|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
DOS Hacking - Consider it Advanced DOS Usage |
|
Posted: Mon Jan 10, 2005 8:02 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
DOS Hacking Part 1,2,3,4, & 5
Consider it Advanced DOS Usage
By: Cface & Killer
Help From: Mitch & Fergal
Email: scarpuppetface@hotmail.com
By: Cface
If you consider Hacking bad and don't want anything to do with it, then don't call this hacking, call this advanced DOS commands and use. You will be taking advantage of DOS (MS-DOS or Command Prompt) to make the most of it. People consider it just a black box that is completly useless. That is completly false! With DOS you can read emails, connect to websites, servers, chat, upload files, make new batch files (explained later on) and more!
Lets start off by LOCATING MS-DOS (or Command Prompt). If you have Windows 95/98/ME you have MS-DOS, if you have Windows XP Home/Professional you have Command Prompt, throughout this email i will be calling the MS-DOS/Command Prompt, DOS so i don't have to keep on saying MS-DOS/Command Prompt because they are one in the same, just named differently. There are two EASY ways of finding your DOS program:
1. Goto Start->Run. Type in cmd then press enter
2. Goto Start->All Programs->Accessories->DOS. I prefer using this way, because you dont have to type anything.
Once you open your DOS program you will see a black box with the words similar to this:
Microsoft Windows XP [Version 5.1.2600]
<C> Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\Administer>
Now that you see that, you will see that you type your commands after C:\Documents and Settings\Administer>. Now that you understand the interface (which i hope you do, it's pretty simple) of the DOS program, we can begin typing in commands and such.
I think we shall start with the netstat command. Netstat is a great command because it can show who you are connected to, and what their IP Address is! the netstat command shows you what server's you're connected to. When you connect to the internet your computer is connecting to a server which your internet provider has, the server connects to the internet, when you connect to MSN Messenger, Yahoo Messenger, AOL Instant Messenger, and other websites it will show the server that the website and instant messenger are running off of. It's handy information at times. Using the netstat -n command shows all the ip address's that are connected to you, which is what you will probably use use most, if you want to hack/snoop into computers, and not servers. Also, you have the netstat -a command. This... is something i havent ever had use of, but if anyone finds a good use, please, email me about its purpose. A little hint to get someones IP Address, goto DOS type in netstat -n and then send someone a file then once they accept the file and the file is transferring (during the transfer not after) type in netstat -n again, look at both of the netstat -n results and find out which ip isnt shown on the first netstat -n but is shown on the second netstat -n.
What have we learned today?
Howto locate your MS-DOS/Command Prompt.
MS-DOS/Command Prompt Interface.
netstat - shows you what servers are connected to you.
netstat -n - shows you all IP Address's that are connected to you.
netstat -a - It's a command, i don't know of it's use, lol.
More to come, also we will have another author to help us out on figuring some new tricks and techniques!
Don't forget to forward this to your friends, and tell your friends to forward it to other people!
By: Cface
-----------------
By: Cface
In the last Part about DOS hacking we talked about netstat, well it's time to move on. We are going to learn about telnet command. Telnet connects you to servers and computers so you can interact with the computer/server you're connected to. If you haven't already noticed the reason why hackers use telnet, then i will tell you.
With telnet, you can connect to computers/servers (like i said above) and u can hack into the computer and cause mayhem of all sorts, or just check out information that computer has. Telnet is the most used command hackers use to hack into someones computer/server.
Commands for telnet are:
telnet ip port that all goes on one line u type in telnet, space, the ip address, space again, and the port you wish to go through.
telnet just typing telnet can connect u to telnet, after doing that u can just type in other commands.
? or ?/h once u type telnet (and only telnet) a second line will be made for you to type commands within telnet, typing ? or ?/h will take you to the command list for telnet.
Now that you know the commands that will lead you through telnet, we can get a bit more into the actual hacking.
