| Author |
telnet and remote access |
TommyCat
Member
Posts: 35
Location:
Joined: 23.08.05
Rank: HBH Guru |
|
Hello. I have some knowledge about hacking.. I have used some remote administration tools in the past, like net devil, sub seven, pro rat. I also did some research on how this RAT's work. I am also familliar with Putty as I used few irc bouncers in the past. I have some knowledge of HTML, C++, VB, and I am currently working at my own trojan and RAT, coded in VB6. I even begun to learn linux.. started with a Knoppix LiveCd for now  .
OK.. now my problem. As I said before, I used some RAT's in the past. The problem is that I was infecting the victims only by social engineering. I now try to learn how to gain access without the victim knowing it. I have NetCat for windows and I tried something:
I port scanned myself. Port 23(TelNet) was closed. Ok.. I opened and listened to it with netcat. Now I open a cmd window and start a TelNet session. I try to connect to my own computer, knowing that port 23 is open and it doesn't work. I have also tried that with other ports. Nothing works. I think I am missing something here because i ask myself: How can i learn to gain acces in another machine if i can't even acces mine with the whole damn door open? I try this for over a week now.. done some reading etc.. google is my desktop background.. so i use it a lot. I'm beginning to be a little frustrated here. I need some hints please.
It's the final CountDowN |
|
| Author |
RE: telnet and remote access |
Uber0n
Member
Posts: 1963
Location: Sweden
Joined: 13.06.06
Rank: God |
|
I can tell you that you won't be able to infect people just by knowing an open port on their computer; it requires some kind of vulnerable service to be running as well 
http://uber0n.webs.com/ |
 
|
| Author |
RE: telnet and remote access |
skathgh420
Member
Posts: 418
Location: 127.0.0.1
Joined: 03.03.08
Rank: God |
|
Uber0n wrote:
I can tell you that you won't be able to infect people just by knowing an open port on their computer; it requires some kind of vulnerable service to be running as well
Or brute forcing. (just throwing it out there  )
 |
 
|
| Author |
RE: telnet and remote access |
Uber0n
Member
Posts: 1963
Location: Sweden
Joined: 13.06.06
Rank: God |
|
skathgh420 wrote:
Or brute forcing. (just throwing it out there )
How would you bruteforce a file into someone's computer? 
http://uber0n.webs.com/ |
|
|
| Author |
RE: telnet and remote access |
skathgh420
Member
Posts: 418
Location: 127.0.0.1
Joined: 03.03.08
Rank: God |
|
Uber0n wrote:
skathgh420 wrote:
Or brute forcing. (just throwing it out there )
How would you bruteforce a file into someone's computer?
Lol sorry I wasn't clear. You could brute force a login on ftp, or something else, and upload the file.
|
|
|
| Author |
RE: telnet and remote access |
TommyCat
Member
Posts: 35
Location:
Joined: 23.08.05
Rank: HBH Guru |
|
Uber0n wrote:
I can tell you that you won't be able to infect people just by knowing an open port on their computer; it requires some kind of vulnerable service to be running as well
It's an ordinary windows XP machine.. service pack 2, with telnet service stopped by default. So It's not like I can bruteforce a telnet login or ftp login.. I did a port scan on a friend's computer (that agreed for my learning purposes) 1 to 30000 (I'll continue till 65535 later, as it took me a while ) and it didn't show any open ports. That leaves me asking myself if is there any way to open a port remotely without having any kind of access to that machine. ??
and if there was a vulnerable service running, should there be an open port? or can i open it remotely given the fact that the machine i'm trying to access has that specific vulnerable service running?
It's the final CountDowN
Edited by TommyCat on 04-11-08 17:13 |
|
|
| Author |
RE: telnet and remote access |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
|
TommyCat wrote:
1. Is there any way to open a port remotely without having any kind of access to that machine. ??
2. If there was a vulnerable service running, should there be an open port?
3. Can i open it remotely given the fact that the machine i'm trying to access has that specific vulnerable service running?
