-
Hello again.
I've been away for a little while, doing school work. I am happy to say that the NetBIOS brute forcing succeeded and I got into my brothers comp :D
He has closed down his netbios services now, but then he can't access his files from his laptop, so I am looking forward to see what he's gonna do about that.
I planted a little worm on his comp, but of course he checked around and found it.
On the other hand, the link found to www.whitehat.co.il is correct. That is enum+ with source. Happy brute forcing.
-
If your handy with java, and you say you know all about exploits, you should write a worm that will run over IE. Better yet, you should work on a password enumerator that runs over IE in java.
-
Quote:
Originally posted here by kr5kernel
If your handy with java, and you say you know all about exploits, you should write a worm that will run over IE. Better yet, you should work on a password enumerator that runs over IE in java.
I don't follow you.. I already managed to break into his system, and now I am half waiting for his reposte, and half waiting for what kind of security he will put up next.
Have I ever said I know all about exploits? I see myself as an "experienced script kiddie with basic programming skills" or some other hilarious title. I am not one for writing an entirely new, undetected worm that will run over IE. And I am NOT (and I don't think you are either) one who can get my brother to click on a link I give him that does not look nice when he wgets it and checks the source.
-
Quote:
Originally posted here by -[PM.gothtec]-
How did you get it to do SMB? The command line options are:
- l: Login file to use.
Default file -> user.txt
- s: Use the same login.
- c: Password file to use.
Default file -> dic.txt
- r: Attack FlowPoint Router.
- t: Attack Telnet.
- f: Attack FTP.
- p: Attack POP.
I don't know what to do :confused:
Not sure if you understood me right or not? I was talking about Cain & Abel. As long as you have a HUB, you will easily pick up SMB and all the other protocols... and once you sniff one up, you right click on it to send it to the cracker engine.
That is maybe something you should run now, since it's your brothers turn now.. just sit there and monitor for any kind of usernames/passwords until it's your turn again.. hehe! ;)
Keep us posted! :)
-
For the rebound... start simple and set your firewall to ignore all connection attempts from any IP but the router's on your network [the gateway computer, in your case]. If you do use your laptop and need to transfer files between it and the desktop, allow it's IP/MAC per session only. Another way is to make the gateway computer assign fixed IPs based on the MAC of the requesting NIC [sure it can be spoofed, but you are simply taking the game a step higher].
It's not fool proof, no doubt, but it will make it harder :)
-
Quote:
Originally posted here by hypronix
For the rebound... start simple and set your firewall to ignore all connection attempts from any IP but the router's on your network [the gateway computer, in your case]. If you do use your laptop and need to transfer files between it and the desktop, allow it's IP/MAC per session only. Another way is to make the gateway computer assign fixed IPs based on the MAC of the requesting NIC [sure it can be spoofed, but you are simply taking the game a step higher].
It's not fool proof, no doubt, but it will make it harder :)
thanks, it's been done as you adviced
-
im confused... if you just cracked his netbios, how did you plant a worm on his comp? wouldnt you only be getting access to share drives? you wouldnt be able to execute any files on his comp, would you? did u use the schedueler thingy?
-
Quote:
Originally posted here by Phonedog911
im confused... if you just cracked his netbios, how did you plant a worm on his comp? wouldnt you only be getting access to share drives? you wouldnt be able to execute any files on his comp, would you? did u use the schedueler thingy?
nah. much more commonplace than that. i used the startup folder :rolleyes:
-
?? he has his startup folder shared over netbios?
-
the entire drive
he didn't think i would take the time to actually brute force it. or he didn't think at all.
