lmfao...... I wasn't thinking neophyte at all.... Lmfao ummm.... when your trying to ask basically how to hack by telnet, just go to google.com and type in Telnet Exploits or something......
Printable View
lmfao...... I wasn't thinking neophyte at all.... Lmfao ummm.... when your trying to ask basically how to hack by telnet, just go to google.com and type in Telnet Exploits or something......
The problem with your question is that it's wayyy to broad.
First of all, a buffer overflow wouldn't work on a properly written telnet (or any other service) server. Otherwise the internet would be nothing but a bunch of exploited websites etc.
Another thing is that windows doesnt have a default telnet server, and if your talkin about hacking a BSD or Linux box then your practically into a whole different subject.
I'll try to give you the low-down without telling you "How to hack into Hotmail", lol...
What I do:
- Check for the really basic ****: SMB/ Netbios Network shares, Telnet Servers, FTP Servers, etc. If there are any then I write down the name of the server software (usually says during login) and then go on the interweb and check for any known vulnerabilities. Unless of course... They have SMB network shares, in which case they're dead.
Next:
- Full range portscan: I wouldnt suggest this against a non-windows box, cause its the electrical equivalent of smashing down the bank door with a sledge hammer. This sound ridiclious, but over high speed DSL (Mine= 1.5mbs up 6.0mbs down) it actually doesnt take that long. If you dont have a good connection aka <512k then just scan the first 1024 ports, all the most common services are there.
When I get a list of ports I try to directly connect to each one with telnet, because the login messages sometimes let you know what service it is. If I cant find out what they are from that, and i dont already know (aka really common services) then I go back to the interweb and do a search for that port # and see what it is.
[glowpurple]YOU CAN ALWAYS FIND OUT WHAT A PORT DOES[/glowpurple]
If you cant your not trying hard enough.
Then if i dont already know some exploits for that service I go to the interweb and try to find some, or I Download the software and try to find some myself. Oh yeah, and if I want a username to try then I try to grab the remote NAMETABLE - very good method
Stupid windows tells u who is currently logged on, and they sometimes use that username 4 other stuff. Do this at the command prompt by: NBTSTAT -A ipaddresshere
The A has to be capital.
- Last effort: If the first two options dont work, then I usually get desperate and start trying the weird ****. Examples:
SNMP Walking
Try to buffer overflow every service they got... lol... <- this gets u BUSTED
And one more crazy thing that I havent heard of anyone else trying:
I ping them, then i look at the reply in code form.
This can tell u what OS they are using, windows sends the alphabet.
SOME OS's SEND RANDOM DATA FROM RAM! <- This has possibilities
Anyhow, thats roughly what i do, or most of it.
That should be enough 4 a report without teachin u to hack ur friends hotmail acc.
- Trak
Well, he did ask how to executer a remote shell, and the answer to that is VERY simple, if you are running unix.
rsh <machine>
rsh stands for remote shell... Good luck doing anything with it though...
good answer smirc.
If you've read all those books and actually taken the time to understand them, you'd know the process by now.
You asked a question, we are very definitely not going to provide you with the 'how do I hack' style of answer you're looking for. We have no way of knowing whether or not you're being honest when you say you're learning it for security reasons, so we err on the side of caution. Seems a reasonable thing to me.
I do think that if you've really read a lot of books on the subject, you'd have a bloody clue how to do it by now, but hey, maybe I'm just expecting too much from someone who has enough IQ to log onto the Internet and use AO's forum.
nice.
hmm nice.
very interesting.
damn hackers!!
I sort of thought the books would make the particular question un-necessary. If they contained the right information, then it should have been read and understood. If they didn't, then they must contain enough background information for a simple search to turn up particulars.
I think his signature is indicative of something:
Quote:
__________________
CyberArmy 4ever!!!
Ok Screw all of you *******s all im trying to do is learn my future feild and you dickheads are just trampling all over me just for the fun of it, ****ers!!!!!!!!!!!!!!
Whos the idiot that gave NetwrkBurn positive points for him starting this thread.... i dont see how anyone can consider that even something worth reading... just another Cyber Army 1337 wannabe