1. No.
2. If there is a service of any kind offering some sort of functionality (web server, file server, file sharing, etc.), then yes, there should be an open port.
3. If you can compromise a running service on an open port, then you can most likely find a way to open others, yes. It depends on what level of access the compromise gives you.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: telnet and remote access |
TommyCat
Member
Posts: 35
Location:
Joined: 23.08.05
Rank: HBH Guru |
|
|
Zephyr_Pure wrote:
1. No.
2. If there is a service of any kind offering some sort of functionality (web server, file server, file sharing, etc.), then yes, there should be an open port.
3. If you can compromise a running service on an open port, then you can most likely find a way to open others, yes. It depends on what level of access the compromise gives you.
But let's say that we have a situation in which the machine does not offer any kind of functionality like web server, ftp server, file sharing. It's just a machine running windows xp that a person uses to browse the web, read email, instant message and play computer games. Nothing out of the ordinary. The only thing that my machine and that machine have in common is the ISP. As I said before, the other machine is the property of a neighbour that agreed that I coud try and gain access to his machine for learning purposes.
Not even telnet server is running on that machine. ( if it was running i wouldn't have posted ) hope someone can make me understand what i'm trying to understand.
It's the final CountDowN
Edited by TommyCat on 04-11-08 18:20 |
|
|
| Author |
RE: telnet and remote access |
bullet
Member
Posts: 113
Location: Croatia
Joined: 20.03.08
Rank: Uber Elite |
|
i think that you can send him a trojan and it will open port .you can take it here on hbh if you are scblockedript kid, but i think that you can use it ones or twice for learning and later make one. (sorry if i am wrong lol)
noobs pm me for help
teach me i want o learn
 |
|
|
| Author |
RE: telnet and remote access |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
|
TommyCat wrote:
It's just a machine running windows xp that a person uses to browse the web, read email, instant message and play computer games. Nothing out of the ordinary. The only thing that my machine and that machine have in common is the ISP. As I said before, the other machine is the property of a neighbour that agreed that I coud try and gain access to his machine for learning purposes.
Not even telnet server is running on that machine. ( :) if it was running i wouldn't have posted :) ) hope someone can make me understand what i'm trying to understand.
Is your target behind a router? That could also be a target (and also the reason why you're seeing "no open ports").
If I recall correctly, Windows XP (and probably other OS's) use ports for their own local system services (such as the Workstation and Server services). You could do research on what ports these services normally operate on, then hunt for exploit techniques (the Server service is actually mentioned in a recent news item here) and craft a packet from that. For now, let's just assume that your port scan is being detected and fed false information.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility
Edited by Zephyr_Pure on 04-11-08 19:10 |
|
|
| Author |
RE: telnet and remote access |
TommyCat
Member
Posts: 35
Location:
Joined: 23.08.05
Rank: HBH Guru |
|
|
bullet wrote:
i think that you can send him a trojan and it will open port .you can take it here on hbh if you are scblockedript kid, but i think that you can use it ones or twice for learning and later make one. (sorry if i am wrong lol)
Well I'm not a scblockedript kiddie.. as I said before, I am currently developing my own trojan/RAT using VB6, but sending trojans and making someone accepting them is social engineering. I am good at this.. but I don't find it challenging. My purpose isn't to gain access to that specific machine, but learning how to do it without social engineering, I mean without having to communicate with the owner of the machine.
It's the final CountDowN |
|
|
| Author |
RE: telnet and remote access |
TommyCat
Member
Posts: 35
Location:
Joined: 23.08.05
Rank: HBH Guru |
|
Zephyr_Pure wrote:
Is your target behind a router? That could also be a target (and also the reason why you're seeing "no open ports" .
If I recall correctly, Windows XP (and probably other OS's) use ports for their own local system services (such as the Workstation and Server services). You could do research on what ports these services normally operate on, then hunt for exploit techniques (the Server service is actually mentioned in a recent news item here) and craft a packet from that. For now, let's just assume that your port scan is being detected and fed false information.
