Follow us on Twitter!
It is the path of least resistance that makes rivers and men crooked. - Bj Palmer
Wednesday, April 16, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 17
Guests Online: 17
Members Online: 0

Registered Members: 82807
Newest Member: Black Hawk
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-02-06 09:25
Hi,
I am currently a computer tech who fixes computers and networks and stuff like that. I recently have found my self up against hackers and realized to stop them I am going to have to understand how they work and how to hack.

I have set up two computers connected by a simple hub/switch, they have basicly no security and firewalls (I guessed I would need to know how to do the basics before tackling security and stuff like that). I have put a textfile in My Documents on computer 1 and my goal is to be able to get to that textfile and read it on computer 2, so what do I do now?

Thanks

RedX
Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-02-06 13:52
At last! Somebody who requires help who is not a complete and utter dimwit. Awesome post, giving us exactly what you need to know. Wow, i wish we had people like this on everyday.

Anyway, to answer your question, i cant. You'll have to speak to someone more experienced in this field. Im sure metsoc, jake or newtype will be more than willing to point you in the right direction.

Will.


Author

RE: Basics to hacking

AldarHawk
Member



Posts: 1690
Location: Canada
Joined: 26.01.06
Rank:
Hacker Level 1
Posted on 08-02-06 14:23
The first step to hacking a computer is finding it. Basic Scans of given IP Range will get you information you need to find the computer. Then look for open ports and try to look into those open ports (Most likely since no FW they will all be open Wink ) then you need to look into getting the NetBIOS name (I am assuming theses are Windows machines seeing as you are talking about My Documents) then you should see if you can connect the the base hard drive with a NET USE command. This will allow you access to the said computers Hard Drive and you will be able to browse around for the said files. If you want any more information PM me and I can give you a few small pointers. (I am a Network Engineer at a company and Security IS a large part of our jobs.)

Hope this helped.


Just ask Yahoo!Taboo! http://www.erikwestlake.com
Author

RE: Basics to hacking

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 08-02-06 18:31
redx wrote:
Hi,
I am currently a computer tech who fixes computers and networks and stuff like that.


Ah, cool. You a CCNA? (I'm currently considering getting it, through a few classes at my school)

So, you want to access the text file huh... What OSs are on these boxen? If its something simple, or has a NetBIOS share, it could be as easy as connecting to it... Or, it could get a bit more complicated...

Do these boxen have any special services or daemons running? Or are they just standard end-user PCs?

Anyways, I'd be more than happy to help you, feel free to contact me by email (its in my profile), or on AIM (my nick is n3w7yp3).

Oh yea, if you have a *nix box, you can have some fun with that switch. Smile



"Root is a state of mind" -- K0resh
Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-02-06 20:42
Right, so I think I get the idea if I was using two XP machines and the over all general idea of hacking now, thanks a lot guys.

I should have been a bit more persific, I am actually using an Apple MAC OS X to hack into windows. The idea is that I will be able to plug my laptop into a troubled network (Laptop = MAC) and do my stuff from it because it will have all my software on it.
Computer 1 = MS Windows XP
Computer 2 = Apple MAC
On my Mac it has some software which comes with it called Network Utility, using it I have pinged Computer 2 and have successfuly sent and recieved 10 packets.
Network Utility also allows you scan the ports of an specified IP address and you can specify which ports to scan also or otherwise if you leave the field blank it will scan all the ports. Should I scan only obvious ports (if there is any) or all of them (takes ages... or maybe it is because I am impatientSmile)

I also, I just want to conferm this: Depending on what you firewall is depends on what ports it blocks - Is this true? For example: If you have a Standard Windows XP Pro firewall on your PC does it block the same ports as Nortan firewall?

CCNA - Getting There Smile

Thanks for your coments

RedX
Author

RE: Basics to hacking

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 08-02-06 21:46
Well, any good firewall will have a deafult deny. Not sure about Windows built in firewall, nor am I sure about Nortan. I'm a Linux user, and to be honest don't have a PC running Windows ATM.

