facing a problem

[UrDaddy]

I was going through some of the posts posted on AO and I found a link to this site on one of the posts. http://www.hackerthreads.org/.

There I was studying simple NetBios hack article and the author explained it clearly how to access computers on the network. I have two computers interconnected but I was not able to connect to the other computer.

You can read the article here http://threaded.homeunix.net:8080/tutorials/netbios.php

Now, I think that there in the article he said something related to LMHOST file and how to insert ip in that. I think that the only way of me not being able to connect to the other pc is that I am inputting the ip in a wrong way in that file. Will you care to explain me in more detail that what should or where should i insert that ip.


There is a file in all Windows systems called LMHOST.sam. We need to simply add the IP into the LMHOST file because LMHOST basically acts as a network, automatically logging you on to it. So go to Start, Find, FIles or Folders. Type in LMHOST and hit enter. when it comes up open it using a text program such as wordpad, but make sure you do not leave the checkmark to "always open files with this extension" on that. Simply go through the LMHOST file until you see the part:


I think that the problem lies somwhere at the following part:


# This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts
# files and offers the following extensions:
#
# #PRE
# #DOM:
# #INCLUDE
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry in the file with the characters "#PRE" will cause
# the entry to be preloaded into the name cache. By default, entries are
# not preloaded, but are parsed only after dynamic name resolution fails.
#
# Following an entry with the "#DOM:" tag will associate the
# entry with the domain specified by . This affects how the
# browser and logon services behave in TCP/IP environments. To preload
# the host name associated with #DOM entry, it is necessary to also add a
# #PRE to the line. The is always preloaded although it will not
# be shown when the name cache is viewed.
#
# Specifying "#INCLUDE " will force the RFC NetBIOS (NBT)
# software to seek the specified and parse it as if it were
# local. is generally a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# It is ALWAYS necessary to provide a mapping for the IP address of the
# server prior to the #INCLUDE. This mapping must use the #PRE directive.
# In addtion the share "public" in the example below must be in the
# LanManServer list of "NullSessionShares" in order for client machines to
# be able to read the lmhosts file successfully. This key is under
# \machine\system\currentcontrolset\services\lanmans
erver\parameters\nullsessionshares
# in the registry. Simply add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE
# statements to be grouped together. Any single successful include
# will cause the group to succeed.
#
# Finally, non-printing characters can be embedded in mappings by
# first surrounding the NetBIOS name in quotations, then using the
# \0xnn notation to specify a hex value for a non-printing character.

Read this over and over until you understand the way you want your connection to be set. Here's an example of how to add an IP the way I would do it:


#PRE #DOM:255.102.255.102 #INCLUDE

Pre will preload the connection as soon as you log on to the net. DOM is the domain or IP address of the host you are connecting to. INCLUDE will automaticall set you to that file path. In this case as soon as I log on to the net I will get access to 255.102.255.102 on the C:/ drive. The only problem with this is that by doin the NETSTAT command while you are connected, and get the IP of your machine. That's why it only works on simple PC machines. Because people in these days are computer illiterate and have no idea of what these commands can do. They have no idea what NETSTAT is, so you can use that to your advantage. Most PC systems are kind of hard to hack using this method now because they are more secure and can tell when another system is trying to gain access. Also, besure that you (somehow) know whether they are running a firewall or not because it will block the connection to their computer. Most home systems aren't running a firewall, and to make it better, they don't know how operate the firewall, therefore, leaving the hole in the system. To help you out some, it would be a great idea to pick up on some programming languages to show you how the computer reads information and learn some things on TCP/IP (Transfer Control Protocol/Internet Protocol) If you want to find out whether they are running a firewall, simply hop on a Proxy and do a port scan on their IP. You will notice if they are running a firewall because most ports are closed. Either way, you still have a better chance of hacking a home system than hacking Microsoft.

thanks.

Best Regards.

[Maverick811]

Originally posted here by UrDaddy
I was going through some of the posts posted on AO and I found a link to this site on one of the posts. http://www.hackerthreads.org/.

There I was studying simple NetBios hack article and the author explained it clearly how to access computers on the network. I have two computers interconnected but I was not able to connect to the other computer.

You can read the article here http://threaded.homeunix.net:8080/tutorials/netbios.php

Now, I think that there in the article he said something related to LMHOST file and how to insert ip in that. I think that the only way of me not being able to connect to the other pc is that I am inputting the ip in a wrong way in that file. Will you care to explain me in more detail that what should or where should i insert that ip.

thanks.

Best Regards.

Just for future reference, the link to that article will suffice, you didn't have to post parts from it..

Regarding your testing problem - you'd have to have NetBIOS installed and for file and print sharing to be enabled for this to work. What is your setup too? ie Operating Systems, etc. Further, you really don't even need to add this line to your lmhosts file. What this article is discussing can be done without going through all the steps that they describe...

NetBIOS, in my opinion, is one of the easiest ways for someone to gain access to a system...

[bballad]

I agree that Netbios is inherently insecure...but in a mixed 98/nt environment I could never get 98 to see the network unless Netbios was installed. It was a unfortunate necessity. The work around today being get rid of the 98 boxes but at the time there was no choice.

