Follow us on Twitter!
Society leans ever heavily on computers, if you have the power to take out computers you can take out society. - cubeman372
Monday, April 21, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 28
Guests Online: 27
Members Online: 1

Registered Members: 82856
Newest Member: djtonyg
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

Exploits


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 28-04-11 22:18
Ok... so on a particular LAN that I happen to have access to, there is a particular computer that I am interested in (we'll just say that it's another one of mine). Long story short I want access to it. So after a short nmap scan I found out the following information:

Starting Nmap 5.00 ( http://nmap.org ) at 2011-04-28 16:52 EDT
Interesting ports on 192.168.0.109:
Not shown: 997 filtered ports
PORT STATE SERVICE VERSION
21/tcp filtered ftp
139/tcp open netbios-ssn
445/tcp open microsoft-ds Microsoft Windows XP microsoft-ds
Service Info: OS: Windows

Host script results:
|_ nbstat: NetBIOS name: *******, NetBIOS user: <unknown>, NetBIOS MAC: 00:43:20:e9:3e:63
| smb-os-discovery: Windows XP
| LAN Manager: Windows 2000 LAN Manager
| Name: MSHOME\***********
|_ System time: *******************


I tried common username/password combinations on the ftp port with no luck... I could brute force it, but I really don't want to do that as that is pretty noisy...

After googling the other ports and services, I got a rough handle on what they are and what they do. I then looked for expoits and found quite a bit. However, nowhere could I find how to use them, short of metasploit. As great of a tool as metasploit is, I would like to learn how metasploit does it (without attempting to reverse engineer it), and I would like to learn how it was done before metasploit came to be.

Please understand I am not looking for hand holding, I want to learn how to do it, not just a tutorial. I am not asking for one of you to take the next couple hours of your life to explain it to me. But possibly somebody could point me in the right direction for my journey of knowledge.

Thanks All,

Bellepheron


Edited by on 28-04-11 22:54
Author

RE: Exploits

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 28-04-11 23:47
You want to know how to run a script? Look, if you can't figure out how to use it by yourself, no one should/is going to tell you.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net
Author

RE: Exploits

starofale
Member



Posts: 218
Location: England
Joined: 05.12.07
Rank:
Moderate
Posted on 29-04-11 00:52
Look up buffer overflows.

I'm sure there is lots of information out there on writing exploits for simple programs. You'll need to learn C if you don't already know it.


Try a new search engine
Author

RE: Exploits

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 29-04-11 02:15
Before Metasploit, it was just scripts/compiled source code. All Metasploit does is nicely package the exploit for you and give you more freedom with it (like selecting your own payload), everything else is virtually the same. Basically, you would download a script and then run it via the command line, passing it arguments (like the I.P address you wanted to attack). You generally see "proof of concept" exploits in that form before a Metasploit plugin is made too, so it's not like an old relic of the "good 'ole days" or anything.


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .

Edited by stealth- on 29-04-11 02:15
http://www.stealth-x.com
Author

RE: Exploits

ellipsis
Member



Posts: 173
Location:
Joined: 13.06.09
Rank:
Uber Elite
Posted on 29-04-11 10:19
Bellepheron wrote:
139/tcp open netbios-ssn
445/tcp open microsoft-ds Microsoft Window


SMB sniffer


10000101

Edited by ellipsis on 29-04-11 10:21
Author

RE: Exploits

garabaldi
Member

Your avatar

Posts: 8
Location:
Joined: 31.03.11
Rank:
Newbie
Posted on 18-06-11 17:48
Take a look at the types of exploits you'd use on those services, and Google them. Find out what they are exactly, and how they work. Then you can get behind the scenes of Metasploit's ease of use and really find out how things work.

Also, that's an XP machine. I can think of an exploit which would work on one of those open ports off the top of my head, if you were wondering if it's exploitable.