Follow us on Twitter!
One mans freedom fighter, another's terrorist.
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 33
Guests Online: 29
Members Online: 4

Registered Members: 82848
Newest Member: aIjundi
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Page 1 of 3 1 2 3 >
Author

telnet and remote access

TommyCat
Member

Your avatar

Posts: 35
Location:
Joined: 23.08.05
Rank:
Newbie
Posted on 04-11-08 16:37
Hello. I have some knowledge about hacking.. I have used some remote administration tools in the past, like net devil, sub seven, pro rat. I also did some research on how this RAT's work. I am also familliar with Putty as I used few irc bouncers in the past. I have some knowledge of HTML, C++, VB, and I am currently working at my own trojan and RAT, coded in VB6. I even begun to learn linux.. started with a Knoppix LiveCd for now Smile.
OK.. now my problem. As I said before, I used some RAT's in the past. The problem is that I was infecting the victims only by social engineering. I now try to learn how to gain access without the victim knowing it. I have NetCat for windows and I tried something:
I port scanned myself. Port 23(TelNet) was closed. Ok.. I opened and listened to it with netcat. Now I open a cmd window and start a TelNet session. I try to connect to my own computer, knowing that port 23 is open and it doesn't work. I have also tried that with other ports. Nothing works. I think I am missing something here because i ask myself: How can i learn to gain acces in another machine if i can't even acces mine with the whole damn door open? I try this for over a week now.. done some reading etc.. google is my desktop background.. so i use it a lot. I'm beginning to be a little frustrated here. I need some hints please.


It's the final CountDowN
Author

RE: telnet and remote access

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 04-11-08 16:46
I can tell you that you won't be able to infect people just by knowing an open port on their computer; it requires some kind of vulnerable service to be running as well Wink


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-08 16:47
Uber0n wrote:
I can tell you that you won't be able to infect people just by knowing an open port on their computer; it requires some kind of vulnerable service to be running as well Wink


Or brute forcing. (just throwing it out there Grin)


Author

RE: telnet and remote access

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 04-11-08 16:49
skathgh420 wrote:
Or brute forcing. (just throwing it out there Grin)

How would you bruteforce a file into someone's computer? :right:


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-08 16:51
Uber0n wrote:
skathgh420 wrote:
Or brute forcing. (just throwing it out there Grin)

How would you bruteforce a file into someone's computer? :right:


Lol sorry I wasn't clear. You could brute force a login on ftp, or something else, and upload the file.


Author

RE: telnet and remote access

TommyCat
Member

Your avatar

Posts: 35
Location:
Joined: 23.08.05
Rank:
Newbie
Posted on 04-11-08 17:11
Uber0n wrote:
I can tell you that you won't be able to infect people just by knowing an open port on their computer; it requires some kind of vulnerable service to be running as well Wink


It's an ordinary windows XP machine.. service pack 2, with telnet service stopped by default. So It's not like I can bruteforce a telnet login or ftp login.. I did a port scan on a friend's computer (that agreed for my learning purposes) 1 to 30000 (I'll continue till 65535 later, as it took me a while Smile ) and it didn't show any open ports. That leaves me asking myself if is there any way to open a port remotely without having any kind of access to that machine. ??
and if there was a vulnerable service running, should there be an open port? or can i open it remotely given the fact that the machine i'm trying to access has that specific vulnerable service running?


It's the final CountDowN

Edited by TommyCat on 04-11-08 17:13
Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-08 17:30
TommyCat wrote:
1. Is there any way to open a port remotely without having any kind of access to that machine. ??
2. If there was a vulnerable service running, should there be an open port?
3. Can i open it remotely given the fact that the machine i'm trying to access has that specific vulnerable service running?

1. No.
2. If there is a service of any kind offering some sort of functionality (web server, file server, file sharing, etc.), then yes, there should be an open port.
3. If you can compromise a running service on an open port, then you can most likely find a way to open others, yes. It depends on what level of access the compromise gives you.


Author

RE: telnet and remote access

TommyCat
Member

Your avatar

Posts: 35
Location:
Joined: 23.08.05
Rank:
Newbie
Posted on 04-11-08 18:18
Zephyr_Pure wrote:
1. No.
2. If there is a service of any kind offering some sort of functionality (web server, file server, file sharing, etc.), then yes, there should be an open port.
3. If you can compromise a running service on an open port, then you can most likely find a way to open others, yes. It depends on what level of access the compromise gives you.


But let's say that we have a situation in which the machine does not offer any kind of functionality like web server, ftp server, file sharing. It's just a machine running windows xp that a person uses to browse the web, read email, instant message and play computer games. Nothing out of the ordinary. The only thing that my machine and that machine have in common is the ISP. As I said before, the other machine is the property of a neighbour that agreed that I coud try and gain access to his machine for learning purposes.
Not even telnet server is running on that machine. ( Smile if it was running i wouldn't have posted Smile ) hope someone can make me understand what i'm trying to understand.




It's the final CountDowN

Edited by TommyCat on 04-11-08 18:20
Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-08 18:41
i think that you can send him a trojan and it will open port .you can take it here on hbh if you are script kid, but i think that you can use it ones or twice for learning and later make one. (sorry if i am wrong lol)


Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-08 18:46
TommyCat wrote:
It's just a machine running windows xp that a person uses to browse the web, read email, instant message and play computer games. Nothing out of the ordinary. The only thing that my machine and that machine have in common is the ISP. As I said before, the other machine is the property of a neighbour that agreed that I coud try and gain access to his machine for learning purposes.
Not even telnet server is running on that machine. ( :) if it was running i wouldn't have posted :) ) hope someone can make me understand what i'm trying to understand.

