Waraxe IT Security Portal
Login or Register
November 23, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 130
Members: 0
Total: 130
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Newbies corner -> Exploiting the Hosts over the network [With Picture]
Post new topicReply to topic View previous topic :: View next topic
Exploiting the Hosts over the network [With Picture]
PostPosted: Wed Feb 27, 2008 8:51 pm Reply with quote
F4r4Zm0In
Active user
Active user
Joined: Feb 17, 2008
Posts: 30




May be this tutorial is helpful for N00bs Smile

This article is not meant for advanced users
because you may be already knowing this
but it may be helpful for the beginners

well, its time to exploit the network
yes i am talking about the lan [Local Area Network]
lets start:
1: click start>run>cmd>type ipconfig
then you will be seeing a picture like this one :



now, from the picture we can easily know what our "ip address" is
if in this case our ip address is "117.197.48.112"
then obviously the ip addresses of other peoples on the network must be similar to this one
yeah, the only thing which is different is the last part.

i mean [112]

now, our job now is to find a system that has file and printer sharing enabled
but first we have to find some live hosts
lets try:

now to find live hosts what we did is:
we start pinging systems by changing the last part [112]

and here is what we have got:



yea, we got ping response because our machine is still active LOL :d

Now, we dont want to exploit our own system so its time to ping some one else :

lets start pinging randomly:

117.197.48.112 [Owr own machine, which we already pinged]
117.197.48.111
117.197.48.110
117.197.48.109
................................. and so on.

in the first attempt we tried pinging 117.197.48.111 and our ping failed
in the second attempt we tried pinging 117.197.48.100 and got "Success"



now simply click on start>run>type \\117.197.48.100
Now hit Enter button.

and here is what we have got Smile



Now, we can copy, edit, or even delete the stuff from that machine Smile

In this exploit we got success at the second attempt because the machine is having "file and printer sharing enabled" option checked!
sometimes it happens that we got ping response, but Still can't explore the host over the network [and got some nasty errors while trying to exploit]
because the machine is most probably having "file and printer sharing enabled" option Unchecked!
or it may be behind the firewall!

All it depend on your day!

So its better that you try your luck.
View user's profile Send private message Visit poster's website
PostPosted: Wed Feb 27, 2008 9:29 pm Reply with quote
Tom
Regular user
Regular user
Joined: Feb 11, 2008
Posts: 10




Nice tut for Noobs.

Smile
View user's profile Send private message
PostPosted: Thu Feb 28, 2008 2:17 pm Reply with quote
F4r4Zm0In
Active user
Active user
Joined: Feb 17, 2008
Posts: 30




Tom wrote:
Nice tut for Noobs.

Smile


Yeah! I wrote this one while keeping the n00bs in Mind Smile
View user's profile Send private message Visit poster's website
PostPosted: Fri Feb 29, 2008 5:50 am Reply with quote
hunter
Regular user
Regular user
Joined: Feb 24, 2008
Posts: 7




MORE TUTS PLZ !

hacking servers would be good Smile

no luck yet, i guess not many ppl have pritner file sharing on?

also if i pinged one that worked...i would get "a device on your comptuer is not functioning" or something.

im on vista.
View user's profile Send private message
PostPosted: Fri Feb 29, 2008 7:25 am Reply with quote
F4r4Zm0In
Active user
Active user
Joined: Feb 17, 2008
Posts: 30




hunter wrote:
MORE TUTS PLZ !

hacking servers would be good Smile

no luck yet, i guess not many ppl have pritner file sharing on?

also if i pinged one that worked...i would get "a device on your comptuer is not functioning" or something.

im on vista.


I will post more soon,
whenever i found spare time to write Smile
View user's profile Send private message Visit poster's website
F4r4Zm0In
PostPosted: Fri Feb 29, 2008 9:08 am Reply with quote
ToXiC
Moderator
Moderator
Joined: Dec 01, 2004
Posts: 181
Location: Cyprus




F4r4Zm0In ,

i dont want to sound crawl or anything but having access into share files is NOT hacking ...

nice effort though ...

i will try to extend it a bit to make it more interesting..

well ..

some basic commands are :

nbtstat
nbtstat display protocol statistics and current TCP/IP connections using NBT (NetBIOS over TCP/IP).

usage nbtstat -a ip

article on nbtstat
http://articles.techrepublic.com.com/5100-1035-1058328.html


Beyond that you can play with null sessions :

A null session can be created by using the Windows net program to map a connection using a blank username and password. On Windows systems that are vulnerable, you simply have to enter:
net use \\ip_address\ipc$ "" "/user:" at a Windows command prompt.

This was a vulnerability of windows 2000 that could create a connection with no user or pass with enough priviledges to have access to network pcs and with programs such as Winfo, Walksam, certain Windows Resource Kit tools and even the net program that's built into Windows to glean tons of information off a Windows system

In windows xp now they decided to protect that resource but the still left the null sessions . So some not so well configured boxes could allow null sessions as well.


Nice tools to use for USER ENUMERATION and more..

autoscan:
http://autoscan-network.com/

cain and abel
http://www.oxid.it/cain.html
-
-
-
and 100000 more Smile

_________________
who|grep -i blonde|talk; cd~;wine;talk;touch;unzip;touch; strip;gasp;finger;gasp;mount; fsck; more; yes; gasp; umount; make clean; sleep;wakeup;goto http://www.md5this.com
View user's profile Send private message Visit poster's website MSN Messenger
Re: F4r4Zm0In
PostPosted: Fri Feb 29, 2008 2:47 pm Reply with quote
F4r4Zm0In
Active user
Active user
Joined: Feb 17, 2008
Posts: 30




ToXiC wrote:
F4r4Zm0In ,

i dont want to sound crawl or anything but having access into share files is NOT hacking ...

nice effort though ...

i will try to extend it a bit to make it more interesting..

well ..

some basic commands are :

nbtstat
nbtstat display protocol statistics and current TCP/IP connections using NBT (NetBIOS over TCP/IP).

usage nbtstat -a ip

article on nbtstat
http://articles.techrepublic.com.com/5100-1035-1058328.html


Beyond that you can play with null sessions :

A null session can be created by using the Windows net program to map a connection using a blank username and password. On Windows systems that are vulnerable, you simply have to enter:
net use \\ip_address\ipc$ "" "/user:" at a Windows command prompt.

This was a vulnerability of windows 2000 that could create a connection with no user or pass with enough priviledges to have access to network pcs and with programs such as Winfo, Walksam, certain Windows Resource Kit tools and even the net program that's built into Windows to glean tons of information off a Windows system

In windows xp now they decided to protect that resource but the still left the null sessions . So some not so well configured boxes could allow null sessions as well.


Nice tools to use for USER ENUMERATION and more..

autoscan:
http://autoscan-network.com/

cain and abel
http://www.oxid.it/cain.html
-
-
-
and 100000 more Smile


Thanks for adding extra $ valuable information Smile
View user's profile Send private message Visit poster's website
PostPosted: Sun May 18, 2008 3:18 pm Reply with quote
Kazuma
Beginner
Beginner
Joined: May 17, 2008
Posts: 3
Location: Zwollywood




You could have easy walked over to your roommates computer to avoid all the hassle with typing all those internal IP's Wink

Outside your (V)LAN this would be hard to find since most routers have NAT disabled for these ports (samba sharing?).
Cool
View user's profile Send private message
Exploiting the Hosts over the network [With Picture]
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.047 Seconds