Also, try out the nslookup command, you type in nslookup URL or nslookup IP it tells you information on either the ip address or the server the URL (site address) is running on. It's handy at times, you'll learn that it is.
NOTE: The hacking entries above this note were exlpaining hacking and some commands to help you on hacking. We will start to teach you on the actual hacking below this note. There were 2 entries above this note, if someone has stolen credit please email scarpuppetface@hotmail.com Original Entries by Cface and KILLER
Don't forget to forward this to your friends, and tell your friends to forward it to other people!
By: Cface
----------------
By: KILLER
All right, so you have the netstat firmly stuck in your head...now here is a way of using/finding ports. Have your DOS window open and type telnet. This will open a new window (it will be blank with a black block-like cursor at the top left-hand corner of it). Combining the information you got from using netstat and the telnet window, you will be able to enter a port number/IP address w/ port, and connect directly to that IP/port. Click Connect, Remote System, then here are some options you may use:
In the Connect dialog box, you can enter in the host to which
you wish to connect, and there is a list box of several ports
you can connect to:
daytime: May give you the current time on the server.
echo: May echo back whatever you type in, and will tell you that the computer you have connected to is alive nd running on the Internet. qotd: May provide you with a quote of the day.
chargen: May display a continuous stream of characters, useful for spotting network problems, but may crash your telnet program.
telnet: May present you with a login screen.
These will only work if the server to which you are trying to connect is running these services. However, you are not limited to just those ports...you can type in any port number you wish. You will only successfully connect to the port if the service in question is available. What occurs after you connect depends upon the protocol for that particular service.
When you are using telnet to connect to the telnet service on a server, you will (in most cases) be presented with a banner and a login prompt.
[Note from KILLER: Many people have written saying their telnet program fails to connect no matter what host they try to reach. Here's a way to fix your problem. First -- make sure you are already connected to the Internet. If your telnet program still cannot connect to anything, here's how to fix your problem. Click "start" then "settings" then "control panel." Then click "Internet" then "connection." This screen will have two boxes that may or may not be checked. The top one says "connect to the Internet as needed." If that box is checked, uncheck it -- but only uncheck it if you already have been having problems connecting. The bottom box says "connect through a proxy server." If that box is checked, you probably are on a local area network and your systems administrator doesn't allow you to use telnet.]
Simple, right? This is another step into "sneaking" around in another person's computer. Think of it as a back-door into someone's house, a.k.a. the port, and you want to take a look around...Well, the back-door is unlocked, as long as you have "the key", a.k.a. the IP address/port number, you are free to roam around as you like.
Ok, let it soak in, and await some more parts of this wonderful tutorial.
Don't forget to forward this to your friends, and tell your friends to forward it to other people!
By: KILLER
-----------------
By: KILLER {cont.}
Now, you can also use telnet to connect to other ports, such as
ftp (21), smtp (25), pop3 (110), and even http (80). When you
connect to ftp, smtp, and pop3, you will be presented with a
banner, or a line of text that displays some information about the
service. This will give you a clue as to the operating system
running on the host computer, or it may come right out and tell
you what the operating system is...for instance, AIX, Linux,
Solaris, or NT. If you successfully connect to port 80, you will
see a blank screen. This indicates, again, that you have successfully completed the TCP negotiation and you have a connection.
Now, what you do from there is up to you. You can simply disconnect with the knowledge that, yes, there is a service running on port 80, or you can use your knowledge of the HTTP protocol to retrieve the HTML source for web pages on the server.
Ports are also determined in several different aspects other than these given. For example, the port can vary with internet providers, websites connected to, and other servers. But, once a port is retreived, (hehe), you have FULL CONTROL! Ever wonder how third-party trojens worked? They use this...except they inject a trojan first but that's not the point...They gain your IP Address and port, and access your computer anytime they wish, corrupting files, stealing applications as they please, and so on. In some cases, if you KNOW you have a trojen, you can type netstat -n and find their IP Address, and ping the sh** out of them, to the point of crashing their HD (hard drive) and "teaching them a lesson!" All you do is type ping and their IP Address (excluding port, the port is not needed in this case) and BOOM! Pinged! But, there is a button sequence that you can press to repeat the last command typed...Continuously press the button sequence and Enter, and, if done enough times, their computer will Dangerously run low on resources and crash! Neat, huh? Currently I don't have the button sequence, but when I do, I will revise this tutorial and add that! Have fun with your new-found knowledge!
