如何獲取肉雞（How to get the broiler）

1、如何獲取肉雞（How to get the broiler）How to get the broilerPublished in: corner category: unclassifiedToday we are going to talk about some simple invasions. This article is for beginners, and I cant write the difficult articles. The methods used here are both for winnt and 2000, and the platform is 2000.

2、I just want to give it to the rookie.Theres so much verbose, now lets get started. First of all, what do we do with a few scanners? You dont know what the scanner is? I dizzy scanner is scanning, it can detect the hole of host!There are often port scanners, cgi vulnerability scanners, and large scan

3、ners like streamers that can sweep everything. Lets start with the scanner principle!Now lets say youre A, and youre going to sweep BSo, the process of usually setting up three shakes isA - - - - - - - - the Syn - - - - - - - BA BThis creates a connection, and the scan creates a lot of them to get t

4、o know which ports the other has opened, and which services will be further detected. However, this TCP scan will leave a lot of records, and if Bs network is not an idiot then hell start paying attention!So were going to use a semi-open scan (syn)That isA - - - - - - - - the Syn - - - - - - - BA BA

5、 - connected -? - simple scan - nt / 98 - IP segment began to sweep, sweep to 139 opened a lot of host and ipc host, right click - detection - remote users then there will be a lot of users to share and be swept out, is likely to include a weak password (see the killers of time tutorials) here I tel

6、l you a secret, is has a lot of guest for admin privileges, the password is usually empty this is because the host has been compromised, someone left the back door, this cheap, we fetched in the to say again first!As we said earlier, I dont like to scan with streamer, so we use xscan here to scan th

7、e nt weak password! Choose nt weak password in the scanning option, then I will have an IP range, let him scan, and then we can wait for the results to be very fruitful. I will clean this one every time! Now were going to talk about how to use it! I have mentioned that I like to attack with streamer

8、, now lets see his power! Streaming 4 - tool- nt/iis tool- nt remote pipe command input IP, the user name that was swept just now, password (if it is empty) connection!NTCMD net userLets see, we got itLets add a user nameNTCMD net user aaa 123 / addCommand successful completionAdded to the administr

9、ators groupNTCMD net localgroup administrators aaa/addCommand successful completionOkay, so the broiler is ready. What? You want to make him a springboard? All right, lets keep goingStreamer 4 - tool - nt/iis tool - ipc growersAdd IP, user name, password, etcAnd then Im going to startNext, well use

10、Telnet to go to debug snakes sksockserver and use NTCMDSksockserver cannot be installed.Im not going to do that, but Im going to give you some references.Of course, you can also put a bunch of backdoors on it.But I like thatIP NTCMD net use g: c $Command successful completionIn this way, we mapped h

11、is c disk into my g disk. Then I put a Trojan again server to go up again use NTCMD run, ha ha done , play he is not negotiable!We can also put c; winnt repair Sam. _ get down, use lc3 to get all users passwords, or use trojans to catch passwords!Of course, we can also run tlntadmn on Telnet to modi

12、fy the Telnet port, how can we expand the results? We still use NTCMDNTCMD net view.Come out a lot of machine names and this is Shared with our broiler chickensLets say I have one LOVEWe willNTCMD ping - a LOVESo you get his IPI usually use SSS againOf course, you can also use the password you get t

13、o try, see if you can get in, heheOnce, I was accidentally running to a education department, net view,Incredibly linked to the education bureau. Then I stopped because of my own safety, and the Chinese government cant mess with itFinally, cleaning the footprint, suggest using the cleaniislog of the

14、 little rongyan, very convenient, usage see instructions! Keep in mind that the first choice to invade nt is 139, netbiosIn addition, it is convenient to connect to the computer with the computer management of 2000, which is connected to the computer.Here are a few other ways I can explain thisInput

15、 method basically became extinct but if you scan a lot of chickens and perhaps the best should be several SQL sa is empty, with time even directly, even can be added directly after the account, etc., but there is a little bad sometimes even cant do it. For example, I have never connected in the scho

16、ol machine room, and it is estimated that I have a hard firewall on the internal network, and I am very good at 3389. But its never going to improve! Next to explain is idq overflow and. Printer, the two holes I dont want to say much, because many people will use but failed, Im here to say what circ

17、umstance can succeed. In general, with xscan scan, if there is an isapi extension, then congratulations, if there are two bugs that are absolutely successful, I have been a successful one. Because both of these holes are closely related to iis that broken thing, so dont be confused by the false alar

18、m of other scanners, and detailed explanation of these two holes in the hole in anjiao.See NCC for a tutorial on unicode vulnerabilityThe streamer is a good attack tool, his files folder and tools folder is a long experience, hehe. Do not say, otherwise world big disorderly!In short, the security of

19、 98 is better than 2000, because 98 is basically useless. In general, the invasion of 98 is 139, and the lmhosts file should be changed to achieve the goal of invasion! But I advise beginners dont dwell on me, though you can from in to a lot of chicken, but dont do a simple repetitive work When ther

20、e is a certain level to play Linux, Unix, or level will not improve. I write the purpose of this article is to let everybody to learn, please dont damage, if so I shall not be responsible for all consequences!textNT weak password. There are so few of them.If youre still looking for a chicken like that. You can consider scanning the IP section of foreign countries.South Korea is goodAnd then we have 1433. Although this security issue is very much mentioned before.But giv