• cracking wep with no clients
  
• crack wep with aircrack + inject packets ( Windows )
  
• how to bug e-mail
  
• aircrack on backtrack with clients ( wep )
  
• writing a port scanner in java
  

• ettercap part 1
  
• ettercap part 2
  
• rainbow tables
  
• social engineering
  
• google security
  

• using truecrypt to lock up your private data
  
• nmap scanning and portsentry evasion
  
• nmap scanning and portsentry evasion 2
  
• windows xp security
  
• php filtering with owasp
  

• quick and simple netbios exploitation with windows xp
  
• quick and simple netbios exploitation with windows xp 2
  
• quick and simple netbios exploitation with windows xp 3
  
• quick and simple netbios exploitation with windows xp 4
  
• quick and simple netbios exploitation with windows xp 5
  

• computertutorials
  
• computertutorials2
  
• securitytutorials
  
• computertutorials3
  
• computertutorials4
  
• securitytutorials2
  
• securitytutorials4
  

QUICK AND SIMPLE NETBIOS EXPLOITATION
WITH WINDOWS XP CONT...

So how do we do it?

Step One would be to download Nmap or a port scanner that you are familiar with – with the release of the Windows Executable of Nmap there is now no reason that you cant install it on a Windows box.

You can find the Download page here:
http://www.insecure.org/nmap/download.html

After you have downloaded Nmap go and get winfo from here:
http://ntsecurity.nu/toolbox/winfo/

When you have this browse to C:\WINDOWS\system32 and drop the winfo file there. Or you can manually edit your path for the command prompt to include the location of the winfo file.


Now we have nmap we want it to scan a range of IP’s but as we are trying to gain access to the NetBIOS shares, we only need to scan ports 139 and 445. So we issue the following command:

Code:
Nmap –sS –P0 81.32.12.0-255 –p139,445


Here we have told nmap to conduct a SYN Stealth scan, without pinging the hosts, against the IP range of 81.32.12.0 – 81.32.12.255 only on ports 139 & 445.

Here are the results of the scan:

Code:
Interesting ports on 81.32.12.204:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.205:
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 206.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.207:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.208:
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.209:
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 210.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 211.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.212:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.213:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 214.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 215.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 216.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 217.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 218.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.219:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 220.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 221.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 222.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 223.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.224:
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.225:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 226.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.227:
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.228:
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 229.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 230.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 231.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 232.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 233.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 234.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.235:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.236:
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.237:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.238:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 239.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 240.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp open netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 241.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.242:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 243.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 244.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 245.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 246.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 247.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.248:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 249.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 250.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 251.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 252.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 253.Red-81-32-12.dynamicIP.ri
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.254:
PORT STATE SERVICE
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds

Interesting ports on 81.32.12.255:
PORT STATE SERVICE
139/tcp closed netbios-ssn
445/tcp closed microsoft-ds

Nmap finished: 256 IP addresses (256 hosts up) …..


OK, now looking at the output of the scan, there is three states a port can be in, Closed, Filtered or Open.

Closed speaks for itself, Filtered usually means it is open/active but is protected by a firewall of some kind and Open means it is open and un-protected.

So we trawl through the results and find that 81.32.12.240 has an open port on 139…

So we will go and take a look at it.

Original Tutorial by nokia for TheTAZZone-TAZForum

Originally posted on September 20th, 2006 here

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post...we do not sell, publish, transmit, or have the right to give permission for such...TheTAZZone merely retains the right to use, retain, and publish submitted work within it's Network.