|
-
April 30th, 2002, 12:34 PM
#21
lmfao...... I wasn't thinking neophyte at all.... Lmfao ummm.... when your trying to ask basically how to hack by telnet, just go to google.com and type in Telnet Exploits or something......
-
April 30th, 2002, 01:25 PM
#22
Member
The Problem
The problem with your question is that it's wayyy to broad.
First of all, a buffer overflow wouldn't work on a properly written telnet (or any other service) server. Otherwise the internet would be nothing but a bunch of exploited websites etc.
Another thing is that windows doesnt have a default telnet server, and if your talkin about hacking a BSD or Linux box then your practically into a whole different subject.
I'll try to give you the low-down without telling you "How to hack into Hotmail", lol...
What I do:
- Check for the really basic ****: SMB/ Netbios Network shares, Telnet Servers, FTP Servers, etc. If there are any then I write down the name of the server software (usually says during login) and then go on the interweb and check for any known vulnerabilities. Unless of course... They have SMB network shares, in which case they're dead.
Next:
- Full range portscan: I wouldnt suggest this against a non-windows box, cause its the electrical equivalent of smashing down the bank door with a sledge hammer. This sound ridiclious, but over high speed DSL (Mine= 1.5mbs up 6.0mbs down) it actually doesnt take that long. If you dont have a good connection aka <512k then just scan the first 1024 ports, all the most common services are there.
When I get a list of ports I try to directly connect to each one with telnet, because the login messages sometimes let you know what service it is. If I cant find out what they are from that, and i dont already know (aka really common services) then I go back to the interweb and do a search for that port # and see what it is.
[glowpurple]YOU CAN ALWAYS FIND OUT WHAT A PORT DOES[/glowpurple]
If you cant your not trying hard enough.
Then if i dont already know some exploits for that service I go to the interweb and try to find some, or I Download the software and try to find some myself. Oh yeah, and if I want a username to try then I try to grab the remote NAMETABLE - very good method
Stupid windows tells u who is currently logged on, and they sometimes use that username 4 other stuff. Do this at the command prompt by: NBTSTAT -A ipaddresshere
The A has to be capital.
- Last effort: If the first two options dont work, then I usually get desperate and start trying the weird ****. Examples:
SNMP Walking
Try to buffer overflow every service they got... lol... <- this gets u BUSTED
And one more crazy thing that I havent heard of anyone else trying:
I ping them, then i look at the reply in code form.
This can tell u what OS they are using, windows sends the alphabet.
SOME OS's SEND RANDOM DATA FROM RAM! <- This has possibilities
Anyhow, thats roughly what i do, or most of it.
That should be enough 4 a report without teachin u to hack ur friends hotmail acc.
- Trak
-
April 30th, 2002, 02:01 PM
#23
Well, he did ask how to executer a remote shell, and the answer to that is VERY simple, if you are running unix.
rsh <machine>
rsh stands for remote shell... Good luck doing anything with it though...
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
April 30th, 2002, 02:47 PM
#24
Member
It must be them again. Start the response cycle.
-
April 30th, 2002, 08:32 PM
#25
If you've read all those books and actually taken the time to understand them, you'd know the process by now.
You asked a question, we are very definitely not going to provide you with the 'how do I hack' style of answer you're looking for. We have no way of knowing whether or not you're being honest when you say you're learning it for security reasons, so we err on the side of caution. Seems a reasonable thing to me.
I do think that if you've really read a lot of books on the subject, you'd have a bloody clue how to do it by now, but hey, maybe I'm just expecting too much from someone who has enough IQ to log onto the Internet and use AO's forum.
Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
-
April 30th, 2002, 10:45 PM
#26
Trappedagainbyperfectlogic.
-
April 30th, 2002, 11:24 PM
#27
Senior Member
hmm nice.
very interesting.
damn hackers!!
my pages: (great resources for everyone)
geeksarecool.com resource for computers, hacking, virii, wutnot.
thepillbox.net archive of logs and resource for laughter.
--enjoy these pages, as they grow.
-
May 1st, 2002, 06:28 AM
#28
I sort of thought the books would make the particular question un-necessary. If they contained the right information, then it should have been read and understood. If they didn't, then they must contain enough background information for a simple search to turn up particulars.
I think his signature is indicative of something:
__________________
CyberArmy 4ever!!!
[HvC]Terr: L33T Technical Proficiency
-
May 1st, 2002, 01:43 PM
#29
Ok Screw all of you *******s all im trying to do is learn my future feild and you dickheads are just trampling all over me just for the fun of it, ****ers!!!!!!!!!!!!!!
-
May 1st, 2002, 01:47 PM
#30
Whos the idiot that gave NetwrkBurn positive points for him starting this thread.... i dont see how anyone can consider that even something worth reading... just another Cyber Army 1337 wannabe
[shadow]i have a herd of 1337 sheep[/shadow]
Worth should be judged on quality... Not apperance... Anyone can sell you **** inside a pretty box.. The only real gift then is the box..
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
