]
04-05-2011, 03:26 AM
1. What is your NetBIOS.
2. NetBIOS in Windows.
3. Finding the weak point.
4. Exploitation of weakness.
5. As you pass the password.
6. How can you determine the operating system share option to activate all its partitions.
____________________________________________________________________________________________________________________________
1. NetBIOS (Network Basic Input / Output System) is an operational concept developed by IBM and Sytek designed to fulfill the role of API (Application
Programming Interface) for an application can access network resources. In short NetBIOS allows applications to communicate with a network.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
2. NetBIOS in Windows. A computer can be accessed if the NetBIOS port 139 is open. This port (139) is the most dangerous port on the Internet. All files and printers who started the share option on a Windows system running on this port. Approximately 10% of all Internet users were exposed to hard drives through this port. This port (139) is the first port that wants to connect to a hacker and all this port is blocked by a firewall.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
3. Finding the weak point. To find a vulnerable computer must scan a network or a range of IP addresses to see which has port 139 open. For this I recommend using IPScan program . Once the scan is complete and there are vulnerable IPs go to Section 4.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
4. Exploitation of weakness. After choosing vulnerable IP connection is passed from it as follows:
START> RUN> RUN In the box enter the command \ \ xxx.xxx.xxx.xxx then click OK.
ATTENTION xxx.xxx.xxx.xxx is the IP I found so replace x's with the IP found
If everything went well you should open a window with the contents of the victim's hard disk. Now you can see, create download or upload or even delete files on the victim's computer.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
5. As you pass the password. It may sometimes happen that the computer tries to connect to be protected by a password. In this case you should use PQwak program . In this program you just need to enter IP and share name. The share name is the name of the folder that is password protected. After introducing these things just to watch how it works PQwak.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
6. How can you determine the operating system share option to activate all its partitions. If the partition that has enabled the option to share is (C: \ D: \ etc..) Where you can put a Trojan which can give access to the rest of the partitions and even entire computer. To do this you must create a file will be named autorun.inf file To do this you must create a text file that contains the following:
-------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ----------------
BE WRITTEN BELOW THE COPY WITHOUT CHANGES.
-------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ----------------
[Autorun]
open = autoexec.bak.exe
-------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ----------------
Then save the file to be modified is the extension of txt. Txt to. Inf
Then with a Trojan is made a trojan called autoexec.bak.exe
Now the two files are ready when you need to copy the main folder in the root meaning. For example if we have access to the partition C: \ where our files will be copied directly on a partition without being put in the folder.
Now you just need to wait for the victim to access the partition where you put those two files. Once opened it will run the trojan partition providing access to every computer.
2. NetBIOS in Windows.
3. Finding the weak point.
4. Exploitation of weakness.
5. As you pass the password.
6. How can you determine the operating system share option to activate all its partitions.
____________________________________________________________________________________________________________________________
1. NetBIOS (Network Basic Input / Output System) is an operational concept developed by IBM and Sytek designed to fulfill the role of API (Application
Programming Interface) for an application can access network resources. In short NetBIOS allows applications to communicate with a network.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
2. NetBIOS in Windows. A computer can be accessed if the NetBIOS port 139 is open. This port (139) is the most dangerous port on the Internet. All files and printers who started the share option on a Windows system running on this port. Approximately 10% of all Internet users were exposed to hard drives through this port. This port (139) is the first port that wants to connect to a hacker and all this port is blocked by a firewall.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
3. Finding the weak point. To find a vulnerable computer must scan a network or a range of IP addresses to see which has port 139 open. For this I recommend using IPScan program . Once the scan is complete and there are vulnerable IPs go to Section 4.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
4. Exploitation of weakness. After choosing vulnerable IP connection is passed from it as follows:
START> RUN> RUN In the box enter the command \ \ xxx.xxx.xxx.xxx then click OK.
ATTENTION xxx.xxx.xxx.xxx is the IP I found so replace x's with the IP found
If everything went well you should open a window with the contents of the victim's hard disk. Now you can see, create download or upload or even delete files on the victim's computer.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
5. As you pass the password. It may sometimes happen that the computer tries to connect to be protected by a password. In this case you should use PQwak program . In this program you just need to enter IP and share name. The share name is the name of the folder that is password protected. After introducing these things just to watch how it works PQwak.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~
6. How can you determine the operating system share option to activate all its partitions. If the partition that has enabled the option to share is (C: \ D: \ etc..) Where you can put a Trojan which can give access to the rest of the partitions and even entire computer. To do this you must create a file will be named autorun.inf file To do this you must create a text file that contains the following:
-------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ----------------
BE WRITTEN BELOW THE COPY WITHOUT CHANGES.
-------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ----------------
[Autorun]
open = autoexec.bak.exe
-------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ----------------
Then save the file to be modified is the extension of txt. Txt to. Inf
Then with a Trojan is made a trojan called autoexec.bak.exe
Now the two files are ready when you need to copy the main folder in the root meaning. For example if we have access to the partition C: \ where our files will be copied directly on a partition without being put in the folder.
Now you just need to wait for the victim to access the partition where you put those two files. Once opened it will run the trojan partition providing access to every computer.
