accessing the network
Might I /r/equest from the people of this site somewhat of a how to on getting into the network (from the internet), in order to use older and somewhat trivial attacks on personal computers. I'm trying to figure these things out for testing purposes, and I don't like not knowing how my computer can get broken into. If by chance you guys can help me out here, it would be greatly appreciated.
And even though anytime someone posts stuff like this, to which anyone with half a mind towards reality of humanities actions can realize that it's lies trying to get people to help them in any way possible, I might be trying to get advise on my own actions, but still, I realy still do wish to know any way/manner I can stop people from having access to my computer.
Uber0n wrote: Could you please explain a bit more in detail what you're trying to accomplish? Getting into a private network over the internet? Sounds like a quest for either a backdoor or just using tunneling to me :)
yeah, essentially: I want to get into privat networks from the internet without using files (like viruses) on the target computer within the private network.
also, tunneling in and breaking in using backdoor advice would also be usefull information to have. if you would like to give some form of how-to style thing for all these things it would be most helpfull.
NetBois - old skool but occassionally is still open on low security home networks.
RDOM (think thats it) - exploit for windows XP SP1
exploit / brute remote desktop - Windows XP Pro
If the network has a browser, then your pretty much sorted. email them a link to your website, and then you'll have access. Come to HBH Con v3 to learn more about this.
There are many ways into a network TBH.
If you have an IP you need to start at the basics, scan the network for ports that are open. Once you have a compiled listing of open network ports (some will look closed but are actually "stealth") so once you have this listing and you know what is run off each open port you can then test out for vulnerabilities in the OS of this IP. The IP will (not always) most likely be a router. So you need to find out what the routers OS is. Then find flaws and bypass them. Once into that section of the world of bits&bytes you can then start probing for other machines on the network. This will allow you to find more exploits and find how to get into them.
The days of an IP being for a single computer are long past so you need to learn routing languages and the likes to be able to excel in online acts like the ones you are wanting to do.
Please note this information is general and will not work in all cases and it is for informational purposes ONLY, I am not to be held in any way responsible for skids getting a hold of this information and using it for purposes they themselves do not even know. This will help you test your personal security more so you can get your computers tighter and harder to get into.
Mr_Cheese wrote: NetBois - old skool but occassionally is still open on low security home networks.
RDOM (think thats it) - exploit for windows XP SP1
exploit / brute remote desktop - Windows XP Pro
If the network has a browser, then your pretty much sorted. email them a link to your website, and then you'll have access. Come to HBH Con v3 to learn more about this.
net bios rarely works.
and how would you brute remote desktop connections for xp pro? i can't say i know any way to brute it.
There are many ways into a network TBH.
If you have an IP you need to start at the basics, scan the network for ports that are open. Once you have a compiled listing of open network ports (some will look closed but are actually "stealth" so once you have this listing and you know what is run off each open port you can then test out for vulnerabilities in the OS of this IP. The IP will (not always) most likely be a router. So you need to find out what the routers OS is. Then find flaws and bypass them. Once into that section of the world of bits&bytes you can then start probing for other machines on the network. This will allow you to find more exploits and find how to get into them.
The days of an IP being for a single computer are long past so you need to learn routing languages and the likes to be able to excel in online acts like the ones you are wanting to do.
Please note this information is general and will not work in all cases and it is for informational purposes ONLY, I am not to be held in any way responsible for skids getting a hold of this information and using it for purposes they themselves do not even know. This will help you test your personal security more so you can get your computers tighter and harder to get into.
that's actually helpfull, think you could get me some more info on "routing lanhuages?" for obviously im far behind on things (that's what I get for not doing any learning sence 98 {dial-up XD })
Yeah, I think cheese means RPC DCOM, its essentially an IPC service that was on automatically from XP SP1 and below. Many exploit out there, metasploit framework is your best bet. As far as getting access to the pc's inside a private network, you could connect to the router, but its unlikely that the ports would be forwarded properly (unless they set up telnet/ssh/vpn). Most home networks these days use NAT (google it), which means the IP's inside the network change to a different subnet (usually 192.168.0.0/16).
Its not easy….
jjbutler88 wrote: Yeah, I think cheese means RPC DCOM, its essentially an IPC service that was on automatically from XP SP1 and below. Many exploit out there, metasploit framework is your best bet. As far as getting access to the pc's inside a private network, you could connect to the router, but its unlikely that the ports would be forwarded properly (unless they set up telnet/ssh/vpn). Most home networks these days use NAT (google it), which means the IP's inside the network change to a different subnet (usually 192.168.0.0/16).
Its not easy….
I realy hate it when my nieghbor's internet goes offline when I'm trying to post on here.
but, yeah, I already knew the last part you added there. However, none of what you said will be wasted, Im checking now on pretty much every topic you referenced thus far, just to make sure i know all i can. But in that, I already have the metasploit stuff, thanks; What I'm kinda looking to you people for is how to get from internet, to network, to computer, and what limmitations there will be on what can get done (as i know alot of dsl/cable modems have firewalls in them). I do know a few ways to get into computers while in a network, which is why im in other people's networks quite often XD, just kidding. but anywho, yeah, im trying to get the proccess someone, like yourself perhaps, would go from mearly being on the internet, to getting into aa network, and to a machine, without getting the people to place data on their own computer (viruses and such).
I'm not sure if I'm realy of any help to people when trying to explain the problems and question(s) I have, but hopefully you guys can bare with me long enough to help me out with this.
This is the problem. On an average home network, there is no way to access the internal computers. Because of NAT, the IP address you are scanning only refers to the router, as the gateway to the network. All the computers behind have their own IP's which are not accessible from outside of that network. the only way you can do it is either:
Break into the router and set up port forwarding for a specific port to a specific IP
Get one of the users on that network to click a link on your website (obviously maliciously)
Personally im no expert on option 2, thats why im coming along to HBHCon! If its an area that interests you, id say its a worthwhile trip.
edit - Have a look at this: http://milw0rm.com/video/watch.php?id=5