DOS Hacking Tutorial

Microsoft DOS came with some hacking tools hidden I will discuss here. This tool can be found in the directory c: \ windows if you use Win98, and if you are using winxp then this tool is located at C: \ winxp \ system32. WinXP, Win2000 and WinNT released with some additional Internet tools. So if you are still using Win98 then I suggest replacing it with WinXP. Which of course has the additional securiti features and commands a good internet hacking. In this manual I will discuss about some of the commands found in Win98 and WinXP.

So for the user window, the following commands at the DOS hacking.

1. ping
2. tracert
3. telnet
4. ftp
5. netstat

this is the caption  ::

1. ping

Utiliy is used to locate remote host. Yan gmengirmkan a SYN signal to a remote host, and if the remote host's reply it means there is a remote machine.

Try you type this command:

C:\windows>ping/?

*************
Newbie tip: typing '/?' after dos command displays helpnya. So how do you learn various dos commands. Is not WinXP, WinNT and Win2000 also have the command 'help ' to display all the dos commands.
*************

  1. Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
  2. [-r count] [-s count] [[-j host-list] | [-k host-list]]
  3. [-w timeout] destination-लिस्ट

Options:

  1. -t Ping the specified host until stopped.
  2. To see statistics and continue - type Control-Break;
  3. To stop - type Control-C.
  4. -a Resolve addresses to hostnames.
  5. -n count Number of echo requests to send.
  6. -l size Send buffer size.
  7. -f Set Don't Fragment flag in packet.
  8. -i TTL Time To Live.
  9. -v TOS Type Of Service.
  10. -r count Record route for count hops.
  11. -s count Timestamp for count hops.
  12. -j host-list Loose source route along host-list.
  13. -k host-list Strict source route along host-list.
  14. -w timeout Timeout in milliseconds to wait for each reply.
 So I am able to ping any ip address or domain name to check its presence on the internet. For example I type "ping localhost" then I get.

  1. Pinging chintan [127.0.0.1] with 32 bytes of data:
  2.  
  3. Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
  4. Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
  5. Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
  6. Reply from 127.0.0.1: bytes=32 time<10ms TTL=128
  7.  
  8. Ping statistics for 127.0.0.1:
  9. Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
  10. Approximate round trip times in milli-seconds:
  11. Minimum = 0ms, Maximum = 0ms, Average = 0ms
 ************
Newbie tip: 'localhost' is the ip 127.0.0.1 and the ip address of our own. Also known as the loopback ip. But when you connect to the internet you will be assigned a new IP by your provider as your self-identification. You can find out your ip by typing "winipcfg" in the Start menu-Run for Win98 users, while others simply typing "ipconfig"at the command prompt.
***********
This suggests to me that 32 bytes of data are sent to 127.0.0.1 and returned back to less than 10ms. TTL is Time To Live and values ​​range from 0 to 255 (default 128). Now let us see what happens if I type "ping http://www [dot] yahoo [dot] com"

  1. Pinging http://www[dot]yahoo[dot]akadns[dot]net [66.218.71.87] with 32 bytes of data:
  2.  
  3. Reply from 66.218.71.87: bytes=32 time=3448ms TTL=54
  4. Reply from 66.218.71.87: bytes=32 time=2276ms TTL=54
  5. Reply from 66.218.71.87: bytes=32 time=1799ms TTL=54
  6. Reply from 66.218.71.87: bytes=32 time=2850ms TTL=54
  7.  
  8. Ping statistics for 66.218.71.87:
  9. Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
  10. Approximate round trip times in milli-seconds:
  11. Minimum = 1799ms, Maximum = 3448ms, Average = २५९३म्स
But what about the ping is used by hackers? Well, there are two options '|' and '-t' deadly. - | is used to buffer size specification is sent (default is 32 bytes) what if I type "ping - | 65 600 target.com" this will bring death to target.com 65,600 data packets that are higher than the capacity of the TCP / IP 65535. This action causes the target.com to hang and must be restarted.

And if I type "ping-t target.com" this will continue sending 32 bytes of data to target.com to spend resources and causing hangs. The above two types of attacks known as ping DoS attack to the attacker.

***********
Newbie tip: 'Dos' the latter is a denial of service which was launched by hackers to stop service on remote machine.
***********
Note: This type of attack is often used in the past, but this time on a system that has been updated it will not work anymore.

