This is very basic text
and more advanced text will come later. Its easier to explain from
crackers perspective, so thats the way i'll do it. The following
steps are usualy taken by clueless crackers who dont know much about
anything, but they are the ones that do the most dammage...
so here it goes...
Things you need
---------------
A shell account of some kind. Usualy people jsut install Linux
in our days, but normal shell account will do. Just make sure you
can run basic programs like: nslookup, host, dig, ping, traceroute,
telnet, ssh, ftp etc. Also make sure it has GCC installed and other
dev tools, so you could compile stuff. Also helps having tools like
NMAP and NetCat. Last thing you need is exploits.
* Shell account is similar to your DOS shell, except it has different
commands and functions. Where you could get one? Your friend who has
Linux or something installed could give you a log on to his box or
maybe your ISP provides you with a shell (i doubt that very much)
* Linux is an operating system that most hackers/crackers use
* NMAP is an advanced port-scanner
* NetCat is a telnet like proggy which allows you to stream data to
specific host
* Exploits different programs, writen mainly in C, which do all the
work for you. Exploits are the progs that break into computer for
you. Where to find them? Well thats easy! http://www.hack.co.za
Weeellll... all the things above is all you need to brek into some
network! Basicaly all u need is:
a) Linux (http://www.slackware.com)
b) Nmap (http://www.insecure.org)
c) NetCat (http://www.l0pht.com/~weld/netcat/)
d) Exploits (http://www.hack.co.za)
Steps
-----
a) Install Linux and bring it on line. I'm not goanna explain how to
do this here... cause there are lots of books on this topic already.
Look in http://kgb.za.net/books/ ask me for username and password if
you dont know it yet.
b) Install nmap.
1) tar zxvf nmap.tar.gz
2) cd nmap
3) ./configure && make && make install
This is basic installation process.
c) Pick a target on line. Lets say your target is lame_box.za.net
d) Get its IP by doing "nslookup lame_box.za.net"
This will spit out the IP of the host... in our case it will be
196.1.2.3
e) See what services this host is running and hopefuly detect its
OS by doing:
"nmap -sS -O 196.1.2.3"
This command will give you output similar to the following:
----------------------------- cut here -----------------------------
root@kgb:~# nmap -sS -O 196.1.2.3
Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
Interesting ports on lame_box.za.net (196.1.2.3):
(The 1531 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
25/tcp open smtp
80/tcp open http
111/tcp open sunrpc
113/tcp open auth
515/tcp open printer
963/tcp open unknown
1024/tcp open kdm
4444/tcp filtered krb524
6000/tcp open X11
6699/tcp filtered napster
OS guess for host: Linux 2.2.14-2.2.16
Uptime 0.160 days (since Mon Apr 30 14:51:06 2001)
Nmap run completed -- 1 IP address (1 host up) scanned in 67 seconds
root@kgb:~#
Jai Shree Raam
No comments:
Post a Comment