VERY BASIC Questions that are driving me crazy.
Hey guys,
I have been reading tons of material as well as experimenting with my home network and school network with various ways to penetrate or gain access to another computer. I have been trying to find the answers to a lot of questions that are driving me crazy on google and ask.com, but somehow, eventhough google is suppose to be the greatest thing since sliced bread, I can't find any answers… I was hoping that you guys would be able to help me out.
-
Do switches have ports?
-
With a client/server trojan, does the victim already have to have the port open that the trojan listens on, or does the trojan automatically open that port when the server is executed?
-
Do individual computers have ports? (the reason I ask is because a firewall blocks certain ports)
-
How do exploits/scripts work? I have looked at scripts on milw0rm.com, which are all .txt files, and I have no idea how to use those.
-
After I run a port scan on a computer on the network, and (for example) only port 21 (FTP) port is open, is this computer vulnerable?
-
Must a port be open in order to gain access to a computer?
Here is my scenerio @ school:
My friend and I are trying to access each others computers…
How would I go about doing this?… this is what I was thinking…
Run a port scan on the switch to find out which ports are open. THEN Run a port scan on my friends computer to find out which ports I could possibly get in through.
If port 21 and 53 and some other ones are the only ones open, I don't know how I would go about gaining access…
Disclaimer: :p ^^^ Those are probably the stupidest questions you will ever hear about this topic in your whole life, but they should also be pretty easy to answer. If you kno, please help me out and make a quick post… I'm tired of not finding any answers on google or ask…
Also, if anyone has any good tutorials or material that would help me out, please share it! All help is much appreciated.
if ur looking to get access to school networks keep a sharp eye out for things your admins just leave laying around. like bat or inf files in recent documents or something i gathered information for a while put it all together and got access. didnt touch anything just looked around basically cus hurting stuff doesnt help me any and now im trying to access the portable server.
software keyloggers will only get you caught, there is no way in hell a school antivirus software will mis that (Plus it will be killed on startup). If it is a remote Keylogger it will be stopped before it ever exits the firewall. If you are adiment about using keylogger technology, use a Hardware keylogger, they are self contained and are undetectable in most instances. I would just recomend watching the keys she presses in, or using local access to get the pass (MMC for instance)
schools are a bitch to hack, my district has all the schools gateway to the regional servers, so even though our local IT guys are idiots (server has more downtime than uptime) you can't do shit, because everything gets routed through the main server, which is secured so tight I can't even portscan it, fuck all connect.
Kay first off, take down the disclaimer, you're not worthless xD
Second, I know google really doesn't help at times, no matter how much people will shout at you telling it does. So, I'll try help ya out much as I can :)
-
I'm not 100% sure, but I don't believe they do. Switches themselves don't have programs that need ports to exchange data directly.
-
Trojans don't 'listen on' ports ;) Trojans, by definition are malicious non-autonomous programs that "depend on actions by the intended victims. As such, if trojans replicate and even distribute themselves, each new victim must run the program/trojan" (wikipedia.org). They can, however, open ports once they have infected a box. For more information on trojans, highly recomend read here :)
-
Of course individual computers have ports :p Ports are "virtual data connection[s] that can be used by programs to exchange data directly" (wikipedia.org). In order to hack a computer, you need to input data through an open port on the victims computer ;) That's why firewalls block open ports, as a security measure to block incoming data thats not supposed to be incoming :p
-
Every exploit works differently. Basically, exploits are bits of code than can take advantages in vulneribilities or security glitches. They are used to make the computer do unintended things, and can be used to gain complete control over a box. Another great article here.
-
Ports are used to output and input data. Only open ports allow data to be inputed. So, remote vulneribilities can only be conducted through use of open ports. There are some ports, however, that are pretty much always open (like port 80-http) and aren't usually dangerous to have open. Having open ports doesn't automatically mean you're pc is hackable. Even ports that aren't always needed don't necesarilly mean security risk. Example would be ports 27010 and 27015, which are used for counter-strike :p A large list of ports and what they're used for can be found here.
-
Read above ;)
There are three main ways you could gain access to your friends box.
1st, through network (usually pretty hard in schools) 2nd, through internet (pretty hard, if not harder in schools aswell) 3rd, phsyically or through use of social engineering ;)
My recommended sites to learn more:
- www.google.com (for obvious reasons)
- www.wikipedia.org (my <3)
- www.hackthissite.org (very similar to hbh, great articles)
- www.milw0rm.com (lots to learn about hacking :p)
- www.astalavista.org (great underground site on hacking, recently been updated, very easy to use now :) )
Well that took me almost an hour of my weekend, hope it helps :D
-BluMoose
EDIT It seems hbh doesn't display those wikipedia links as proper urls or sumfing, jst copy n paste em into browser ;)