BSNL is a Government body now been privatised that offers Telecommunication and Broadband services in India. It also offers USB Modem for both rental and for owning. This hack works on almost all the USB Modems ( ZTE EV-DO ) provided by BSNL. EVDO is a Technology short for " Evolution - Data only " that uses 3G Technology introduced by Qualcomm. Here i am going to share how to eavesdrop into someones Network who are using BSNL EV-DO, and using this trick you can entirely take control of the box.
This hack works only with Windows based Boxes. Step 1 :
Install the Driver required for BSNL ZTE EV-DO Modem, as a part of the installation, it will prompt you to plug-in the device, then change the default username and password, then connect to the internet. Step 2 :
While the modem is connected to the internet, open up a command prompt and type " Net View "
command in it, then it will display all the names of the machines that are connected to the same network that uses the similar device ( EV-DO ). It will blindly display the hostnames that are a part in that network, but it wont show whether the connected machines are alive or not. Here is list of hostnames that was available when i was dealing with this, let it be a POC.
Step 3:
Now the major part is to find a host that is alive, and this can be done both manually and
also by using automated Batch program, once you got the host that is alive, you can connect to
its hidden IPC$ ( Inter Process Connect ) share by using the below command, Net use \\IP- Address\IPC$ "" in my case i used the following.....
So this will establish a NULL session with the target host that i have used, now the target system and my computer is connected, and by using we have to move further...
Step 4:
Now to check whether there is connection between your computer and the target, just type the below command, net use This will reveal the current connections..... Step 5: In every windows based boxes, there must be an Administrator account, few of them will never set a password for default administrator account, and only few will do it. Now we are trying to gain Administrator access to the remote box, and this can be done by using Dictionary attack or by Launching Brute Force attack against the target.
You can compromise admin account by using Dictionary attack, and you can use the "LAN Remote
user - Dictionary Attack" Check with the syntax properly before starting..... Step 6:
Once you obtained the password of the administrator account, you can use the same net command
to establish a connection with administrator rights.... Net use \\IP-Address\sharename "password" /user:administrator once you got the message "Command Completed Successfully" then you are connected to the target
machine with admin access. Step 7:
Now goto run and type "compmgmt.msc", this will take you to the Computer management, Click on
Action -> Connect to another computer.... and then type in the IP address or the Hostname of
the target machine. Once you got access to the remote host, now you can see the computer management(Local) changes
to the Computer Management(XXX.XXX.XXX.XXX) - Remote IP. Step 8:
You can now create a New user account on the remote machine by expanding the Local users and
Groups -> users -> right click there and create a new user and assign Admin rights. Step 9:
Now you can start a Terminal Session to the remote host, or you can just start a Remote desktop connection, goto run and type MSTSC and hit enter. Step 10:
Type in the Ip address of the remote host in the Remote Desktop connection wizard and take over the compter. Step 11:
To cover the traces just clear all the logs in the eventviewer in the target by using the computer management itself, also make sure to delete the IPC$ connection logs by using the command Net use \\IP- Address\IPC$ /delete This is a high Potential Security threat... because anyone can easily gain control over the computer accross the network and can root them, Make them Zombies and later as botnets and so on. Step 12:
To avoid being a victim to such kind of attacks, you can read the aticle by Clicking here . Disclaimer :-
This is only meant for Educational purpose, The author nor the publisher takes No Responsibilty for any illegal activity.
WELCOME GUEST ENJOY YOUR STAY HERE...
TELL A FRIEND ABOUT US..
Showing posts with label network. Show all posts
Showing posts with label network. Show all posts
Monday, September 14, 2009
Saturday, September 12, 2009
6 mistakes new Windows administrators make
#1: Trying to change everything all at once
When you come into a new job, or start working with a new technology, you may have all sorts of bright ideas. If you're new to the workplace, you immediately hone in on those things that your predecessors were (or seem to have been) doing wrong. You're full of all the best practices and tips and tricks that you learned in school. If you're an experienced administrator coming from a different environment, you may be set in your ways and want to do things the way you did them before, rather than taking advantage of features of the new OS. Either way, you're likely to cause yourself a great deal of grief. The best bet for someone new to Windows networking (or to any other job, for that matter) is give yourself time to adapt, observe and learn, and proceed slowly. You'll make your own job easier in the long run and make more friends (or at least fewer enemies) that way.
#2: Overestimating the technical expertise of end users
Many new administrators expect users to have a better understanding of the technology than they do. Don't assume that end users realize the importance of security, or that they will be able to accurately describe the errors they're getting, or that they know what you mean when you tell them to perform a simple (to you) task such as going to Device Manager and checking the status of the sound card. Many people in the business world use computers every day but know very little about them beyond how to operate a few specific applications. If you get frustrated with them, or make them feel stupid, most of them will try to avoid calling you when there's a problem. Instead they'll ignore it (if they can) or worse, try to fix it themselves. That means the problem may be far worse when you finally do become aware of it.
#3: Underestimating the technical expertise of end users
Although the above applies to many of your users, most companies will have at least a few who are advanced computer hobbyists and know a lot about technology. They're the ones who will come up with inventive workarounds to circumvent the restrictions you put in place if those restrictions inconvenience them. Most of these users aren't malicious; they just resent having someone else in control of their computer use - especially if you treat them as if they don't know anything. The best tactic with these users is to show them that you respect their skills, seek out their input, and let them know the reasons for the rules and restrictions. Point out that even a topnotch racecar driver who has demonstrated the ability to safely handle a vehicle at high speed must abide by the speed limits on the public roads, and it's not because you doubt his/her technology skills that you must insist on everyone following the rules.
