Best NetBIOS brute forcing tool?

[Tiger Shark]

Hypronix: He doesn't need to allow anything from his firewall/router either. There is no reason for it to be talking to his box and it just leaves another exploitable hole. The router will only be passing traffic from other IP's through to the initiating box so the IP's will all be on the public network. Assuming he is using 192.168.x.x then he can drop all packets from 192.168.0.0/16.

Goth: You wanna really piss off your brother? Add a second IP address to the desktops NIC. Make the subnet 10.x.x.x and add similar to the laptop too. For example:-

Desktop:

Secondary IP Address: 10.13.127.1
Secondary subnet mask : 255.255.255.252
Secondary default gateway: 10.13.127.2

Laptop:

Secondary IP Address: 10.13.127.2
Secondary subnet mask : 255.255.255.252
Secondary default gateway: 10.13.127.2

Add entries to each computers hosts file to point the computer name to the appropriate IP address. Then let him see you connecting freely to both. It'll take him a while to work out what you are doing and as long as both computers are online he can't get onto the subnet. You'll know if he tries because one of your machines will show an IP address conflict. If you want to go further set up IPSec or similar between the two boxes, then he can't sniff and won't be able to spoof the laptop if you remove it from the network.....

That will piss him off......

[Phonedog911]

well... i guess sharing your entire hd(even with a password) is not a good idea if your little brother is trying to hack your computer

[Tiger Shark]

Phone: If he doesn't know how to turn off the default shares, (C$, Admin$ etc.), he doesn;t have any choice really.....

[Phonedog911]

sry, didnt mean to offend anybody or anything...

[Phonedog911]

admin$ and c$ were never shared by default on my xp comp(i dont thing), whats in those shares? the only thing that i can find on my comp like that is ipc$. i checked out a few tuts on netbios but they didnt really have any info on the "secret shares".

[Tiger Shark]

They aren't "secret"..... Unless you have "fiddled" with the box in Win2000/XP there is a share, ("administrative"), for each drive on the box.... Connect to \\thebox\c$ and if you have the rights it will connect and show you the entire drive..... Unfortunately, you can't "simply" disable that share... you either have to firewall it off, close NetBOIS or disable them in the registry.

[-[PM.gothtec]-]

there is a dirty way of doing it without screwing around with the registry, i think
i believe all you have to do is ENABLE sharing of c: as C (or whatever the default name is), reboot and disable it. XP won't share the same partition twice, so enabling the share disables the default one, which remains off after disabling it again.

don't quote me on that one, but I believe I've seen that work...

[Phonedog911]

the tut i was reading called them the secret shares... i tried the c$ share on my comp and it says that path doesnt exist. "net use f: \\mycomp\c$" am i not doing it right?

[SawPer]

Originally posted here by -[PM.gothtec]-
there is a dirty way of doing it without screwing around with the registry, i think
i believe all you have to do is ENABLE sharing of c: as C (or whatever the default name is), reboot and disable it. XP won't share the same partition twice, so enabling the share disables the default one, which remains off after disabling it again.

don't quote me on that one, but I believe I've seen that work...

No, if you do this in Win XP Pro, you end up with two share C$ and C. (assuming you aren't using Simple File Sharing)
In Win XP Home edition though, I don't think you have the C$ at all... (because it's limited to only allow for Simple File Sharing... I believe)