Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#10138 - 10/31/02 06:43 PM Access Computers Trough Port 20  
Joined: Oct 2002
Posts: 7
ThisIsWar Offline
Junior Member
ThisIsWar  Offline
Junior Member

Joined: Oct 2002
Posts: 7
Somewhere on Earth I belive
I have managed to learn how to make port 20 available on win 9.x machines. Now I have this other problem. I cannot connect to a computer that has this vulnerability. I cannot explore the files there.
I have used LEGION but it does not detect that the port is open. It may be my computers fault i don't know why??? I have no firewall and there is no proxy on.
What is Lmhosts.sam got to do with this thing? I heard it makes the other machine available after entering the share's name and the IP. The thing i do not understand is how to "FIND THE COMPUTER" over TCP/IP. Do I need some software or is it already included in the windows 9.x version ???


If you are 555 - Then I am 666
Sponsored Links
#10139 - 10/31/02 11:03 PM Re: Access Computers Trough Port 20  
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite  Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
Port 20 is ftp-data, it shouldn't just be "open", and even if it was i'm not sure how exploitable it would really be. It would totally depend on what ftpd is sitting on that port. How are you "opening:" this port?

sum

#10140 - 11/01/02 05:44 PM Re: Access Computers Trough Port 20  
Joined: Oct 2002
Posts: 7
ThisIsWar Offline
Junior Member
ThisIsWar  Offline
Junior Member

Joined: Oct 2002
Posts: 7
Somewhere on Earth I belive
Start>Settings>Control Pannel>Network>File and Print Sharring
Check the two boxes there and voila! port 20 gets opened. The best way to open them on a victim computer is to make the user there open them, trough IRC or an e-mail(social engineering if I am not wrong).
People seem to get paranoied when they are told a virus is on their comp. <img src=" title="" src="graemlins/laugh.gif" />


If you are 555 - Then I am 666
#10141 - 11/01/02 09:02 PM Re: Access Computers Trough Port 20  
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite  Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
That has absolutely nothing to do with port 20. Netbios (file and print sharing) would open port 139. That is prolly why your scans show it as closed, because it is. Turn on file sharing, and scan for port 139, I'll bet ya you'll find that one open. What made you think you were opening port 20?

sum

#10142 - 11/05/02 07:59 PM Re: Access Computers Trough Port 20  
Joined: Oct 2002
Posts: 7
ThisIsWar Offline
Junior Member
ThisIsWar  Offline
Junior Member

Joined: Oct 2002
Posts: 7
Somewhere on Earth I belive
I have this stupid "Hacking Bible" that said this was the method to acces files trough netbios and probably ftp. As I can see it is something wrongh with it or there is something wrong with me!!! Ok then ...
Let's say port 139 is open. How do I acces files trough it? Do I need some sharing utils??? As Microsucks (sorry Microsoft) Sharing?


If you are 555 - Then I am 666
Sponsored Links
#10143 - 11/05/02 09:01 PM Re: Access Computers Trough Port 20  
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite  Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
Here, this should answer any questions you have about this. It explains how to go about exploiting file sharing, and explains things like lmhosts that you already asked about.

http://blacksun.box.sk/tutorials.php?id=22

Keep in mind here that what you're trying to do is a few years old and doesn't work anywhere near as often as it did 4 years ago. As well it's pretty lame way to go about this; it requires no skill at all.

sum

#10144 - 11/05/02 10:07 PM Re: Access Computers Trough Port 20  
Joined: Sep 2002
Posts: 55
DaMaRiS Offline
Junior Member
DaMaRiS  Offline
Junior Member

Joined: Sep 2002
Posts: 55
New York City
I'm a whore!

(proudly edited by RAGE)

#10145 - 11/05/02 10:09 PM Re: Access Computers Trough Port 20  
Joined: Sep 2002
Posts: 624
black^Pimp Offline
UGN GFX Whore
black^Pimp  Offline
UGN GFX Whore

Joined: Sep 2002
Posts: 624
Underground
DaMaRiS please keep your comments for yourself, this is an interesting topic so let them do they're work precise if you have something smart to add or something that could help fixing the problem/finding the best solution even though i think sum did it all. This is not a General Chat. Thanks

bp


+^Born Intelligence
#10146 - 11/05/02 10:51 PM Re: Access Computers Trough Port 20  
Joined: Mar 2002
Posts: 533
Curse Offline
Enforcement Admin
Curse  Offline
Enforcement Admin

Joined: Mar 2002
Posts: 533
San Andreas
Yes, Damaris, please stop going from topic to topic trying to start shit...

#10147 - 11/06/02 02:45 AM Re: Access Computers Trough Port 20  
Joined: Mar 2002
Posts: 185
Mornse Offline
Member
Mornse  Offline
Member

Joined: Mar 2002
Posts: 185
Vancouver
Another thing that I didn't see in that tutorial (maybe I missed it?) is Null Sessions that can be established with MS File Sharing on NT boxes. Basically Null Sessions are used to gain information about systems. If file sharing is enabled on an NT box, chances are you can use null sessions, this is the general format for using shares:

net use \\\[share] * /u:[username]

this is the general format for using Null Sessions on boxes:

net use \\[target IP]\IPC$ "" /u:""

Then you have to use a program called DumpSec to gain information once you have established the Null Session, search for this program on google, it's really easy to find.

To disable Null Sessions on your box you have to change registry settings, on win2k go to the directory

HKLM\SYSTEM\CurrentControlSet\Control\LSA

in your registy and chang the "restrictanonymous" key to 2. On NT 4 you have to create the "restrictanonymous" key in that directory and set it to 1. If I have screwed up any of the information here please let me know (unreal?), but i'm pretty sure this is correct.


Cha want some w***up?

http://www.dopeskill.com
Sponsored Links
#10148 - 11/10/02 05:35 PM Re: Access Computers Trough Port 20  
Joined: Oct 2002
Posts: 7
ThisIsWar Offline
Junior Member
ThisIsWar  Offline
Junior Member

Joined: Oct 2002
Posts: 7
Somewhere on Earth I belive
Thanks for the link sum. It completed my knoledge about the topic.
I know this is lame and I intend to stop doing it as soon as I find some other stuff to exploit. I already got myself a shell and started to learn the basic Linux commands (actually restarted as I had this really fucked-up version of linux on my comp 1 year ago and I have learned nothing from it)


If you are 555 - Then I am 666

Member Spotlight
Gremelin
Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics47,460
Posts82,630
Average Daily Posts8
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 40,624
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)