Don't forget to forward this to your friends, and tell your friends to forward it to other people!
-----------------
Original Entry By: Fergal
Edited By: Cface
DOS Attacks or Denial Of Services Attacks have become very common amongst Hackers who use them as a path to fame and respect in the underground groups of the Internet. They are basically a way of denying valid Internet and Network users from using the services of the target network or server. It basically means, launching an attack, which will temporarily make the services, offered by the Network unusable by legitimate users.
In other words, a DOS attack is one in which you clog up so much memory on the target system that it cannot serve legitimate users. Or you send the target system data packets, which cannot be handled by it and thus causes it to either crash, reboot or more commonly deny services to legitimate users.
This is the most common vulnerability:
Ping of Death
This vulnerability is quite well known and was earlier commonly used to hang remote systems (or even force them to reboot) so that no users can use its services. This exploit no longer works, as almost all system administrators would have upgraded their systems making them safe from such attacks.
In this attack, the target system is pinged with a data packet that exceeds the maximum bytes allowed by TCP/IP, which is 65 536. This would have almost always caused the remote system to hang, reboot or crash. This DOS attack could be carried out even through the command line, in the following manner:
The following Ping command creates a huge datagram of the size 65540 for Ping. It might hang the victim's computer:
ping -l 65500 ip
Distributed DOS Attacks
DOS attacks are not new; in fact they have been around for a long time. However there has been a recent wave of Distributed Denial of Services attacks which pose a great threat to Security and are on the verge of overtaking Viruses/Trojans to become the deadliest threat to Internet Security. Now you see, in almost all of the above TCP/IP vulnerabilities, which are being exploited by hackers, there is a huge chance of the target's system administrator or the authorities tracing the attacks and getting hold of the attacker.
No system connected to the Internet is safe from such DOS attacks:Including Unix, Windows NT . Even MacOS has not been spared, as some of them are being used to conduct such DDOS attacks.
So what have we learned in this DOS Hacking Entry?
The command KILLER was looking for is:
ping -l 65500 ip
Special Thanks to Fergal for original entry, sorry i had to edit it!
Don't forget to forward this to your friends, and tell your friends to forward it to other people!
-----------------
Please give us your feedback on this email! Send your feedback to scarpuppetface@hotmail.com we appreciate any and all feedback, negative or positive
DOS HACKING EMAIL ORIGINALLY BY: Cface & KILLER |
|
|
|
|
|
|
|
|
Posted: Mon Jan 10, 2005 9:33 pm |
|
|
any2000 |
Active user |
|
|
Joined: Dec 02, 2004 |
Posts: 26 |
|
|
|
|
|
|
|
good info thanks waraxe |
|
|
|
|
Posted: Thu May 05, 2005 1:05 pm |
|
|
Arch3typ3 |
Beginner |
|
|
Joined: May 05, 2005 |
Posts: 1 |
Location: Aus |
|
|
|
|
|
|
so say im on a network with guest privledges and wish to gain admin powers. what ways are there to acheive this and can it be done through dos... we login using novell and im not to sure how or what can be done... besides keylogging the computer the admin logs onto and gettn there user/pass stuff... plus we have to open cmd prompt a hardr way.. we make a notepad file save it as .bat allow extensions thing to be viewed or sumthing then it changes it to bat.. then we put in
print (anything)
cmd
pause. basically all we need admin stuff for is to install games with reg entries as this has been blocked by admin. any ideas or stuff pm me or what ever |
|
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|