#4: Not turning on auditing
Windows Server operating systems have built-in security auditing, but it's not enabled by default. It's also not one of the best documented features, so some administrators fail to take advantage of it. And that's a shame, because with the auditing features, you can keep track of logon attempts, access to files and other objects, and directory service access.
Active Directory Domain Services (AD DS) auditing has been enhanced in Windows Server 2008 and can be done more granularly now. Without either the built-in auditing or third-party auditing software running, it can be almost impossible to pinpoint and analyze what happened in a security breach.
#5: Not keeping systems updated
This one ought to be a no- brainer: Keeping your servers and client machines patched with the latest security updates can go a long way toward preventing downtime, data loss, and other consequences of malware and attacks. Yet many administrators fall behind, and their networks are running systems that aren't properly patched. This happens for several reasons. Understaffed and overworked IT departments just may not get around to applying patches as soon as they're released. After all, it's not always a matter of "just doing it" - everyone knows that some updates can break things, bringing your whole network to a stop. Thus it's prudent to check out new patches in a testbed environment that simulates the applications and configurations of your production network. However, that takes time - time you may not have. Automating the processes as much as possible can help you keep those updates flowing. Have your test network ready each month, for instance, before Microsoft releases its regular patches. Use Windows Server Update Services (WSUS) or other tools to simplify and automate the process once you've decided that a patch is safe to apply. And don't forget that applications - not just the operating system - need to be kept updated, too.
#6: Getting sloppy about security
Many administrators enforce best security practices for their users but get sloppy when it comes to their own workstations. For example, IT pros who would never allow users to run XP every day logged on with administrative accounts think nothing about running as administrators themselves while doing routine work that doesn't require that level of privileges.
When you come into a new job, or start working with a new technology, you may have all sorts of bright ideas. If you're new to the workplace, you immediately hone in on those things that your predecessors were (or seem to have been) doing wrong. You're full of all the best practices and tips and tricks that you learned in school. If you're an experienced administrator coming from a different environment, you may be set in your ways and want to do things the way you did them before, rather than taking advantage of features of the new OS. Either way, you're likely to cause yourself a great deal of grief. The best bet for someone new to Windows networking (or to any other job, for that matter) is give yourself time to adapt, observe and learn, and proceed slowly. You'll make your own job easier in the long run and make more friends (or at least fewer enemies) that way.
#2: Overestimating the technical expertise of end users
Many new administrators expect users to have a better understanding of the technology than they do. Don't assume that end users realize the importance of security, or that they will be able to accurately describe the errors they're getting, or that they know what you mean when you tell them to perform a simple (to you) task such as going to Device Manager and checking the status of the sound card. Many people in the business world use computers every day but know very little about them beyond how to operate a few specific applications. If you get frustrated with them, or make them feel stupid, most of them will try to avoid calling you when there's a problem. Instead they'll ignore it (if they can) or worse, try to fix it themselves. That means the problem may be far worse when you finally do become aware of it.
#3: Underestimating the technical expertise of end users
Although the above applies to many of your users, most companies will have at least a few who are advanced computer hobbyists and know a lot about technology. They're the ones who will come up with inventive workarounds to circumvent the restrictions you put in place if those restrictions inconvenience them. Most of these users aren't malicious; they just resent having someone else in control of their computer use - especially if you treat them as if they don't know anything. The best tactic with these users is to show them that you respect their skills, seek out their input, and let them know the reasons for the rules and restrictions. Point out that even a topnotch racecar driver who has demonstrated the ability to safely handle a vehicle at high speed must abide by the speed limits on the public roads, and it's not because you doubt his/her technology skills that you must insist on everyone following the rules.
#4: Not turning on auditing
Windows Server operating systems have built-in security auditing, but it's not enabled by default. It's also not one of the best documented features, so some administrators fail to take advantage of it. And that's a shame, because with the auditing features, you can keep track of logon attempts, access to files and other objects, and directory service access.
Active Directory Domain Services (AD DS) auditing has been enhanced in Windows Server 2008 and can be done more granularly now. Without either the built-in auditing or third-party auditing software running, it can be almost impossible to pinpoint and analyze what happened in a security breach.
#5: Not keeping systems updated
This one ought to be a no- brainer: Keeping your servers and client machines patched with the latest security updates can go a long way toward preventing downtime, data loss, and other consequences of malware and attacks. Yet many administrators fall behind, and their networks are running systems that aren't properly patched. This happens for several reasons. Understaffed and overworked IT departments just may not get around to applying patches as soon as they're released. After all, it's not always a matter of "just doing it" - everyone knows that some updates can break things, bringing your whole network to a stop. Thus it's prudent to check out new patches in a testbed environment that simulates the applications and configurations of your production network. However, that takes time - time you may not have. Automating the processes as much as possible can help you keep those updates flowing. Have your test network ready each month, for instance, before Microsoft releases its regular patches. Use Windows Server Update Services (WSUS) or other tools to simplify and automate the process once you've decided that a patch is safe to apply. And don't forget that applications - not just the operating system - need to be kept updated, too.
#6: Getting sloppy about security
Many administrators enforce best security practices for their users but get sloppy when it comes to their own workstations. For example, IT pros who would never allow users to run XP every day logged on with administrative accounts think nothing about running as administrators themselves while doing routine work that doesn't require that level of privileges.
Subscribe to:
Posts (Atom)
MY STATS