The target is not behind a router, but I'll do some research on ports used by the local system in XP. Thanks.
It's the final CountDowN |
|
|
| Author |
RE: telnet and remote access |
NigNig
Member
Posts: 4
Location:
Joined: 03.11.08
Rank: Active User |
|
only way to attack a computer with no open ports is a vulnerability in the TCP/IP stack..which unless you're a hardcore reverser, don't hold your breath finding one
EDIT: thats if there are any left anyway (probably will find a few more when IPv6 becomes widely used)
Edited by NigNig on 04-11-08 22:47 |
|
|
| Author |
RE: telnet and remote access |
hacker2k
Member
Posts: 126
Location:
Joined: 11.07.07
Rank: Active User |
|
|
NigNig wrote:
only way to attack a computer with no open ports is a vulnerability in the TCP/IP stack..which unless you're a hardcore reverser, don't hold your breath finding one
EDIT: thats if there are any left anyway (probably will find a few more when IPv6 becomes widely used)
There's obviously vulnerabilities. Nothing is foolproof.
@OP:
I don't think just practicing on a personal computer isn't very useful. In an actual attack you're going to be going for servers and stuff that are on big networks. Set up a web server and attack that. Try to set one up with a forum (maybe an old version of phpb and have HTTP,SSH,FTP, and Telnet access. First work on the web application, try to find vulnerabilities. After that, take down the services. I would recommend using older versions for these as well. After accessing it, is there a way that you can gain root (administrative) access? If you're on linux, maybe have an older kernel, find some exploits in that. For windows, just plant a file there and simulate an administrator clicking on it. |
|
|
| Author |
RE: telnet and remote access |
Uber0n
Member
Posts: 1963
Location: Sweden
Joined: 13.06.06
Rank: God |
|
There's no way to magically open a port and make it obey all your commands. You must realize that I mean otherwise you'd be able to root any computer at any time ...
http://uber0n.webs.com/ |
|
|
| Author |
RE: telnet and remote access |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
Uber0n wrote:
There's no way to magically open a port and make it obey all your commands. You must realize that I mean otherwise you'd be able to root any computer at any time ...
... I just rooted you over SMTP. Pwnz0r3d!! 
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: telnet and remote access |
Uber0n
Member
Posts: 1963
Location: Sweden
Joined: 13.06.06
Rank: God |
|
Zephyr_Pure wrote:
... I just rooted you over SMTP. Pwnz0r3d!!
Now THAT'd be interesting, lol
http://uber0n.webs.com/ |
|
|
| Author |
RE: telnet and remote access |
NoPax
Member
Posts: 70
Location: BlackCore
Joined: 11.09.08
Rank: Monster
Warn Level: 20
|
|
There is no almost no way to get the trojan on your friends PC. You can try to hide it in another file(dropper) and send it via email or msn. But there are also a few othere possibilities. FOr example there are a few exploits which you can integrate into your website. They cause that if someone visits the sude a file will be loaded in the background so that he doesn't know. Try to search for exploits in milw0rm. There were lately some for chrome.
And another think would you be interested in writting the trojan together with me. I have experience with VB6 and I already programmed some Trojans to see how it works. But they weren'T really good =) they were only for learning supose.
Greetz
NoPax |
|
|
| Author |
RE: telnet and remote access |
Uber0n
Member
Posts: 1963
Location: Sweden
Joined: 13.06.06
Rank: God |
|
|
NoPax wrote:
FOr example there are a few exploits which you can integrate into your website. They cause that if someone visits the sude a file will be loaded in the background so that he doesn't know.
As far as I know, there's no such thing as automatically uploading and executing an .exe file on a website visitor's computer... 
http://uber0n.webs.com/ |
|
|
| Author |
RE: telnet and remote access |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
Uber0n wrote:
As far as I know, there's no such thing as automatically uploading and executing an .exe file on a website visitor's computer...
Agreed... unless ActiveX has that functionality. I'm not knowledgeable enough about it to know.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
Main:
