command prompt help
command prompt help
ok i heard that it is possible to get in to someone elses computer through your command prompt. so i looked this up but i cant find anything about it now is this true that you can do that if it is someone please help me i been trying to figure this out for about a month help i am willing to learn
-
CommonStray
- Forum Assassin
- Posts: 1215
- Joined: 20 Aug 2005, 16:00
- 18
-
Nerdz
- The Architect
- Posts: 1127
- Joined: 15 Jun 2005, 16:00
- 18
- Location: #db_error in: select usr.location from sucko_member where usr.id=63;
- Contact:
Try to google netbios hack 
These day it is patch on nearly all computer but who knows... maybe your asking this because you have setup a small lab in your room and want to try it on your 2nd box...
Yeah... In my dream...
These day it is patch on nearly all computer but who knows... maybe your asking this because you have setup a small lab in your room and want to try it on your 2nd box...
Yeah... In my dream...
Last edited by Nerdz on 12 Apr 2007, 20:00, edited 1 time in total.
Give a man a fish, you feed him for one day.
Learn a man to fish, you feed him for life.
Learn a man to fish, you feed him for life.
-
ebrizzlez
- Kage
- Posts: 732
- Joined: 31 Mar 2007, 16:00
- 17
- Location: Hidden in a Buffer Protection.
- Contact:
well.. if your a Windows user, you can go to the command prompt and type in to get IPs , and a Netbios is a networking protocol that allows legacy computer applications relying on the NetBIOS API to be used on modern TCP/IP networks. It mainly uses a lan type of connection, and most computers disallow these types of attacks now in these days. 
Code: Select all
netstat -n[img]http://i81.photobucket.com/albums/j205/ebrizzlez/4lsint1.jpg[/img]
-
ebrizzlez
- Kage
- Posts: 732
- Joined: 31 Mar 2007, 16:00
- 17
- Location: Hidden in a Buffer Protection.
- Contact:
What OS do you have then? If you want IPs there are mutiple ways into getting so. Here are the following ways to get an IP:
1. You can use the command to get a list of Local and Foreigh addresses as well as there state there in.
2. You could set up a msn account, and send out an fake email requiring the user to reply back. Once you get the reply email, check the mail's heading. You can also set to show the heading from the beginning by configuring it to do so. Just go to Settings and check the box for Show Full Headings.
3.You could use web services to obtain IPs. You could make a fake page, hosted on some server (www.awardspace.com recommened) and make a .php page in which has some sort of a port scanner that would get the results and use the mail command to mail it to your user. This method is commonly use with "CHECK OUT THIS PIC!", people will veiw the page to veiw a picture you hosted, but they dont know what happens on the server side of the page.
4.You could always use Social Engineering, Social Engineering is the art of tricking a user into believeing your another person. You could make up a story about how your new server is getting attacked and its adding a bunch of IPs to your logs and you need to make sure its not just picking up random IM's IPs. So you would ask the user to veiw this site and tell you their IP address. http://www.whatsmyip.com. This method is probley the most useful and accurate method I use.
There are a few more, but those are the basics.
I would like to note that method 1 works well when your doing a transfer session with AIM. That way , you could get a hop to there REAL IP. Otherwise, you would just get there EMAIL/IP client's IP.
Method 2 works, but sometimes you may just pick up an email client's IP as well.
Method 3 works perfectly, although, you would need some knownlege on php or some knowlege on how to use google!
Method 4 is all based on trust. Can this user trust you with this highly senstive information? Believe it or not, most users dont know what an IP is! But this is all based on your Social Skillz. You can even trick a user into going to http://nmap-online.com/ and tricking them into nmaping there own selfs and sending you the results!
I hope one of these methods are useful for you, and if you can't use the netstat -n command what OS do you have?
1. You can use the command
Code: Select all
netstat -n2. You could set up a msn account, and send out an fake email requiring the user to reply back. Once you get the reply email, check the mail's heading. You can also set to show the heading from the beginning by configuring it to do so. Just go to Settings and check the box for Show Full Headings.
