:cool:
Anyone know of a website or tutorial or what not that explains the workings of windows net bios. What it does exactly and how it works? In depth or not, anything will help.
Thanks.
Raven
Printable View
:cool:
Anyone know of a website or tutorial or what not that explains the workings of windows net bios. What it does exactly and how it works? In depth or not, anything will help.
Thanks.
Raven
Netbios a.k.a. port 139 a.k.a. file sharing port
Port 139? I thought it used 137/138?Quote:
Originally posted by limp1058
Netbios a.k.a. port 139 a.k.a. file sharing port
It uses 137 TCP/UDP, 138 UDP, and 139 TCP.
netbios-ns 137/tcp NETBIOS Name Service
netbios-ns 137/udp NETBIOS Name Service
netbios-dgm 138/tcp NETBIOS Datagram Service
netbios-dgm 138/udp NETBIOS Datagram Service
netbios-ssn 139/tcp NETBIOS Session Service
netbios-ssn 139/udp NETBIOS Session Service
NetBios Names are the names of Microsoft machines. They contain 16 characters: 15 alfanumeric ones, and one special character to assign functionality. There are 3 possibilities for Name Resolution for NetBios Names: broadcasts, LMhosts files or WINS server (depends on type of node). Node selecting is done in registry.
Node types:
b-node broadcast mode (broadcast)
p-node point-to-point mode (WINS server)
m-node mixed mode (broadcast, then WINS)
h-node hybrid mode (WINS, then broadcast)
NetBios Lookup:
1. NetBios Name Cache --> 2. NetBios Name Server --> 3. Broadcast --> 4. LMhosts file --> 5. Hosts file --> 6. DNS Server.
NetBEUI (NetBios Extended User Interface):
Nodes don't have a logical adress, NetBios names are used instead. This protocol is NOT routable! No logical adress means broadcasts must be used all the time --> creates an enormous ammount of broadcasts --> this sucks!
The only advantage: it's soooo easy to use.
You can install the NetBeui protocol when you want to enable file-and-print sharing --> you don't bind TCP/IP with File And Print Sharing, but instead you bind NetBeui to it...
Hope this helped you out...
google.com, use their directory search, their plain search is cool too. 99.9% of the time, you'll find what you want there.
You're really big on this google thing, aren't ya?
Google is the answer to all our problems!
Not really, that position is taken by Duct Tape!
port 139 is for netbios u can hack any system whose netbios file sharing is unable and who is sharing his HD u can upload backdoor in the victim system and u can run it and after that u can use ur trojan to get connected but to prevent urself simple install firewalls , basically the problem i have mentioned here is with WIN NT users if im not mistaking. There is something abt LMHost file ( as mentioned by Negative) u have to alter it ur using win NT , u have to enter the IP and the directory which he/she is shraing and then u can browse the victim like u browse ur explorer
I will post detail ( my own ) in new thred.
Ok, KakoKool, you only one thing in mind, being displeasant, aren't you ?
Someone asks details on a particular protocol, and you come back "Yeah, you can HaXoR this l4m3r ..."
If only you posted something really useful ... but no!
Jean-Francois
Hello,
You may have a look to this :
http://publibz.boulder.ibm.com/cgi-b.../EZ306201/4.18
I read it, it's quite interesting. Don't forget you can also have a look at the RFC covering this!
Jean-Francois