Follow us on Twitter!
Capitalism is an Island of wealth in a sea of poverty
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 31
Guests Online: 24
Members Online: 7

Registered Members: 82895
Newest Member: kevy90
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

S v D War


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 17:08
Ok my dad does alot of network stuff at his work. Secretly iv been learning as much as i can about hacking a computer through LAN. Just last night he challenged me to a kinda RootThisBox contest. He brought home an old computer and set it up last night. Now this morning i was able to telnet onto it. But whenever i try to get into it, it says "Access Denied" so i know my dad put some kinda passwords on it. Is there a way to get around this? Or even change it?

Thanks in advanced

-Krazy
Author

RE: S v D War


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 18:10
Lol im new to hacking what do u expect! Thanks alot though man.
Author

RE: S v D War


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 18:34
I have it yes, but right now my dad is logging my computer from his work. Lol hes such a newbie somtimes *sigh*
Author

RE: S v D War

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 07-11-05 18:55
bah, forget bruteforcing. This is a LAN, so fire up some MitM tools, and hi-jack his connection.

if you really want to own him, you can uuencode an entire rootkit to text form, and then uudecode it on the target host. instant ownage, and if you do it right he'll never know as his conection won't drop (think command injection here).

LANs offer tons of opertunities. play around with them Smile


"Root is a state of mind" -- K0resh
Author

RE: S v D War


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 22:28
Find out the version of the telnet service. I've heard that older telnet logins are pretty vulnerable to buffer overflows. Of course, you'll have to learn all about buffer overflows (and that's a heavy subject for a beginner).


Author

RE: S v D War


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-11-05 22:45
Mmmk i dont really understand the last 2 posts but thats what we have google for Grin. Anyway, so the battle ended for a while till he gets home tonight. Now is the time i prepare for the next one.

Heres some questions i wanna ask...

1) Is there a way i can get a program off my computer, put it on his, and execute it on his without hurting mine?

*BTW i mapped a drive without him knowing if that helps...*

2) Is there a way i can somhow go onto his network and put a proxy on it so when he tries to open IE he gets the "Page Cannot Be Displayed" thing?

Thanks in Advanced.

-Krazy
Author

RE: S v D War

n3w7yp3
Member

Your avatar

Posts: 358
Location: USA
Joined: 19.03.05
Rank:
Moderate
Posted on 08-11-05 14:26
Yea, tehre are plenty of ways. They range from using some sort of file transfer (eg: FTP, TFTP, SFTP, SCP, RCP....) to simply putting a disk in his drive.

If he is using a Windows based machine and you are as well, i recommend you look into a program called psexec. It will let you run commands on the remote host. Although, to use it, you'll need a valid login. I can't remember the exact URL for it ( Frown ), so you'll have to google.

As far as telnet buffer overflows go, if this competition is any sort of challenge (or your dad as half a brain), he will not be using telnet (or if he is he'll most likley be using a recent telnetd), he'll be using SSH. There are some SSH exploits out there, however, they're all patched and not that effective (I think the only really good one was what, CRC-32? But thats long since patched...).

Like I said, Man in the Middle (MitM) attacks and connection hijacking are the way to go for this one... Wink


"Root is a state of mind" -- K0resh
Author

RE: S v D War


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-11-05 19:38
The computer hes using can be telneted. Im right now im in control of the box were fighting over. But its just a matter of time. Im trying to work out shutdown commands on the command prompt (cause were connected throught lan) so when he gets close to getting into it, i can execute them on \\HOME (<<<his computer). But for some reason, when i go to run it, nothing happens...Any suggestions?
Author

RE: S v D War


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-11-05 21:18
try using 'net send -t10' (i think), this will shutdown his machine in 10seconds.


Author

RE: S v D War


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-11-05 23:17
Hmm that MIGHT work ill try it, but no -t means how long of a warning it gives him till it shuts down thanks!