Just trying to put it all together

Posted by: Ender

Just trying to put it all together - 03/08/02 04:08 PM

Ok, I'm just trying to map this out to my knowledge so that people can give me advice on what to studie up on next.

So you use telnet to connect to whatever your trying to access. Try different ports until you find one you can access.
At this point i'm a little blurry.
Do you need a cracking program specific to the Hardware/software of the other comp.?
How can you tell what they are running? Etc.?
Also I've found different programs purported to "Hack" different email site (Hotmail, etc.) Now my question is not how, it's simply are there methods to do this that do not involve just entering password after password until you find the right one? ( with or without a program.)
I'm pretty much to the point at which I can find and connect but, now what?
Posted by: thebluegiant

Re: Just trying to put it all together - 03/08/02 04:45 PM

Quote:
So you use telnet to connect to whatever your trying to access


I'm assuming you're on windows? Remember, telnet the protocol is NOT the same as the telnet that comes with windows that you're probably using to connect with.


Quote:
Try different ports until you find one you can access.


Or use a port scanner and save yourself some time It seems that you know what ports are, so you're off on semi-good footing. Do some research so that you know what protocols or programs are exploitable/ what give you information.

Quote:
do you need a cracking program specific to the Hardware/software of the other comp.

Sure, you can use a program that'll try and bruit force an ftp acount or something that tries different cgi exploits for you. Personally, I figure as long as you know how they work and what they're doing there's no reason to reinvent the wheel. However, it doesn't appear that you do know that, so learn first, act later.

Quote:
are there methods to do this that do not involve just entering password after password until you find the right one? ( with or without a program.)


If you know the person you can probably figure out their password reasonably well. However, I would strongly suggest that you DO NOT go that route ,be it using one of those alleged e-mail hacking programs or using SE (social engineering).

And now the dreaded overall answer....read.
some good sites: http://blacksun.box.sk/ http://www.securitywriters.org/ http://packetstormsecurity.org/

There are more, many more( a great list of sites you'll love is RRFN, learner posted a link to it somewhere.)
Posted by: Le4rner

Re: Just trying to put it all together - 03/08/02 05:25 PM

Quote:
Or use a port scanner and save yourself some time It seems that you know what ports are, so you're off on semi-good footing. Do some research so that you know what protocols or programs are exploitable/ what give you information.



You should know that unless you have a **** good stealth port scanner when you prot scan a network you are screaming you are about to hack them. There is realy no other reason to port scan someone.
Posted by: thebluegiant

Re: Just trying to put it all together - 03/08/02 05:50 PM

Usually learner, true. However, at this point it seems that Ender is just starting to try and figure out how things work. Odds are he won't end up doing anything, merely checking out some banners and what some common ports are. If actually planning on hacking something then yes, be extremely carefull. But in this case I see no reason why not to explore and see what's out there.
Posted by: Le4rner

Re: Just trying to put it all together - 03/08/02 09:17 PM

I belive in letting them know before they go off on a wild tangent. Also might wana hide behind a proxy. Your ISP might not like you playing with hacking toys
Posted by: Ender

Re: Just trying to put it all together - 03/15/02 03:28 PM

Thanx for the info guys.
Got me rolling on this thing.
Trust me, I'll have more questions later, but I've got alot of reading to do first.
Posted by: Rallos

Re: Just trying to put it all together - 03/24/02 02:38 PM

Hi I am a newbie to hacking though I am not a newbie at all to computing. I currently have a list of open UDP and TCP ports on a computer and I was wondering how I can actually put a trojan on this computer? It does have tftp port 82 open so that may be useful. I am not very knowledgeable regarding Telnet commands so if I need to use Telnet to control a program using one of the ports please explain how if I am running XP Pro. Also are there any fully stealth port scanners? If you don't use a port scanner then would it not take hours searching for open ports manually? Also I have a few port scanners and none of them seem to have options for a proxy server so can someone recommend one that does or can you not use a proxy with a port scanner?

Thanks a lot for any help
Posted by: SilentRage

Re: Just trying to put it all together - 03/24/02 04:56 PM

hrm hrm, you seem to be a reasonable if clueless person. You'll learn what and how and what NOT and how NOT to ask a question after awhile.

Anywho, think of a port as a program. So their tftp port is open. Great - wonderful. It can be quite handy - but only if you know how to use it. Telnet commands... psh. There isn't any "Telnet Commands". All telnet does is allow you to communicate with a program on another computer directly and in the raw. This communication follows certain rules and guidelines so that you may understand each other and perform the desired tasks.

So how do you communicate with tFTP? Well, go learn how! How do you communicate with port 80 (webserver)? Well, go learn how! You see, we can't tell you how to hack. And really, nobody should be taught how to hack. Hacking should come natural after you know all about something. For instance, if you're a lock maker, you know how to pick locks! Nobody taught you how to pick locks, you didn't ever have to learn how. You just know! Cause you understand locks THAT well.

So now's the time to start learning how to communicate with various programs. Once you've learned how, you can start experimenting with ways to break into their security - or see the signs of weak security. When you read about exploits written by people who know a heck of a lot MORE than you do about some program - then you'll understand how to use it - cause you too is familiar.

So for now, don't worry about learning how to install a trojan on somebody's computer through a port. Instead, learn how to request a webpage from port 80 (HTTP), or learn how to download a file via 21 (FTP), or learn how to send an email with port 25 (SMTP)...

That's the knowledge that is important. Come back with that question after you've learned more protocols than I have. > SMTP, POP3, DNS, SOCKS 5, HTTP, FTP, TELNET, IRC, IP, TCP, UDP, ICMP, WHOIS, FINGER, IDENT..... um, I think that's pretty much it.
Posted by: Moffesto

Re: Just trying to put it all together - 04/23/02 08:11 PM

I know Im a newbie.... i have alot of computer background but few hacking background. I have win2k and connect with 56k modem. But thats beside the point..


How do you hide behind a proxy? And where can you get a stealth port scanner?