net_toolz.html

黑客培训教程

<P><font face="Verdana" size="2">Note: I have typed whatever is after &gt; and other lines are written by the computer.</font> </P>
<P><font face="Verdana" size="2">This will return the address info of the host hotmail.com. Do try it out and see what you get.</font></P>
<P><font face="Verdana" size="2">Now if we want to run nslookup in Non Interactive Mode, then we have to write the command in the following format:</font></P>
<P><font face="Verdana" size="2">$&gt;nslookup Hostname</font></P>
<P><font face="Verdana" size="2">Now in all the above examples, we did a normal DNS lookup on the host. We can also use nslookup to perform a reverse DNS lookup by instead of mentioning the Hostname, by mentioning the IP of the host.</font></P>
<P><font face="Verdana" size="2">Eg.</font></P>
<P><font face="Verdana" size="2">$&gt;nslookup IP address</font></P>
<P><font face="Verdana" size="2">Now that you have understood the whole concept of DNS you know what happens when we issue the /dns command in IRC.</font></P>
<P><font face="Verdana" size="2">There is yet another Unix utility or command called DIG or Domain Information Groper which too like nslookup gives info on the host. It too is a part of SamSpade.</font></P>
<B><P><font face="Verdana" size="2">Ports</font></P>
</B><P><font face="Verdana" size="2">Now that you no what an IP is and what DNS or the hostname is, lets move on to Ports.</font></P>
<P><font face="Verdana" size="2">There are basically two kinds of ports--Physical(HardWare) and Virtual (Software) You may be knowing ports to be the slots behind your CPU to which you connect your Mouse or Keyboard or your monitor. Well they are physical Hardware real ports.The ports we Hackers are interested with are virtual software ports.A port is a virtual pipe through which information goes in and out. A particular computer can have a large number of ports. All ports are numbered.</font></P>
<P><font face="Verdana" size="2">Now at each port a particular service is running. A software which runs on a port is called a service. So how do you know which service is running on which port. Well all ports are numbered and there is a general rule which almost everyone follows which decides which service usually runs at which port.</font></P>
<P><font face="Verdana" size="2">Some popular ports and services running are:</font></P>
<font face="Verdana" size="2">
Ping 7<br>
Systat 11<br>
Time 13<br>
NetStat 15<br>
SSH 22 (This is same as Secure Shell Login)<br>
Telnet 23<br>
SMTP 25<br>
Whois 43 <br>
Finger 79<br>
HTTP 80<br>
POP 110<br>
NNTP 119<br>
IDENT 139<br>
rlogin 513 (IP Spoofing can be used here.)<br>
</font>
<P><font face="Verdana" size="2">&nbsp;<br>
</font>
<P><font face="Verdana" size="2">To get an entire list of port numbers and the corressponding service running at that particular port, read RFC 1700 .</font></P>
<P><font face="Verdana" size="2">Ports under 1024 usually have popular well known services running on them. The higher port numbers are used say, when your browser needs to connect to a remote server maybe when the browser connects to port 80 of the remote server and requests for the default webpage. So in these cases the browser chooses a random port above 1024.</font></P>
<P><font face="Verdana" size="2">************</font></P>
<P><font face="Verdana" size="2">Newbie Note: What the hell is a RFC? Well RFC stands for Request For Comment. They are texts which cover each and every aspect of Networking and the Internet. They are written by geeks and if you want to become an uberhacker then you will have to by hear all RFC抯. All these new terms and the whole TCP\IP protocol may sound weird and difficult to grasp but if you want to be a good hacker then you will have to stay with them the rest of your lives.To locate a RFC just go to your fav search engine and type the RFC number.</font></P>
<P><font face="Verdana" size="2">*************</font></P>
<P><font face="Verdana" size="2">*************</font></P>
<P><font face="Verdana" size="2">NewBie Note:</font></P>
<P><font face="Verdana" size="2">What is a Daemon?</font></P>
<P><font face="Verdana" size="2">Well a daemon is a program that runs in the background at many Unix ports. If you find a service or a daemon running at a port, I am sure that computer is hackable.</font></P>
<P><font face="Verdana" size="2">*************</font></P>
<B><P><font face="Verdana" size="2">Port Scanning &amp; Port Surfing</font></P>
</B><P><font face="Verdana" size="2">Now that you know everything about Telnet and have some basic Networking knowledge lets have some fun by learning to Port Surf. It is the first basic step in finding a hackable server running a daemon with a hole or a vulnerability.</font></P>
<P><font face="Verdana" size="2">Say you want to hack into your ISP抯 server, what do you do? You firstly find out the hostnames of the servers runned by your ISP. Now each server can have a large umber of open ports and it would take days to manually go to each port and then find out that no service is running at that port. So here come in the Port Scanning Utilities which give a list of open ports on a server. Some port scanners alongwith the list of open ports also gives the services running on each port and it抯 vulnerabilties, if any.</font> </P>
<P><font face="Verdana" size="2">Now port scanning takes advantage the 3-stage TCP handshake to determine what ports are open on the remote computer. To learn more about the TCP\IP protocol read the networking manuals that I distribute on my mailing list.</font></P>
<P><font face="Verdana" size="2">Tools like SATAN and lots of them more allow you to find out the list of open ports, the daemon or the service running at each open port and also the service抯 vulnerability at the click of a button. You can抰 call yourself a hacker if you need some Software which first of all is not written by you to do something as lame as a port scan. Well yes I do agree that looking for open ports on a server would take a long time. But what I am suggesting is that you use a Port scanning tool which just gives you a list of open ports without the list of services and the vulnerabilities.</font></P>
<P><font face="Verdana" size="2">I assure you, if you try and explore an open port of a remote server manually, you will be able to learn more about the remote system and also it will give you a taste of what hacking actually is.</font></P>
<P><font face="Verdana" size="2">If you use a port scanner which gives you all details at the click of a button to impres your friends, let me assure you none of them will be impressed as I am sure anyone can use SATAN and other such scanners.</font></P>
<P><font face="Verdana" size="2">Another thing you need to be careful about before port scanning your ISP is that most port scanners are very easily detected and can easily be traced and you have no excuse if you are caught doing a port scan on a host., it a sure sign of Hacker Activity.There are many stealth scanners like Nmap which claim to be untraceable. But the truth is that they are very much traceable and they are quite inaccurate as they send only a single packet to check if a port is open or not. And if the host is running the right kind of Sniffer software maybe Etherpeek then the Port scan can be easily detected and the IP of the user logged. Anyway some ISP抯 are really afraid of Hacking activites and even at the slightest hint of some suspicious hacking activity something like Port scannng, they can remove your account.So just be careful.</font></P>
<P><font face="Verdana" size="2">************</font></P>
<P><font face="Verdana" size="2">Evil Hacking Trick: Well try to keep an eye on TCP port 12345, and UDP port 31337 these are the default ports for the popular trojans NetBus and BO, respectively</font></P>
<P><font face="Verdana" size="2">*************</font></P>
<P><font face="Verdana" size="2">Some ISP抯 are quite aware of Hacking Activites and are one step ahead. They may be running some excellent software which will keep hackers away. EtherPeek is an excellent example of a sniffing software which can easily trace users who are port scanning. Nuke Nabber a Windows freeware claims to be able to block Port Scans. I have not tested it so I can't say for sure. Then there is another fun program known as Port Dumper which can fake daemon( services) like Telnet, Finger etc.</font></P>
<B><P><font face="Verdana" size="2">How can I find out my own IP address and what ports are open on my machine?</font></P>
</B><P><font face="Verdana" size="2">All this talk about IP's and ports may have made you quite interested in this subect and you may be dying to find out a method of finding out open ports on your machine and your own IP address.</font></P>
<P><font face="Verdana" size="2">Well just type the following at the DOS prompt (Windows users) or the bash prompt (Unix users):</font></P>
<P><font face="Verdana" size="2">netstat -a</font></P>
<P><font face="Verdana" size="2">This will return something like the following:</font></P><pre><font face="Verdana" size="2">
</font></pre>
<P><font face="Verdana" size="2">C:\WINDOWS>netstat -a

