Anonymous [#opNewBlood - #Hacking] Network Port Exploitation

1. /====================================================================================\
2. |      _____   ___     _     __  __   ___   ___   ___   ___   ___   ___   _  __      |
3. |     |_   _| | __|   /_\   |  \/  | | _ ) | __| | _ \ / __| | __| | _ \ | |/ /      |
4. |       | |   | _|   / _ \  | |\/| | | _ \ | _|  |   / \__ \ | _|  |   / | ' <       |
5. |       |_|   |___| /_/ \_\ |_|  |_| |___/ |___| |_|_\ |___/ |___| |_|_\ |_|\_\     |
6. \====================================================================================/
7.     | - T E A M B E R S E R K -
8.     | Corporations, