| | Joined: Mar 2002 Posts: 119 Member | | Member Joined: Mar 2002 Posts: 119 | I was on a roll the other day cheching out who in my country (only 1 ISP lol) was online and vulnerable to poorly configured Netbios.
I wanted to use only DOS and a port scanner. I got alot to play with, but I got halted at actually reaching to desired path.
more clearly I need the command to use, I tried net /? and the all other help philes but not much luck.
detailed process
once the boxes found I do an nbtstat -A and if what I see meet my requirements ;-) I "net use" with the null account, and then a "net view" gives me the shares.
now comes the problem. getting a prompt to the place.
If I open up an explorer window with \\IP I 'll see the shares as folders. How do I do that in DOS? (much faster)
fanks!! | | | |
▼ Sponsored Links ▼
▲ Sponsored Links ▲
| | | | Joined: Mar 2002 Posts: 626 Member | | Member Joined: Mar 2002 Posts: 626 | Just curious, what country. I am sure there is a way... Just to lazy to look into it. What about telnet... Should still be able to run it in dos, if not you can download diff telnets from sites. I mean, I think that would work. Somone would prob know better, anyway... Anyone please correct me if wrong or any other better ideas.
-hKzKnight
"The ghost... Was never there and you'll never see me"
| | | | | Joined: Mar 2002 Posts: 1,273 DollarDNS Owner | | DollarDNS Owner Joined: Mar 2002 Posts: 1,273 | C:\>net use E: \\IP\ShareName
C:\>E:
E:\>dir
There you see how a network drive was connected, and you change to that directory and may continue to use DOS to browse around and manage the remote files. | | | | | Joined: Mar 2002 Posts: 119 Member | | Member Joined: Mar 2002 Posts: 119 | that's mouting the shares to a local drive right? | | | | | Joined: Mar 2002 Posts: 1,273 DollarDNS Owner | | DollarDNS Owner Joined: Mar 2002 Posts: 1,273 | Yes, it sets up a persistent connection between your computer and theirs which looks and acts like a hard drive. There is very little different in the behavior between network drives and physical ones.
Keep in mind that this is NOT invisible to the other person. If they should try to restart their computer, they'll get a "Somebody is connected to your computer, do you wish to continue and disconnect them?". That's not the exact message, but close to it. Also, if they pulled up netstat or the like, they'll see a connection to their port 139 and will know your IP address.
So pretty much, disconnect when you're not playing with it. | | | | | Joined: Mar 2002 Posts: 119 Member | | Member Joined: Mar 2002 Posts: 119 | Yeah i hear you on the IP thing... I learnt most my netbios off using my schools cause their PCs use it and I saw that msg u where talking about once. I know netbios isn't reliable but at the same time, I shows so little even at the server end...
How would I go about un-mouting the shares?
IE: making sure to end my direct connection to their PC.
Ow...wait...wait...new questin spawning....ooh ooh It hurt...ok sorry erm, yeah How about netbios and proxys.
wingate you say?? isn't that telnet and http/ftt/etc? More precisly if one connects to a PC thru netbios and that PC is also on an intranet. Does netbios route by default, so you can access the rest of the network too. (I think you have to specily explicitly in XP..dunno about others.) | | | | | Joined: Mar 2002 Posts: 1,273 DollarDNS Owner | | DollarDNS Owner Joined: Mar 2002 Posts: 1,273 | Connecting/Disconnecting Shares
C:\>net use E: \\IP\ShareName
C:\>net use E: \DELETE
To see general help for the program
C:\>net /? | more
To see help for a specific command
C:\>net use /? | more
As far as I know, netbios does not route anything and you cannot gain access to intranet computers with it. However, if you put a proxy program on their harddrive and manage to get it executed - then you can gain access to the intranet that way. | | | | | Joined: Mar 2002 Posts: 61 Junior Member | | Junior Member Joined: Mar 2002 Posts: 61 | The Windows NT Wardoc by Neonsurge is a really great document to learn about NT hacking and the net command in general. Also the "Modern Hackers Desk-Reference" is a great book for Netbios and other Windows/NT related info. | | | | | Joined: Mar 2002 Posts: 5 Junior Member | | Junior Member Joined: Mar 2002 Posts: 5 | Not disagreeing with anyone thus far- net /? - is a good command to run. to see if a specific ip has open shares you can type "net view //***.***.***.***"
just a tid bit
ciao tutto
nokil0
:: nokil0 ::
| | | | | Joined: Mar 2002 Posts: 1,273 DollarDNS Owner | | DollarDNS Owner Joined: Mar 2002 Posts: 1,273 | I've already mentioned the 'net /?' command. But to correct a minor error in nokil0's comment, the command is:
net view \\127.0.0.1
Also keep in mind that even if there are NO shares viewable, you may still connect to the default C$ share. My roommate's laptop is an example of a computer that has no shares, but I connect to it all the time with the default share (he runs win2k and it requires a password) | | | | | Joined: Aug 2004 Posts: 8 Junior Member | | Junior Member Joined: Aug 2004 Posts: 8 | ms-dos wont let me use "net use E: \\IP\ShareName"or any of the files u wrote because im not logged on. How do i logon | | | | | Joined: Aug 2004 Posts: 8 Junior Member | | Junior Member Joined: Aug 2004 Posts: 8 | any help would be nice plz | | | | | Joined: Oct 2004 Posts: 2 Junior Member | | Junior Member Joined: Oct 2004 Posts: 2 | net /?
Read it first before you learn it.
Never too old to learn!
| | | | | Joined: Oct 2004 Posts: 16 Junior Member | | Junior Member Joined: Oct 2004 Posts: 16 | you can always use the old windows prompt from windows 95 It does all the work for you just type in the basics and you have all the power you need a your fingertips! the people at the public library Have still to figure out who keeps screwing around with the "restricted" properties menu via DOS | | |
| Forums41 Topics33,840 Posts68,858 Members2,176 | | Most Online3,253
Jan 13th, 2020 | | |
|
