Previous Thread
Next Thread
Print Thread
Rate Thread
#8393 07/14/03 10:13 AM
Joined: Jul 2003
Posts: 9
S
Junior Member
OP Offline
Junior Member
S
Joined: Jul 2003
Posts: 9
Hi Guys,
I will try and word this properly so you don't misunderstand my intensions. I am an MCSE student and the class is on the win2k server portion of the course. My instructor offers 3 hacks of the server, each worth 10% bonus marks. The first was physical access, the second was remote with a default install and a weak pwd.

The third is renamed admin account, 11 character based password, hidden shares and a firewall/router. I was able to do the first 2 and i'm not sure what strategy to use in the 3rd attempt. I have read that trying to kill the FW or router is not a good idea because I would lose the connection at both ends of it. The Unix admin at the school suggested that maybe we could Telnet thru port 80. If that can be done, would PUTTY be the tool to use? Once I establish a connection, i know I can find the password and the shares. If anyone has any hints as to what might be a way to do this, or could point me to some text, i would really appreciate it. My final exam is Monday, a week from today and there is 2 of us working on it together to increase our chances.
Thanks!

#8394 07/14/03 10:57 AM
Joined: Oct 2002
Posts: 955
UGN Super Poster
Offline
UGN Super Poster
Joined: Oct 2002
Posts: 955
Man, sounds like you are doing good so far. Why not try to do the rest yourself? You will feel alot better about it than if you get help. smile

#8395 07/14/03 11:10 AM
Joined: Jul 2003
Posts: 9
S
Junior Member
OP Offline
Junior Member
S
Joined: Jul 2003
Posts: 9
jonconley, thanks for the vote of confidence. You are right, I would feel much better doing it on my own. However, I've only been playing with PC's for a little more than a year, and only 2 months in school. I have been reading up on exploits and I'm realizing I probably need scripts, a bit of programming and lot more knowledge than what I have now, but I want to at least try. I DO NOT want it laid out for me, all I'm asking for is maybe some ideas or an approach. Nobody has ever even done the second hack in my instructors class, so my buddy and I were the first today. The instructor also said that we won't even get close on the 3rd attempt, but I'd like to prove him wrong, so if anyone can point me or even just nudge me a little in the right direction, that would be fantastic.
Again, thanks for having me at UGN!

#8396 07/14/03 02:06 PM
Joined: Mar 2002
Posts: 524
D
Member
Offline
Member
D
Joined: Mar 2002
Posts: 524
Well, I'll give you a little hint: your school admin. fed you a load of [censored]. Port 80 is the default port for HTTP. All you'll be accessing by telnet'ing to port 80 is the website running on the box, if one even exists.

#8397 07/14/03 06:02 PM
Joined: Mar 2002
Posts: 1,041
I
UGN Elite Poster
Offline
UGN Elite Poster
I
Joined: Mar 2002
Posts: 1,041
I telnet through port 80 all the time dashocker. Well, ok, I ssh through port 80 all the time, but I do telnet once in awhile. When I'm at school I use an HTTP tunnel to get out to the net all the time with things I'm not supposed to, like ssh or telnet. I'm not sure how the hell this would help you Smot Poker, but it may have been what your Unix admin was speaking of.

#8398 07/14/03 06:43 PM
Joined: Jul 2003
Posts: 9
S
Junior Member
OP Offline
Junior Member
S
Joined: Jul 2003
Posts: 9
Hi Infinite,
It all helps. I just wasn't sure if it was a feasible option or not. I'm thinking this is a little more than I can handle with my experience and only a week to prepare. I'm still open to anything of course.
Thanks guys.

#8399 07/14/03 06:56 PM
Joined: Oct 2002
Posts: 955
UGN Super Poster
Offline
UGN Super Poster
Joined: Oct 2002
Posts: 955
Well I would try connecting to the router changing the settings. Most routers you can connect to on 23 or 8080 or something similar. Chances are hopeful that if you are in the classroom you can see the router, so look up on the internet and try to find a hole or even the default info. Now most routers probably won't let you connect to them from the outside, but if your computer is on the network in class, you can probably connect to it.

Also, try connecting to the ports 23, 80, 88, 8080, 21 etc on the router. Ex. If your IP is say 192.168.2.10, then try connecting on the IP 192.168.2.1. It may even be listed as the default gateway on your client.

Hope that helps somewhat

#8400 07/15/03 02:02 PM
Joined: Mar 2002
Posts: 524
D
Member
Offline
Member
D
Joined: Mar 2002
Posts: 524
[never mind, delete this]

#8401 07/15/03 06:50 PM
Joined: Jul 2003
Posts: 9
S
Junior Member
OP Offline
Junior Member
S
Joined: Jul 2003
Posts: 9
Thanks for the help jonconley. I have the router model, IP and default pwd. I got to play with it at my machine today. I'm researching exploits and hopefully if i can crash it and default the pwd, i might have a chance. If I get by the router, I get 5% bonus marks, so thats cool.
Take care and thanks again.


Link Copied to Clipboard
Member Spotlight
Phatal
Phatal
Houston, TX
Posts: 298
Joined: April 2004
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Cyrez 1
Girlie 1
unreal 1
Crime 1
Powered by UBB.threads™ PHP Forum Software 7.7.5