How Can We Connect To A Win System Without Trojaner ?
Results 1 to 3 of 3

Thread: How Can We Connect To A Win System Without Trojaner ?

  1. #1
    Junior Member
    Join Date
    Sep 2001
    Posts
    5

    Question How Can We Connect To A Win System Without Trojaner ?

    hi
    who can we do that? Is there any possibility to connect to a computer without upload a server. I mean not only this file shares scanning , i mean full access to the harddisk. On most computers the port 139 is open,why? And on every System there is a "server" vnbt386.vxd" when u rename this file then port 139 is close. So who knows a way?
    Share on Google+

  2. #2
    Old-Fogey:Addicts founder Terr's Avatar
    Join Date
    Aug 2001
    Location
    Seattle, WA
    Posts
    2,007

    Re: How Can We Connect To A Win System Without Trojaner ?

    Originally posted by JASON1234
    hi
    who can we do that? Is there any possibility to connect to a computer without upload a server. I mean not only this file shares scanning , i mean full access to the harddisk. On most computers the port 139 is open,why? And on every System there is a "server" vnbt386.vxd" when u rename this file then port 139 is close. So who knows a way?
    Uhm... You want to access the hard-drive (full access), when they have File/Printer sharing OFF, and WITHOUT a trojan-server? In most cases, I would say you are out of luck.

    vnb6386.vxd... VNBT... NBT=NetBios over TCP/IP. NetBios is the windows file/printer sharing protocol, originally made by IBM.

    As for "file shares scanning", isn't a shared C: drive the mostly the same as "full access to the harddisk"?

    I'm not quite sure what your question is.
    [HvC]Terr: L33T Technical Proficiency
    Share on Google+

  3. #3
    Member
    Join Date
    Aug 2001
    Posts
    44
    not sure exactly what you mean, either. You CAN usually connect to a computer, using null-sessions, to the IPC$, or Interproccess Communications Share, a share that is enabled by default, but is hidden (from like, net view, or network neihborhood).
    @s follows:
    net use \\computername\IPC$ [password]
    Of course, this password can be enumerated via the for command, or an easy script. This attack/method is rather well known, and alot of times called the 'red button' 'sploit. This will allow you to conduct reconaisance on the computer, and is a good place to start.

    More or less, besides buffer-overflow attacks where what you want to do is the payload of the 'sploit, cracking $hares is the only way to do what you are speaking of.

    When cracking shares, also be aware of account lockouts. To see how many times you can try unsuccessfully to log-in to an account before it is locked-out, attack the user Guest, because even if the account is disabled, you can still attack it, and it will tell you when the account lockout parameters have been reached.

    OverandOut.
    comJo
    OverandOut.
    ~comJo

    ---....Loading: 1x 2x 3x
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •