Friday, January 25, 2008

Hack a Windows 2000 system through IPC$

I got this nice article from one the site to hack a win 2000 system through IPC$...

The initial step involve in this are ...

1 : Scanning for open Win2k systems
2: Connecting to the IPC$
3: Connecting and using Computer Management.
4. Disable NTLM
5: Starting the Telnet service
6: Creating user accounts and adding them to a group
7: Covering your tracks
8: How to protect your Win2k system from this attack

You need to be running a Win2k system:

Superscan version 3.00 by Foundstone (246kb). Homepage
NetBrute Scanner (247KB). Homepage
PQWak V1.0 (24KB)

1: Scanning for open Win2k systems

A. Open SuperScan 2.05 (Port scanner)
B. Select a IP range
C. Check "Only scan responsive pings" and "All selected ports in list"
D. Only scan ports 139 (NetBIOS), and 1025 (Network Blackjack)
E. When a system with both Netbios and BlackJack is found, open NetBrute, and scan that IP to see if there is an IPC$


2: Connecting to the IPC$

A. Open a DOS window
B. Type in " net use \\ipaddress\ipc$ "" /user:administrator "
C. If you connect to the system, it will say, " The command was completed successfully "
D. If it says, “bad username or password”, Try running PQWak.exe to crack the share name password. Then insert the password like so:
net use \\ipaddress\ipc$ "password" /user:administrator
E. Users usually have only one password for everything. So try the c$ share pass as the administrator password to connect to the IPC$

3: Connecting using Computer Management

A. Open Computer Management.
B. Click “Action”, then “Connect to Another Computer”
C. Type in the IP address.

4. Disable NTLM

A. Open “regedit”
B. Connect to the following registry key:
HKEY_LOCAL_MACHINE--Software--Microsoft--Telnet Server--1.0—->NTLM
C. Set the value data from (2) to (1)
D. That will enable login to the telnet server without being connected to the IPC$ or a trusted domain.

5. Starting the Telnet service

A. In Computer Management, click “Services and Applications”
B. Click Services
C. Right click on the Telnet Service and open Properties.
D. Set the service to Automatic, and start the service.

6: Creating user accounts and adding them to a group

A. Open a dos window, and type the following: telnet IPaddress
B. If prompted to type a username and password, type Administrator with no password.
C. To create a user account, type the following: Net user username password /add
D. Replace “Username” and “password” with whatever you like.
E. To add a user account to a domain, type the following: Net localgroup administrators username /add Or Net group administrators username /add

7: Covering your tracks

A. Open a dos window, and type the following: Net use \\ipaddress\ipc$ /delete
B. While logged on to Computer Management. Check if the Security Logs are being audited in Event Viewer. If they are, clear them. :-)

8: How to protect your Win2k system from this attack

A. Open Regedit
B. Connect to the following:
C. HKEY_LOCAL_MACHINE--System--CurrentControlSet--Control--Lsa-->restrictanonymous
D. Change the "Value Data" from 0 to 1. It should say 0x00000001(1)
E. That will disable remote logon to a null IPC$
F. Always have a complicated administrator password with Windows2000 or any other OS
G. Install a firewall.



Anonymous said...

Hi !.
You re, I guess , probably curious to know how one can manage to receive high yields .
There is no need to invest much at first. You may start to get income with as small sum of money as 20-100 dollars.

AimTrust is what you haven`t ever dreamt of such a chance to become rich
The company represents an offshore structure with advanced asset management technologies in production and delivery of pipes for oil and gas.

Its head office is in Panama with affiliates everywhere: In USA, Canada, Cyprus.
Do you want to become an affluent person?
That`s your choice That`s what you really need!

I`m happy and lucky, I started to take up income with the help of this company,
and I invite you to do the same. If it gets down to choose a proper companion who uses your funds in a right way - that`s the AimTrust!.
I make 2G daily, and what I started with was a funny sum of 500 bucks!
It`s easy to get involved , just click this link
and lucky you`re! Let`s take this option together to get rid of nastiness of the life

Anonymous said...

Hello everyone!
I would like to burn a theme at here. There is such a thing, called HYIP, or High Yield Investment Program. It reminds of ponzy-like structure, but in rare cases one may happen to meet a company that really pays up to 2% daily not on invested money, but from real profits.

For several years , I make money with the help of these programs.
I'm with no money problems now, but there are heights that must be conquered . I get now up to 2G a day , and my first investment was 500 dollars only.
Right now, I managed to catch a guaranteed variant to make a sharp rise . Visit my web site to get additional info. [url=]Online Investment Blog[/url]

Anonymous said...

I truly believe that we have reached the point where technology has become one with our lives, and I am fairly confident when I say that we have passed the point of no return in our relationship with technology.

I don't mean this in a bad way, of course! Ethical concerns aside... I just hope that as the price of memory drops, the possibility of downloading our memories onto a digital medium becomes a true reality. It's one of the things I really wish I could see in my lifetime.

(Posted on Nintendo DS running [url=]R4[/url] DS ComP)