The Ethical Hacker Network - getting access !! ??

rebrov

Full Member

Offline

Posts: 130

getting access !! ??

« on: May 12, 2009, 12:36:41 AM »

hello every one im Tarek newbie

i was wondering about when i make scan with Nmap and find the open ports in the scanning method if i got ports like 139 its for netbios thats right ?

i connected my self to the machine with null session and after that wat should i do to connect and crack the password ? should i get the users info with dumpsec or getacc or something first ..and after i get the users names how can i get the passwords ?


	Logged

Otter

Newbie

Offline

Posts: 41

Re: getting access !! ??

« Reply #1 on: May 12, 2009, 02:35:53 AM »

Quote from: rebrov on May 12, 2009, 12:36:41 AM

hello every one im Tarek newbie

139 is traditionally netbios, yeah.

Add the -sV option to your scan. That's the nmap service fingerprinting option. It'll run actually meaningful packets at the service and attempt to divine what protocol is listening rather than just relying on /etc/services for guesses.

Next, you are doing this testing on systems you own or have written permission to test against, right?

If so, then hydra is probably the most powerful brute forcing tool. It supports lots of services including SMB.

Careful though: many windows domains are configured with a lockout policy and you could DoS the hell out of your client if you're not careful. Please be careful, ethical and legal.


	Logged

rebrov

Full Member

Offline

Posts: 130

Re: getting access !! ??

« Reply #2 on: May 12, 2009, 06:38:06 AM »

nice info but somethings i didn't figure out :S cuz im still newbie can u add me i wanna chat and know somethings from u online as i posted in the prev thread if its not forbidden again my email is :

incomplete.heart@hotmail.com

i just want to share ur knowledge with me

like knowledge giving Cheesy


	Logged

timmedin

Sr. Member

Offline

Posts: 469

Re: getting access !! ??

« Reply #3 on: May 12, 2009, 08:07:12 AM »

We usually like to keep the discussions open so that everyone can benefit. Just post your questions here.


	Logged

twitter.com/timmedin | http://blog.securitywhole.com

rebrov

Full Member

Offline

Posts: 130

Re: getting access !! ??

« Reply #4 on: May 12, 2009, 08:38:38 AM »

if then i will ask alot of questions Grin

if its alright can i ask any questions here ? or should i post every questions in single post ?

1- when im scanning target with nmap and i found the open ports we know that 139 port for netbios and i make nullsession connect via dos

after that wat should i do to get connect to the remote machine !!!

cuz i tried to get the use with dumpsec but not connected and i didn't get any info about the target user ? and even so i got the users of this target

how can i know the passwords of them ? and after all how can i connect ?

sorry but CEH didn't teach me wat i want i think i should take the course cuz im studing is over the net


	Logged

Ketchup

Hero Member

Offline

Posts: 1021

Re: getting access !! ??

« Reply #5 on: May 12, 2009, 08:58:26 AM »

Well, a null session isn't necessarily going to give you much access if the machine is properly configured. If the machine has restrict anonymous settings configured, a null session should not be enough to enumerate users, shares, etc. Look into Cain and Abel, it has a very nice feature for working with null session connections.

Once you have done your recon and determined that the machine is a Windows box, and has NetBIOS running, your next step is to enumerate all of the running services and see if there are any vulnerabilities you can exploit. Look into Nessus. Their home feed is free. It will scan the machine and attempt to determine any vulnerabilities you can exploit.

Your next task becomes exploiting those vulnerabilities. You can looking the metasploit project, check milw0rm for any known exploits, etc. Your object is to "root" the box.

This is just one of the ways you can gain access to the box. Hackers will never take the hard route, they will find the easiest way of accessing the box. Look for any wireless connections that machine may established. You can attempt to extract credentials by getting the box to join a rogue wifi network you can create. You can also simply ask for the password. You can try a client-side attack vector as well. Your job here is to get around the security.


	Logged

~~~~~~~~~~~~~~
Ketchup

rebrov

Full Member

Offline

Posts: 130

Re: getting access !! ??

« Reply #6 on: May 12, 2009, 03:39:49 PM »

im not at WI connection and the box im trying to getting access to is not in Wi Fi connection either so wat im gonna do ??

i want to make easy not hard route like u said !!

and btw

i just cracked my server FTP password as Admin

wat is the next step to get into this server ??

like injecting trojan ,,, i need to know how to connect my self to the server computer as remote control i guess its not hard now after i know the pass right Huh

should i inject trojan via ftp ?? and how ??

or use another method to connect to this server box and control it ?


	Logged

Pages: [1] Go Up

« previous next »