IP lmhosts
# files and offers the subsequent extensions:
#
# #PRE
# #DOM:
# #INCLUDE
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry within the file with the characters "#PRE" can cause
# the entry to be preloaded into the name cache. By default, entries square measure
# not preloaded, however square measure parsed solely once dynamic name resolution fails.
#
# Following associate entry with the "#DOM:" tag can associate the
# entry with the domain given by . This affects however the
# browser and logon services behave in TCP/IP environments. To preload
# the host name related to #DOM entry, it's necessary to additionally add a
# #PRE to the road. The is often preloaded though it'll not
# be shown once the name cache is viewed.
#
# Specifying "#INCLUDE " can force the RFC NetBIOS (NBT)
# code to hunt the desired and break down it as if it were
# local. is mostly a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# it's forever necessary to supply a mapping for the informatics address of the
# server before the #INCLUDE. This mapping should use the #PRE directive.
# In addtion the share "public" within the example below should be within the
# LanManServer list of "NullSessionShares" so as for consumer machines to
# be able to browse the lmhosts file with success. This key's below
# \machine\system\currentcontrolset\services\lanmans erver\parameters\nullsessionshares
# within the written account. merely add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords permit multiple #INCLUDE
# statements to be classified along. Any single made embrace
# can cause the cluster to succeed.
#
# Finally, non-printing characters may be embedded in mappings by
# initial close the NetBIOS name in quotations, then exploitation the
# \0xnn notation to specify a hex price for a non-printing character.
Read this over and over till you perceive the means you would like your association to be set. Here's associate example of {how to|the means to|a way to} add associate informatics the way i might do it:
#PRE #DOM:255.102.255.102 #INCLUDE
Pre can preload the association as shortly as you go online to information superhighway. DOM is that the domain or informatics address of the host you're connecting to. embrace can automaticall set you to it file path. during this case as shortly as I go online to information superhighway i will be able to get access to 255.102.255.102 on the C:/ drive. the sole drawback with this can be that by doin the NETSTAT command whereas you're connected, and obtain the informatics of your machine. that is why it solely works on easy computer machines. as a result of individuals in lately square measure laptop illiterate and don't have any plan of what these commands will do. they need no plan what NETSTAT is, therefore you'll be able to use that to your advantage. Most computer systems square measure quite onerous to hack exploitation this technique currently as a result of they're safer and might tell once another system is attempting to achieve access. Also, besure that you just (somehow) recognize whether or not they square measure running a firewall or not as a result of it'll block the association to their laptop. Most home systems are not running a firewall, and to form it higher, they do not savvy operate the firewall, therefore, feat the outlet within the system. to assist you out some, it might be a good plan to choose informed some programming languages to point out you ways the pc reads info and learn some things on TCP/IP (Transfer management Protocol/Internet Protocol) If you would like to search out out whether or not they square measure running a firewall, merely mount up a Proxy and do a port scan on their informatics. you'll notice if {they square measure|they're} running a firewall as a result of most ports are closed. Either way, you continue to have a higher likelihood of hacking a home system than hacking Microsoft.
Gaining Access
7. Once you've got additional this to you LMHOST file. you're essentially done. All you would like to try and do is go to:
Start
Find
Computer
Once you get there you just kind the informatics address or the host name of the system. once it comes up, merely double click it, and boom! there is a user interface for you therefore you do not ought to use DOS any longer. you'll be able to use DOS to try and do it, however it's a lot of easy and fun this fashion, therefore that is the solely means i place it. once you open the system you'll be able to edit, delete, rename, do something to any file you would like. i might additionally delete the command get into C:/ as a result of they'll use it if they assume somebody is in their laptop. or just delete the road thereto. Then here's once the programming comes in handy. rather than exploitation the NBTSTAT technique all the time, you'll be able to then program you own trojan on your OWN port numberand transfer it to the system. Then you'll have easier access and you'll even have a higher user interface, with a lot of options. don't permit quite one association to the system unless they're on a quicker association. If you're downloading one thing from their laptop and that they do not know it and their association is being slow, they'll check their NETSTAT to examine what's connected, which is able to show your informatics and build them suspicious. Thats it. All there's thereto. currently leave and scan a network or one thing and realize a laptop with port twenty one or one thing open.
No comments :
Post a Comment