Tuesday, September 27, 2011

Hack computer in your LAN (Windows)

Here we hack a PC somwhere in our LAN. This is a simple trick that uses open port to gain access to the target computer.The Lan hacking technique uses port 139 for the hack. On a LAN mostly the port 139 would remain open.

Today,I will write about hacking computer inside the LAN network.

This technique will be taking advantage of Port 139.

Most of the time,Port 139 will be opened.

First of all,I will do a port scanning at the target computer which is 192.168.40.128.

This computer is inside my LAN network.

I will scan it using Nmap.

[Image: 1_13.jpg]

I get the result and it shows Port 139 is opened up for me.

Now you will need both of these tools:
** USER2SID & SID2USER
** NetBios Auditing Tool

You can get both of them on the Internet.

After you get both of them,put them in the C:\ directory.

[Image: 2_1.jpg]

You now need to create a null session to the target computer.

[Image: 3_3.jpg]

Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.

We will first using USER2SID to get the ID.

[Image: 4_10.jpg]

We will test against the Guest account because Guest account is a built in account.

After we get the ID,we need to do some modification on the ID.

We take the ID we get from the guest account and modified it become
"5 21 861567501 1383384898 839522115 500".

Please leave out the S-1-,leave out all the - too.

[Image: 5_8.jpg]

Now you will see that you get the username of the Administrator account.

In this case,the Administrator account is Administrator.

Create a text file called user.txt and the content will be the username of the Admin account.

[Image: 6.jpg]

Prepare yourself a good wordlist.

[Image: 7.jpg]

Now put both of them in the same directory with the NetBios Auditing Tool.

[Image: 8.jpg]

Now we are going to crack the Admin account for the password in order to access to the target computer.

Browse to the NetBios Auditing Tool directory.

[Image: 9_1.jpg]

Press on enter and the tool will run through the passlist.

[Image: 10.jpg]

In this case,I have get the password.

In order to proof that I can get access to the target computer using this password.

[Image: 11.jpg]

After you press enter,it will prompt you for the username and password.

[Image: 12_6.jpg]

Therefore,just input them inside the prompt and continue.

[Image: 13.jpg]

Target C drive will be on your screen.

[Image: 14.jpg]

In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.

The download link of the tools will be:
Download Tools.rar

We check for open 139 port by using Zenmap, you can use any other port scanners as well.

For this you need to know the IP of computers in your network which would most probably look like 192.168.xx where only 'xx' changes in range 0 to 255 and shows different IPs.

Once we get the IP of the target machine we scan it using Nmap.


[Image: 1_13.jpg]

Here we see that port 139 is open and ready to be hacked.

We need these two hack tools-
** USER2SID & SID2USER
** NetBios Auditing Tool

Google them on the net.

After you get both of them,put them in the C:\ directory.

[Image: 2_1.jpg]

Create a null session on your computer do this as follows:-

[Image: 3_3.jpg]

Now open the Command Prompt and browse to the USER2SID & SID2USER folders .There will be 2 tools inside it,one would be USER2SID and another one be SID2USER.

We use USER2SID to get the ID of the user on target machine.

[Image: 4_10.jpg]

We will test against the Guest account because Guest account is a built in account.

After we get the ID,we need to do some modification on the ID.

We use the ID which we got from the guest account and modify it-

"5 21 861567501 1383384898 839522115 500".

Please leave out the S-1-,leave out all the - too.

[Image: 5_8.jpg]

Now you will see that you get the username of the Administrator account.

In this case,the Administrator account is "Administrator".

Create a text file called user.txt and the content will be the username of the Admin account.

[Image: 6.jpg]

Prepare yourself a good wordlist. Or get the list of most common password on the internet.

[Image: 7.jpg]

Now put both of them in the same directory with the NetBios Auditing Tool.

[Image: 8.jpg]

Now we are going to crack the Admin account for the password in order to access to the target computer.

Browse to the NetBios Auditing Tool directory.

[Image: 9_1.jpg]

Press on enter and the tool will run through the passlist.

[Image: 10.jpg]

In this case,we have the password.

In order to proof that we can get access to the target computer using this password.

[Image: 11.jpg]

After you press enter,it will prompt you for the username and password.

[Image: 12_6.jpg]

Therefore,just input them inside the prompt and continue.

[Image: 13.jpg]

Target C drive will be pop on your screen.

[Image: 14.jpg]

In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.

The download link of the tools will be:
Download Tools.rar