3.You could use web services to obtain IPs. You could make a fake page, hosted on some server (www.awardspace.com recommened) and make a .php page in which has some sort of a port scanner that would get the results and use the mail command to mail it to your user. This method is commonly use with "CHECK OUT THIS PIC!", people will veiw the page to veiw a picture you hosted, but they dont know what happens on the server side of the page.
4.You could always use Social Engineering, Social Engineering is the art of tricking a user into believeing your another person. You could make up a story about how your new server is getting attacked and its adding a bunch of IPs to your logs and you need to make sure its not just picking up random IM's IPs. So you would ask the user to veiw this site and tell you their IP address. http://www.whatsmyip.com. This method is probley the most useful and accurate method I use.
There are a few more, but those are the basics.
I would like to note that method 1 works well when your doing a transfer session with AIM. That way , you could get a hop to there REAL IP. Otherwise, you would just get there EMAIL/IP client's IP.
Method 2 works, but sometimes you may just pick up an email client's IP as well.
Method 3 works perfectly, although, you would need some knownlege on php or some knowlege on how to use google!
Method 4 is all based on trust. Can this user trust you with this highly senstive information? Believe it or not, most users dont know what an IP is! But this is all based on your Social Skillz. You can even trick a user into going to http://nmap-online.com/ and tricking them into nmaping there own selfs and sending you the results!
I hope one of these methods are useful for you, and if you can't use the netstat -n command what OS do you have?
[img]http://i81.photobucket.com/albums/j205/ebrizzlez/4lsint1.jpg[/img]
-
ebrizzlez
- Kage
- Posts: 732
- Joined: 31 Mar 2007, 16:00
- 17
- Location: Hidden in a Buffer Protection.
- Contact:
I agree with nerdzoncrack, I have been using Windows all my life! I just gotten Linux and its a bit tough to configure, not as easy as Windows... but if you have Windows then everything I said above has to work, i wouldnt know why the wouldnt work. , maybe your entering it wrong, or you are not on an admin account. but use the other ways to get IPs if that still doesnt work. and if you have pyhsical acess to your targets computer you can use a tool to veiw the passwords of msn , go to http://www.library.2ya.com/ for more info. but i wouldnt know any much of any msn spoofer you talk about, one these days would be really tight and seem almost impossible, but when it comes to computers, seems like nothing is impossible. (think about Windows great succesion! )
but if you have Windows then everything I said above has to work, i wouldnt know why the Code: Select all
netstat -n[img]http://i81.photobucket.com/albums/j205/ebrizzlez/4lsint1.jpg[/img]
-
ebrizzlez
- Kage
- Posts: 732
- Joined: 31 Mar 2007, 16:00
- 17
- Location: Hidden in a Buffer Protection.
- Contact:
Nice app bad_brain, you gotta show me how to do that in C++.
And nerdzoncrack is right, I own Windows Home, and I use all the time. Its probley he is doing somthing wrong, or maybe no admin? or some sort of werid trojan or virus.
And nerdzoncrack is right, I own Windows Home, and I use
Code: Select all
netstat -n[img]http://i81.photobucket.com/albums/j205/ebrizzlez/4lsint1.jpg[/img]
-
ebrizzlez
- Kage
- Posts: 732
- Joined: 31 Mar 2007, 16:00
- 17
- Location: Hidden in a Buffer Protection.
- Contact:
Well.... like we said before, it would be probley rare to find a computer that supports BIOS - like acess. The Net BIOS attack has probley been blocked by Microsoft just like the common teleneted ports 21 and 23. Try using nmap to scan the hosts for open ports, and learn how to use Metasploit to exploit your way into there systems. and scan your network for any viruses or trojans because a virus or trojan can easily block open ports, or block traffic through a port, so your computer wont find that host available, because it cant send the right packets to ping it.
and scan your network for any viruses or trojans because a virus or trojan can easily block open ports, or block traffic through a port, so your computer wont find that host available, because it cant send the right packets to ping it. [img]http://i81.photobucket.com/albums/j205/ebrizzlez/4lsint1.jpg[/img]