1. finding an IP and
2.Searching for open ports on required server.
Once you have learnt these 2 basics you are in .
After reading this tute, you'll be surely able to hack....100%...
Tools : Command Prompt:
1)First step- Finding a server I.P:
As a reference to my post All about IP-first step in hacking, I continue here to inform u more about IP Address and the way of hacking computers after their IP address is known.
First of all you will want the server I.P address, to gain this goto your start menu and click run. Then type cmd or command (whichever works).
Type the following :
ping target.com
You should get something similiar to the following output :
Pinging target.com [80.20.20.20] with 32 bytes of data:
Reply from 80.20.20.20: bytes=32 time=121ms TTL=51
Reply from 80.20.20.20: bytes=32 time=123ms TTL=51
Reply from 80.20.20.20: bytes=32 time=120ms TTL=51
Reply from 80.20.20.20: bytes=32 time=120ms TTL=51
Ping statistics for 80.20.20.20:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 120ms, Maximum = 123ms, Average = 121ms
You now have the server I.P.
Or if u want to hack a specific host, you can obtain his IP as i mentioned in my post Get IP address of sender in Gmail, Yahoo n Hotmail. Once u have the victims IP , move to next part of tute...
2) Look up the host's name server:
Now in command prompt, type nslookup. Nslookup will say something like:
Default Server: blah.blah.net
Address:
Now type set type=all, this will show all server details.
Next type the server domain e.g: target.com
You should get an output similiar to :
Non-authoritative answer:
target.com internet address = 80.20.20.20
target.com
primary name server = ns1.target.com
responsible mail addr = hostmaster.target.com
serial = 2005032200
refresh = 50400 (14 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)
target.com nameserver = ns1.target.com
target.com nameserver = ns2.target.com
target.com MX preference = 5, mail exchanger = smtp1.target.com
target.com MX preference = 10, mail exchanger = smtp2.target.com
ns2.target.com internet address = 80.20.232.20
ns1.target.com internet address = 80.20.3.2
You now have the nameserver details of this website. What to do next?
Well open up your browser and type http://ns1.target.com or http://ns2.target.com
What you get there depends on the website you are looking at, sometimes you get a placeholder or a domain name login page.
3) What about that i.p, what do i do with that? (part 1)/ Second step-Find open ports by portscanning:
First of all you will want to scan for all open ports on that server. To do that check the end of this article where tools you will need will be listed.
When you obtain one of the tools just type in an i.p and it will scan for open ports.
You will now have a list of open ports on the webserver.
Here is a list of some common webserver ports:
Port Service
21 FTP (File Transfer Protocol)
25 SMTP (Simple Mail Transer Protocol)
53 Domain
80 HTTP (Hyper Text Transfer Protocol)
3306 MYSQL
For an advanced list goto http://www.chebucto.ns.ca/~rakerman/port-table.html
Now you can do one of the following :
Open command prompt and type Telnet i.p port e.g: telnet 80.6.6.5 80
This will connect to the i.p on the port which is open.
Sometimes you will get an output for example if it was port 25 you may get
220 mail.target.com ESMTP Sendmail 8.12.10/8.12.10; Sat, 26 Mar 2005 17
:50:43 -0500
You could use that to send emails.
Or for port 21 it could be something like :
220 ProFTPD FTP Server ready.
User : type user
Pass : type pass
On port 3306 you could access their sql database.
To do this download the newest version of mysql and install it:
http://dev.mysql.com/downloads/
Once you have install MYSQL goto the installed directory and goto the bin folder and execute MySqlManager.exe
You will have a window in the center named something like MysqlM1, right click this window and goto register server.
A new window will come up:
In the following input the server details :
Servername : anything doesn't matter
Host : the target i.p
Port : 3306 usually
Select use standard security.
Obviously you will need the username and password.
Here are common ones:
User Password
root root
admin root
admin admin
admin root
apache apache
root apache
and so on, try various combinations. Your chances are very slim though, your better off trying to gain the password with an alternative method. Brute Force,Dictionary.
Now click register, the newly assigned server will appear in the main window, double click it, if you gave correct login info it will open up the database.
4) What else can i do with that I.P (part 2):
Well, there are other things you may do with the newly obtained I.P. I will show you some below.
http://ip:port
ftp://ip
https://ip:port
Or open command prompt and type :
net use * \\ip\directory$ '
note : directory being your input
You should get a message if you guess a correct directory e.g
Enter the user name for 'targetip':
If you get an incorrect directory you will receive this message :
System error 53 has occurred.
The network path was not found.
For those of you who don't know, the command net will map a network drive on your system. The * simply tells the command to use the next free drive. For full synthax type net use /? or net /?.
5) Sql Injection:
As there are plenty of articles on the internet explaining Sql injection i won't bother. I have included required SQL commands in my post SQL commands.
6) Cookie viewing,changing:
Again i have explained this in article Cookie stealing. So i wont explain it here.
7) Good Tools for web hacking. (google them):
In addition to those mentioned in post Essential things for an hacker, following are the few useful tools for web hacking:
Brain (You might get one....maybe...just kidding..)
Angry I.P Scanner (can be setup to scan ports)
BluesPortScanner (port scanner)
Stealth Http vulnerability scanner (Scans websites for known vulnerabilities)
N-Stealth (same as above)
WinSSLMiM (Man in the middle)
WinTCPKill (TCP connection killer)
WinDNSSpoof (DNS I.D spoofer)
SQLdict (Cracks SQL Servers with a dictionary attack)
WWWhack (guess passwords on login forms)
NETBrute (port scanner,password cracker)
Nmap (Excellent tool you should get it)
NTbrute (Hacking network shares)
Update:
Since, the article titles under 'Learn how to hack' , i believe no one can become a hacker unless he knows what Phishing is !!
Phishing is an efficient method of hacking an email account or any account u want.I have posted more information on phishing in Hack Email Account and Using Phishing to hack accounts..
For more info on IP and ports refer:
All about IP
Complete list of ports
0 comments:
Post a Comment