Is your target behind a router? That could also be a target (and also the reason why you're seeing "no open ports").

If I recall correctly, Windows XP (and probably other OS's) use ports for their own local system services (such as the Workstation and Server services). You could do research on what ports these services normally operate on, then hunt for exploit techniques (the Server service is actually mentioned in a recent news item here) and craft a packet from that. For now, let's just assume that your port scan is being detected and fed false information.




Edited by on 04-11-08 19:10
Author

RE: telnet and remote access

TommyCat
Member

Your avatar

Posts: 35
Location:
Joined: 23.08.05
Rank:
Newbie
Posted on 04-11-08 20:23
bullet wrote:
i think that you can send him a trojan and it will open port .you can take it here on hbh if you are script kid, but i think that you can use it ones or twice for learning and later make one. (sorry if i am wrong lol)

Well I'm not a script kiddie.. as I said before, I am currently developing my own trojan/RAT using VB6, but sending trojans and making someone accepting them is social engineering. I am good at this.. but I don't find it challenging. My purpose isn't to gain access to that specific machine, but learning how to do it without social engineering, I mean without having to communicate with the owner of the machine.


It's the final CountDowN
Author

RE: telnet and remote access

TommyCat
Member

Your avatar

Posts: 35
Location:
Joined: 23.08.05
Rank:
Newbie
Posted on 04-11-08 20:24
Zephyr_Pure wrote:
Is your target behind a router? That could also be a target (and also the reason why you're seeing "no open ports"Wink.

If I recall correctly, Windows XP (and probably other OS's) use ports for their own local system services (such as the Workstation and Server services). You could do research on what ports these services normally operate on, then hunt for exploit techniques (the Server service is actually mentioned in a recent news item here) and craft a packet from that. For now, let's just assume that your port scan is being detected and fed false information.


The target is not behind a router, but I'll do some research on ports used by the local system in XP. Thanks.


It's the final CountDowN
Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-11-08 22:45
only way to attack a computer with no open ports is a vulnerability in the TCP/IP stack..which unless you're a hardcore reverser, don't hold your breath finding one

EDIT: thats if there are any left anyway (probably will find a few more when IPv6 becomes widely used)

Edited by on 04-11-08 22:47
Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-11-08 10:04
NigNig wrote:
only way to attack a computer with no open ports is a vulnerability in the TCP/IP stack..which unless you're a hardcore reverser, don't hold your breath finding one

EDIT: thats if there are any left anyway (probably will find a few more when IPv6 becomes widely used)


There's obviously vulnerabilities. Nothing is foolproof.


@OP:
I don't think just practicing on a personal computer isn't very useful. In an actual attack you're going to be going for servers and stuff that are on big networks. Set up a web server and attack that. Try to set one up with a forum (maybe an old version of phpbb) and have HTTP,SSH,FTP, and Telnet access. First work on the web application, try to find vulnerabilities. After that, take down the services. I would recommend using older versions for these as well. After accessing it, is there a way that you can gain root (administrative) access? If you're on linux, maybe have an older kernel, find some exploits in that. For windows, just plant a file there and simulate an administrator clicking on it.
Author

RE: telnet and remote access

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 05-11-08 12:41
There's no way to magically open a port and make it obey all your commands. You must realize that :right: I mean otherwise you'd be able to root any computer at any time ...


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-11-08 13:09
Uber0n wrote:
There's no way to magically open a port and make it obey all your commands. You must realize that :right: I mean otherwise you'd be able to root any computer at any time ...

... I just rooted you over SMTP. Pwnz0r3d!! Pfft


Author

RE: telnet and remote access

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 05-11-08 13:24
Zephyr_Pure wrote:
... I just rooted you over SMTP. Pwnz0r3d!! Pfft

Now THAT'd be interesting, lol


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-11-08 15:35
There is no almost no way to get the trojan on your friends PC. You can try to hide it in another file(dropper) and send it via email or msn. But there are also a few othere possibilities. FOr example there are a few exploits which you can integrate into your website. They cause that if someone visits the sude a file will be loaded in the background so that he doesn't know. Try to search for exploits in milw0rm. There were lately some for chrome.

And another think would you be interested in writting the trojan together with me. I have experience with VB6 and I already programmed some Trojans to see how it works. But they weren'T really good =) they were only for learning supose.

Greetz
NoPax
Author

RE: telnet and remote access

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 05-11-08 16:34
NoPax wrote:
FOr example there are a few exploits which you can integrate into your website. They cause that if someone visits the sude a file will be loaded in the background so that he doesn't know.

As far as I know, there's no such thing as automatically uploading and executing an .exe file on a website visitor's computer... :ninja:


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: telnet and remote access


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-11-08 16:55
Uber0n wrote:
As far as I know, there's no such thing as automatically uploading and executing an .exe file on a website visitor's computer... :ninja:

Agreed... unless ActiveX has that functionality. I'm not knowledgeable enough about it to know.


Page 1 of 3 1 2 3 >