Home Securitate Services Resources Security Links Feedback Search T Network
Exploiting
Vulnerability | Looking | Exploiting | Links

EN RO

Home
Up

Now suppose you want to scan your friend's ports. This is the best way to scan, as you won't have to worry about your friend getting you kicked off your ISP for suspicion of trying to break into computers. How do you know what your friend's IP address is? Ask him or her to run the command (from the DOS prompt) 'netstat -r'. This shows something like this:

C:\WINDOWS>netstat -r

Route Table

Active Routes:

Network Address Netmask       Gateway Address Interface      Metric
0.0.0.0        0.0.0.0        198.59.999.200  198.59.999.200      1
127.0.0.0      255.0.0.0      127.0.0.1       127.0.0.1           1
198.59.999.0   255.255.255.0  198.59.999.200  198.59.999.200      1
198.59.999.200 255.255.255.255 127.0.0.1       127.0.0.1           1
198.59.999.255 255.255.255.255 198.59.999.200  198.59.999.200      1
224.0.0.0      224.0.0.0      198.59.999.200  198.59.999.200      1
255.255.255.255 255.255.255.255 198.59.999.200  0.0.0.0             1

Active Connections

 Proto Local Address         Foreign Address       State
 TCP   lovely-lady:1093      mack.foo66.com:smtp    ESTABLISHED

That 'gateway address' and 'interface' both give the current IP address of your computer. If you are on a LAN, the gateway should be different from your own computer's IP address. If you or your friend are on a LAN, however, you should think twice before port scanning each other, or the LAN's sysadmin may notice your activity. Warning, sysadmins have quite an arsenal of larts to use on suspicious-acting users.

************************************************************
Newbie note: Lart? What the heck is a lart? It is a "luser attitude
readjustment tool." This is a generic class of techniques used by sysadmins to punish lusers. What is a luser? A wayward user. To get a sampling of popular larts, see http://mrjolly.cc.waikato.ac.nz/. You want your sysadmins to be your FRIENDS, right? Never forget this!
************************************************************

What are some of the vulnerabilities to win95 and NT, you ask? Check previous GTMHHs for this information. Perhaps the most important thing to remember about Windows is equal to root in Unix), can run a program that uses any port it wants, even a well-known port. This vulnerability is demonstrated by a program from Weld Pond of L0pht fame called 'netcat'. The program can be obtained from:

http://www.l0pht.com/~weld/netcat

Read the documentation that ships with the program, or the Guides on (a) win95 and telnet from:

http://www.happyhacker.org/gtmhh.html

or (b) NT security from:

http://www.infowar.com/hacker/hacker.html-ssi

...for information on uses of netcat.

Google

 

Tip-Top-Hot Web Sites

 


Back Home Up Next

 

Privacy Policy | Terms of Service
© 1999 - 2008, MultiMedia SRL
Send articles and materials to be published on this website to: Publishing
If you see unauthorized or illegal materials on this website, please send an e-mail to: Abuse