2. Tracert

Tracert command to the remote machine do the tracking. Before we reach the remote machine requests through a different router in between. Tracert tool (known as 'traceroute' on unix) was originally designed to look for a router which is having problems. The command show ip address router through which we request before reaching the remote maching. For example, if I type "tracert http://www [dot] yahoo [dot] com /" at the dos prompt it will be there:

  1. Tracing route to http://www[dot]yahoo[dot]akadns[dot]net [66.218.71.87]
  2. over a maximum of 30 hops:
  3.  
  4. 1 * 2296 ms 2025 ms dialpool-210-214-55-11.maa.sify.net [210.214.55.11]
  5. 2 2446 ms 2025 ms 2301 ms dialpool-210-214-55-2.maa.sify.net [210.214.55.2]
  6. 3 1899 ms 2066 ms 2450 ms lan-202-144-32-177.maa.sify.net [202.144.32.177]
  7. 4 * 2885 ms 2749 ms lan-202-144-83-4.maa.sify.net [202.144.83.4]
  8. 5 * * * Request timed out.
  9. 6 * * * Request timed out.
  10. 7 * * * Request timed out.
  11. 8 * * * Request timed out.
  12. 9 * * * Request timed out.
  13. 10 * 3408 ms * http://www[dot]yahoo[dot]akadns[dot]net [66.218.71.87]
  14. 11 * * * Request timed out.
  15. 12 * * * Request timed out.
  16. 13 * * * Request timed out.
  17. 14 * * * Request timed out.
  18. 15 * * * Request timed out.
  19. 16 * * * Request timed out.
  20. 17 482 ms 698 ms 624 ms w8.scd.yahoo.com [66.218.71.87]
 Trace complete.

The first line tells us where the trace ip and then the number of hops. The number of hops depends on the number of servers that exist between them. After starting the tracing. My first request via sify.net (name of my ISP's server) and then through a different server and finally reach w8.scd [dot] yahoo [dot] com. So we can see how long the procedure. Whenever you go to http://www [dot] yahoo [dot] com / in a web browser, your request is always through the isp first (to get the ip from http://www [dot] yahoo [dot] com / from the list of domain names ) and then another server in the path and the last on yahoo.

So how tracert used by hackers. This command is used to find the firewall and incapacitate. Tracer used in conjunction with nmap can know exactly where ip firewall installed, then the hacker will incapacitate. For the example above we see that the tracing process stops at w8.scd [dot] yahoo [dot] com. But this is not the real goal. That's because stopped by a firewall. Concerning the problem of firewalls will be discussed in a separate article.


3. Telnet

If you are using windows then 'telnet' is the ultimate hacking tool for you. Actually is a terminal that can access the remote machine and use the service. Through telnet you can specify a connection between your machine and remote machine via a specific port.

***********
Newbie tip: Here I am talking about a virtual port. Not physically that you see behind your CPU. Just as the physical port used to connect to hardware and in the same way the virtual port used to connect to the software. TCP / IP has a 65.535 virtual ports.
***********
If you mengentik "telnet target [dot] com" then you connect to the target [dot] com on prot no. 23 (the port that runs the telnet service). You also can connect to any other port by typing the port number after the target [dot] com. for example if I want to connect to port no. 25 (SMTP service) then Salya would type "telnet target.com 25".
***********
Newbie tip: Each port is running a particular service. To mendaptkan list of services that run on a particular port is open "C: \ windows \ services" on the notepad.
***********
Moment you connect to a remote machine on a particular port, a popup window with a telnet daemon that runs the port waiting for you to type commands. For example "telnet http://www [dot] cyberspace [dot] org /" then like the picture below is what I get.

I have to log in there and type a password and I get a linux shell prompt. Well if you type newuser there to get a loginid and Password. And the account after that I set up a command to execute remotely.

Well, http://www [dot] cyberspace [dot] org / have a Linux server. So if you are not familiar with Linux you will not be able to use the service.

4. FTP

FTP is File Transfer Protocol. Through this you can download or upload files. And what the hackers want from this? True! Stay typing "ftp target [dot] com" and the daemon banner will be displayed. But here, with the purpose of showing the file transfer you must log in first. Some websites allow the naonymous login. For example type the login "anonymous" and your email-address as a password. Of course you have to type a fake email. You now may start downloading and upload files. But for that you are of a command. At the FTP prompt you can type "?". Then it will be displayed as follows:

  1. ! delete literal prompt send
  2. ? debug ls put status
  3. append dir mdelete pwd trace
  4. ascii disconnect mdir quit type
  5. bell get mget quote user
  6. binary globe mkdir recv verbose
  7. bye hash mls remotehelp
  8. cd help mput rename
  9. close lcd open र्म्दिर
To mendaptkan help on various commands such as delete commands, type "? Delete ". A few other important commands are:

  1. 1. 'pwd' to know the present directory at remote machine.
  2. contohnya. ftp>pwd
  3. /etc/home
  4. 2. 'lcd' to change the local directory.
  5. contohnya. ftp>lcd C:\windows
  6. local directory now C:\windows
  7. 3. 'cd' to change the remote directory.
  8. contohnya. ftp>cd /etc
  9. remote directory now /etc
  10. 4. 'mput' to send multiple files to remote machine.
  11. contohnya. ftp>mput *.*
  12. sends all files from C:\windows to /etc
  13. 5. 'mget' to get multiple files from remote machine.
  14. contohnya. ftp>mget *.*
  15. gets all files from /etc to C:\windows
  16. 6. 'open' to establish a connection with remote host.
  17. contohnya. ftp>open http://www[dot]target[dot]com
  18. 7. 'bye' closes the connection and quits from ftp

 For other commands from the ftp please refer to help them.