[Maverick811]

I'm assuming that by seeing the network you mean machines showing up in Network Neighborhood? If I'm thinking right you can still connect to other machines via Start -> Run -> \\xxx.xxx.xxx.xxx of the machine... But it would be a pain to go this route..

[bballad]

Basically correct, no network neighborhood. I could do a net use command but I cant expect users to do that

Either way you shouldn’t need to modify LMHosts at all.

UrDaddy can your two machines ping each other?

[UrDaddy]

Originally posted here by Maverick811



Just for future reference, the link to that article will suffice, you didn't have to post parts from it..

Regarding your testing problem - you'd have to have NetBIOS installed and for file and print sharing to be enabled for this to work. What is your setup too? ie Operating Systems, etc. Further, you really don't even need to add this line to your lmhosts file. What this article is discussing can be done without going through all the steps that they describe...

NetBIOS, in my opinion, is one of the easiest ways for someone to gain access to a system...

Actually, Win XP is installed on both my pcs which are interconnected.

I am not trying to setup a Lan. I have two computers and i connected them together so that i can share internet on both. I just read that article and was experimenting that whether I will be able to connect to the other pc and can see the stuff in there or not. But after writing everything in the lmhost file and then finding the computer with the ip, i still get the same shared folders. So, i was stuck that y i am not able to connect to that pc as there is no antivirus installed on that pc.

Well I have no idea whether I installed netBios or not. I just typed the commands on dos prompt and it was exactly how that article was. So, I was going all along well until I stuck somewhere at lmhost file thing and am still not able to get out of it.

But try try again.

Originally posted here by bballad
Basically correct, no network neighborhood. I could do a net use command but I cant expect users to do that

Either way you shouldn’t need to modify LMHosts at all.

UrDaddy can your two machines ping each other?

Well not really. That is another thing which i discovered and am not able to figure out why are they not pinging each other........

Originally posted here by bballad
Basically correct, no network neighborhood. I could do a net use command but I cant expect users to do that

Either way you shouldn’t need to modify LMHosts at all.

UrDaddy can your two machines ping each other?

Well not really. That is another thing which i discovered and am not able to figure out why are they not pinging each other........

[Maverick811]

OK, so what is your setup? Are you connected to a switch, router, hub, two PC's connected via crossover cable? Are you assinging IP addresses manually? Are you connecting to a cable/dsl modem?

[phishphreek]

In regards to the lmhosts file...

Source

Specific to Windows, the LMHOSTS file is a plain text file (without a file extension ) that tells your computer where to find another computer on a network. The file resides in the Windows directory, and it lists the computer names (NetBIOS ) and IP addresses of machines you access on a regular basis.

It is similar to the hosts file. It is basically a local DNS table.
The machine will look at the hosts and lmhosts file before it goes to a web/network DNS server.

One of the best ways to use the hosts file is on a small lan.

If you have an computer assigned to a static ip address, you can use the hosts file to call it by name. Say I have have a pc called linuxbox and it has an ip of 192.168.1.25

I would put this in the hosts file so I can call on it via linuxbox instead of typing the IP everytime.

192.168.1.25 linuxbox

Another good use of the hosts file is to block ad servers.

127.0.0.1 ads.adserver.com

That way, the PC will look to the hosts and find that the file server is supposed to be on the local machine. Since it is not... it will not display the ad. This can help your internet speed if you are on dial up. On DSL/Cable... it is more of a way to just get rid of those annoying ads that are always flashing before you.

Unless you have the m$ LAN Manager installed, you will have to use the hosts file.
The LAN Manager calls on the lmhosts file and it will look to the hosts file if you don't have it installed.

The location of both of these files is:
On 9x: c:\%systemroot%
nt/2k/xp c:\%systemroot%\system32\drivers\etc

These files are hidden by default (I think) and you have to use the show all files option to get them to show up in a search.

As far as your netbios "hack" is concerned...

from command promt... type

c:\>net use n: \\ipaddress\sharename

if the share is hidden, append a $ onto the ned of the sharename.

To find out what shares are available use the net share command

c:\>net share \\ipaddress

NET [ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP |
HELPMSG | LOCALGROUP | NAME | PAUSE | PRINT | SEND | SESSION |
SHARE | START | STATISTICS | STOP | TIME | USE | USER | VIEW ]

Those are the rest of the net commands.
To find out more about them... type

net [option] /?

Rioter wrote a pretty good tutorial on netbios HERE.

[Zonewalker]

<sigh> Urdaddy... I wish you had mentioned all the above in your PM to me... it would have saved me a couple of minutes answering your question. Answer Mavericks questions first and then read what Phish is saying.

Incidentally if you have Win XP and you haven't done anything to modify the TCP/IP properties on the network connection, netBIOS is installed by default on XP.

Z

[UrDaddy]

I have Windows XP professional installed on both the pcs and they are connected by crossover cable. I have cable connection of 1.5mbps. Well I have given the ip address to both the pcs manually.