Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Oct 2002
Posts: 7
Junior Member
Junior Member
Joined: Oct 2002
Posts: 7
I have managed to learn how to make port 20 available on win 9.x machines. Now I have this other problem. I cannot connect to a computer that has this vulnerability. I cannot explore the files there.
I have used LEGION but it does not detect that the port is open. It may be my computers fault i don't know why??? I have no firewall and there is no proxy on.
What is Lmhosts.sam got to do with this thing? I heard it makes the other machine available after entering the share's name and the IP. The thing i do not understand is how to "FIND THE COMPUTER" over TCP/IP. Do I need some software or is it already included in the windows 9.x version ???

Sponsored Links
▼ Sponsored Links ▼ ▲ Sponsored Links ▲
Joined: Mar 2002
Posts: 1,041
I
UGN Elite Poster
UGN Elite Poster
I Offline
Joined: Mar 2002
Posts: 1,041
Port 20 is ftp-data, it shouldn't just be "open", and even if it was i'm not sure how exploitable it would really be. It would totally depend on what ftpd is sitting on that port. How are you "opening:" this port?

sum

Joined: Oct 2002
Posts: 7
Junior Member
Junior Member
Joined: Oct 2002
Posts: 7
Start>Settings>Control Pannel>Network>File and Print Sharring
Check the two boxes there and voila! port 20 gets opened. The best way to open them on a victim computer is to make the user there open them, trough IRC or an e-mail(social engineering if I am not wrong).
People seem to get paranoied when they are told a virus is on their comp. <img border="0" alt="laugh" title="" src="graemlins/laugh.gif" />

Joined: Mar 2002
Posts: 1,041
I
UGN Elite Poster
UGN Elite Poster
I Offline
Joined: Mar 2002
Posts: 1,041
That has absolutely nothing to do with port 20. Netbios (file and print sharing) would open port 139. That is prolly why your scans show it as closed, because it is. Turn on file sharing, and scan for port 139, I'll bet ya you'll find that one open. What made you think you were opening port 20?

sum

Joined: Oct 2002
Posts: 7
Junior Member
Junior Member
Joined: Oct 2002
Posts: 7
I have this stupid "Hacking Bible" that said this was the method to acces files trough netbios and probably ftp. As I can see it is something wrongh with it or there is something wrong with me!!! Ok then ...
Let's say port 139 is open. How do I acces files trough it? Do I need some sharing utils??? As Microsucks (sorry Microsoft) Sharing?

Joined: Mar 2002
Posts: 1,041
I
UGN Elite Poster
UGN Elite Poster
I Offline
Joined: Mar 2002
Posts: 1,041
Here, this should answer any questions you have about this. It explains how to go about exploiting file sharing, and explains things like lmhosts that you already asked about.

http://blacksun.box.sk/tutorials.php?id=22

Keep in mind here that what you're trying to do is a few years old and doesn't work anywhere near as often as it did 4 years ago. As well it's pretty lame way to go about this; it requires no skill at all.

sum

Joined: Sep 2002
Posts: 55
D
Junior Member
Junior Member
D Offline
Joined: Sep 2002
Posts: 55
I'm a whore!

(proudly edited by RAGE)

Joined: Sep 2002
Posts: 624
UGN GFX Whore
UGN GFX Whore
Joined: Sep 2002
Posts: 624
DaMaRiS please keep your comments for yourself, this is an interesting topic so let them do they're work precise if you have something smart to add or something that could help fixing the problem/finding the best solution even though i think sum did it all. This is not a General Chat. Thanks

bp


+^Born Intelligence
Joined: Mar 2002
Posts: 533
Enforcement Admin
Enforcement Admin
Joined: Mar 2002
Posts: 533
Yes, Damaris, please stop going from topic to topic trying to start [censored]...

Joined: Mar 2002
Posts: 185
M
Member
Member
M Offline
Joined: Mar 2002
Posts: 185
Another thing that I didn't see in that tutorial (maybe I missed it?) is Null Sessions that can be established with MS File Sharing on NT boxes. Basically Null Sessions are used to gain information about systems. If file sharing is enabled on an NT box, chances are you can use null sessions, this is the general format for using shares:

net use \\<target IP>\[share] * /u:[username]

this is the general format for using Null Sessions on boxes:

net use \\[target IP]\IPC$ "" /u:""

Then you have to use a program called DumpSec to gain information once you have established the Null Session, search for this program on google, it's really easy to find.

To disable Null Sessions on your box you have to change registry settings, on win2k go to the directory

HKLM\SYSTEM\CurrentControlSet\Control\LSA

in your registy and chang the "restrictanonymous" key to 2. On NT 4 you have to create the "restrictanonymous" key in that directory and set it to 1. If I have screwed up any of the information here please let me know (unreal?), but i'm pretty sure this is correct.


Cha want some w***up?

http://www.dopeskill.com
Joined: Oct 2002
Posts: 7
Junior Member
Junior Member
Joined: Oct 2002
Posts: 7
Thanks for the link sum. It completed my knoledge about the topic.
I know this is lame and I intend to stop doing it as soon as I find some other stuff to exploit. I already got myself a shell and started to learn the basic Linux commands (actually restarted as I had this really [censored]-up version of linux on my comp 1 year ago and I have learned nothing from it)


Link Copied to Clipboard
Member Spotlight
None yet
Forum Statistics
Forums41
Topics33,840
Posts68,858
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Dartur 1
Cyrez 1
Girlie 1
unreal 1
Powered by UBB.threads™ PHP Forum Software 8.0.0