Ah, Mac OSX excellent choice. Its actually derived from FreeBSD, so its a pretty cool OS. For portscaning, I'd recommend you use nmap (avalible from http://www.insecu. . .).

BTW, you mentioned that you have several devices on this network. Do they have SNMP enabled (UDP port 161)? If so, you can use the `snmpset' and `snmpget' commands to return info about the device. Probably won't help much as they're your devices, but you can actually reconfiguer them via `snmpset'.


"Root is a state of mind" -- K0resh
Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-02-06 00:33
I'll reply more tomorrow when I'm not so tired, its late and I can't think right now.

But, if I were you, I get some alternatives to apple's Network Utility. It's quite nice and easy to use, but it doesn't give you many options. For instance, the port scan can only scan TCP ports, using a simple TCP connect() scan - no stealth (though stealth is not necessary in this situation). Get nmap, its great, and you're gonna need it if you wanna scan UDP like n3w7yp3 said.


Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-02-06 02:34
n3w7yp3 wrote:
Ah, Mac OSX excellent choice. Its actually derived from FreeBSD, so its a pretty cool OS. For portscaning, I'd recommend you use nmap (avalible from http://www.insecu. . .).


MAC OSX derived from FreeBSD, really! Never new that. Interesting.
I have heard of FreeBSD but havn't looked into it much, is it worth looking at? I am thinking of daul booting MAC OSX and UBUNTU (Linux). Also I just download Nmap before reading your post and i have also seen a lot of different people recommend Nmap is I am going see what it is like.

Thanks for all your help guys, also any more information you think I should know or software that would help me in my field please let me know.

Thanks Again

RedX
Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-02-06 02:41
n3w7yp3 wrote:
Oh yea, if you have a *nix box, you can have some fun with that switch. Smile


I was just re-reading everyones posts and what you said n3w7yp3 cought my eye. By *nix do you mean Linux? And if so, what do you mean about having "fun with that switch"?

You have me very interested... Smile

RedX
Author

RE: Basics to hacking

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 09-02-06 19:13
*nix == Any UNIX varient (Linux, FreeBSD, OpenBSD, AIX, etc).

Well, break out nmap, and see if SNMP is enabled on the devices (nmap -vvv -sU -sV -p161,67,69,777 target_host). In that scan, we're looking for port 161, and 69 (TFTP). 67 is enabled on many Cisco devices (at least according to the unrealible `show ip sockets' command), but I'm not sure what its for. 777 is just a control port, as nothing should be on it. -sV is for version detction, and -sU sepcifys a UDP scan.

If you have access to 161, its possible to actualyl re-configre the device, provided you have the RW community string. Even if you only have a RO string, its still possible to grab configuration files, etc. If you have access to TFTP, you can grab the configs that way as well.

If you have an intrest in auditing network devices, I highly recommend you read the Excellent Hacking Exposed: Cisco Networks. It was poublished in 2006 (and thus is very recent), and has lots of good info.


"Root is a state of mind" -- K0resh
Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-02-06 22:15
Okay, everything set up and running. I am currently not connected to my other PC at the moment though I am connected to my server. I have run a port scan and this is what it has found:

PORT STATE SERVICE
2/tcp open compressnet
3/tcp open compressnet
13/tcp open daytime
21/tcp open ftp
23/tcp open telnet
25/tcp open smtp
37/tcp open time
53/tcp open domain
79/tcp open finger
80/tcp open http
110/tcp open pop3
139/tcp open netbios-ssn
143/tcp open imap
389/tcp open ldap
515/tcp open printer
617/tcp open sco-dtmgr
963/tcp open unknown

Right, now:
2 - I am not sure what this is... (compressnet)
3 - The same as above... (compressnet)
13 - Daytime? (daytime)
21 is for uploading and download (ftp),
23 this must obviously be the internet service provider (telnet),
25 is for receiving email (smtp),
37 time? does this keep the server up to standard time so if you want it to do a certain task at a certain time? (time),
53 is for the domain name which I have registered for the server www.xxxxxxxx.com.au (domain),
79 finger? hmmm... (finger),
80 is connected to the web (duh!) (http),
110 is for all outgoing email (pop3),
143 imap? (imap),
389 ldap? (idap),
139 netbois, yes I have got a small idea of what this is, but please just explain it again (netbios-ssn),
515 is for all the printers connected (printer),
617 sco-dtmgr? (sco-dtmgr),
963 unknown - right, does this mean there is nothing there and I can just walk right into the server through this little port unhindered? lol I guess it is not the easy (unknown).