Now on the FTP port (prot 21) is open http://www [dot] nosecurity [dot] com /. A hacker will connect to the site using the "ftp http://www [dot] nosecurity [dot] com /" at the dos prompt. Then he will try to log in anonymously. Assuming that http://www [dot] nosecurity [dot] com / using linux server, then the hacker will be mengtikkan command "get / etc / apsswd" for the password file and mengcracknya mendaptkan. If you are a hacker, then do not forget to delete the log.

5. netstat

You can specify a connection to the remote machine on a particular port, only when the port is opened on a remote machine. For example, if you want to specify a connection with http://www [dot] targe [dot] com / on port 23 (telnet), then that port should be open at http://www [dot] target [dot] com / . And all hacking activities generally use an open port. Typing "netstat /?" at dos prompt gives:

  1. Displays protocol statistics and current TCP/IP network connections.
  2.  
  3. NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r] [interval]
  4.  
  5. -a Displays all connections and listening ports.
  6. -e Displays Ethernet statistics. This may be combined with the -s
  7. option.
  8. -n Displays addresses and port numbers in numerical form.
  9. -p proto Shows connections for the protocol specified by proto; proto
  10. may be TCP or UDP. If used with the -s option to display
  11. per-protocol statistics, proto may be TCP, UDP, or IP.
  12. -r Displays the routing table.
  13. -s Displays per-protocol statistics. By default, statistics are
  14. shown for TCP, UDP and IP; the -p option may be used to specify
  15. a subset of the default.
  16. interval Redisplays selected statistics, pausing interval seconds
  17. between each display. Press CTRL+C to stop redisplaying
  18. statistics. If omitted, netstat will print the current
  19. configuration information once.
Options will explain their respective functions. And the most important is the option-a and-n. The-a option shows all open ports on the machine. And if I use the-n option it will show the ip address instead of the domain. I get the following if I type "netstat-a" at a command prompt.

  1. Active Connections
  2.  
  3. Proto Local Address Foreign Address State
  4. TCP chintan:1027 0.0.0.0:0 LISTENING
  5. TCP chintan:80 0.0.0.0:0 LISTENING
  6. TCP chintan:135 0.0.0.0:0 LISTENING
  7. TCP chintan:6435 0.0.0.0:0 LISTENING
  8. TCP chintan:1025 0.0.0.0:0 LISTENING
  9. TCP chintan:1026 0.0.0.0:0 LISTENING
  10. TCP chintan:1028 0.0.0.0:0 LISTENING
  11. TCP chintan:1309 0.0.0.0:0 LISTENING
  12. TCP chintan:1310 0.0.0.0:0 LISTENING
  13. TCP chintan:1285 rumcajs.box.sk:80 ESTABLISHED
  14. TCP chintan:1296 l an-202-144-78-3.maa.sify.net:80 CLOSE_WAIT
  15. TCP chintan:1297 lan-202-144-65-14.sify.net:80 ESTABLISHED
  16. TCP chintan:1310 cdn-v13.websys.aol.com:80 ESTABLISHED
  17. TCP chintan:1220 aiedownload.cps.intel.com:ftp ESTABLISHED
 
 "Proto" states the name of the protocol, "localaddress" gives us ipaddress and ports are open. "Foreign Address" menyatkaan namor ipaddress with port that connects to us. "State" declared a statement at this time if a connection is "established" or listening or just "waiting".

For example if I open http://www [dot] yahoo [dot] com / then when I run "netstat-a" I would get input like this:

"TCP 203.43.50.81:2034 http://www [dot] yahoo [dot] com: 80 establishe D"

My computer with ip 203.43.50.81 through port 2034 to connect with yahoo on port 80

*************
Newbie tip: This way you can get the ip chat with someone who is. The first time you run "netstat-an" and look under foreign ip address. Now start a private chat with other people. Also run "netstat-an" and you will get a foreign lagin ip in the end. This is the ip that person.
*************
  
  

Penulis : Nyong Galau ~ Sebuah blog yang menyediakan berbagai macam informasi

Artikel DOS Hacking Tutorial ini dipublish oleh Nyong Galau pada hari Minggu, 10 April 2011. Semoga artikel ini dapat bermanfaat.Terimakasih atas kunjungan Anda silahkan tinggalkan komentar.sudah ada 1komentar: di postingan DOS Hacking Tutorial
 

1 komentar:

  1. hackertr9 Oktober 2011 pukul 07.09

    ★♥♥♥♥♥♥♥♥♥♥♥♥♥♥♥♥♥♥♥♥★
    Facebook Remote Login - Hack Facebook accounts in 5 Minutes,Hack Private Photos
    http://fbpwdhack.blogspot.com/

    BalasHapus

Langganan: Posting Komentar (Atom)