Active Connections

  Proto  Local Address          Foreign Address        State
  TCP    ankit-s-hax-box:1030   0.0.0.0:0              LISTENING
  TCP    ankit-s-hax-box:1033   0.0.0.0:0              LISTENING
  TCP    ankit-s-hax-box:1027   0.0.0.0:0              LISTENING
  TCP    ankit-s-hax-box:1030   mail2.mtnl.net.in:pop3  ESTABLISHED
  TCP    ankit-s-hax-box:1033   zztop.boxnetwork.net:80  CLOSE_WAIT
  TCP    ankit-s-hax-box:137    0.0.0.0:0              LISTENING
  TCP    ankit-s-hax-box:138    0.0.0.0:0              LISTENING
  TCP    ankit-s-hax-box:nbsession  0.0.0.0:0              LISTENING
  UDP    ankit-s-hax-box:1027   *:*
  UDP    ankit-s-hax-box:nbname  *:*
  UDP    ankit-s-hax-box:nbdatagram  *:*</font>
<B><P><font face="Verdana" size="2">Sockets and Ports Explained</font></P>
</B><P><font face="Verdana" size="2">Note: I am assuming that you have at least some knowledge about TCP\IP.</font></P>
<P><font face="Verdana" size="2">What is all the hype about socket programming? What exactly are sockets? TCP\IP or Transmission Control Protocol\ Internet Protocol is the language or the protocol used by computers to communicate with each other over the Internet. Say a computer whose IP address is 99.99.99.99 wants to communicate with another machine whose IP address is 98.98.98.98 then would will happen?</font></P>
<P><font face="Verdana" size="2">The machine whose IP is 99.99.99.99 sends a packet addressed to another machine whose IP is 98.98.98.98. When 98.98.98.98 receives the packet then it verifies that it got the message by sending a signal back to 99.99.99.99.</font></P>
<P><font face="Verdana" size="2">But say the person who is using 99.99.99.99 wants to have simunateously more than one connections to 98.98.98.98