Would you guys please go over this list and clarify, check and correct anything that I have got wrong or don't know what it is.

Also what is the next step, or what is the weakest port that I should be looking at?

Thanks

RedX
Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-02-06 22:24
Hi.

Network Utility is a great tool, because it's just an interface to some Terminal commands, so it gives you a lot of power. If you want any REALLY mac-specific help, you can always PM me. I think BobbyB is on a Mac too, maybe he won't mind helping.

The best of luck.

Lambo




Edited by on 09-02-06 22:27
Author

RE: Basics to hacking

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 09-02-06 23:11
Finger is pretty good place to start. See who is logged in by typing:

$ finger -l @[IP address or hostname]

You can also finger specific users, by appending thier login name before the @ symbol. This is a gold mine for enumeration.

Daytime returns the time. Telnet to the port and see what I mean.

SMTP is for ending email, POP3 or IMAP is for recieving it ;)

IMAP is like a more advanced version of POP3.

LDAP is the Lightweight Directory Access Protocol. It usualyl stores some kind of data. Many versions of Novell ZENworks store the logon info in an LDAP tree. This service can provide you with all sorts of goodies.

NetBIOS is windows file sharing, and is notoriously buggy (especially if you're able to initate a NULL session).

To view more info about the ports, give nmap the -sV argument. That does a version fingerprint (similar to a banner grab).

As far as what to look at next, examin whats going on with finger, and then try some logical passwords gainst the accounts you've discovered with TELNET. Probably won't get you anywhere though...

Oh yea, one last thing about the DNS server. Its possible to grab all the hosts via a zone transfer (this usually doesn't work, but it may be worth a shot). Type:

$ host -l [site] [server]

So, if my site was example.com and the server's IP was 192.168.1.119, I'd type:

$ host -l exmaple.com 192.168.1.119

Like I said, most DNS server will not allow zone transfers any more, but its worth a shot. You may also try pushing it into TCP mode (-T) as DNS is over UDP.




"Root is a state of mind" -- K0resh

Edited by n3w7yp3 on 09-02-06 23:11
Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-02-06 00:05
Here's my personal guess on this thread-

It's bullshit. I'm just guessing that's a portscan of his school's main server, given that those are the services enabled, (at least on the firewall level,) and that he would know well in advance what those all were if he ran them himself.

If you want to ask how to do stuff, FINE, don't lie about it.

This is speculation, so don't whine.


Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-02-06 03:04
Right, I am not going to rant and rave on about you because it will be a waste of forum space and my time but I will say this:

First: This server is mine. A tech friend set it all up for me at the start of last year beause back then I new about as much as a teaspoon about networking. I have not been using it much at all (only to test my skills at programming in javascript, SQL and PHP). Now I will admit that I am only a junior tech trying to learn but I am not getting much experience in network security where I am currently working at now so I thought I would try to teach myself.

Second: The local school has a network set up so bad that a 12 year old could bring down in day.

Anyway, Fair enough to question me...

RedX
Author

RE: Basics to hacking

knutrainer
Member



Posts: 243
Location:
Joined: 08.07.05
Rank:
Apprentice
Posted on 10-02-06 03:47
I wouldn't underestamate the power of a 12 year old.


img389.imageshack.us/img389/974/knu5ui1ja.jpg
~PM me if you need help or instant message me.


knutrainer@gmail.com
Author

RE: Basics to hacking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-02-06 05:30
lol, do you know how many of them are here? I'm 22 and like-- whoa! I wish I started that young. =(

SwiftNomad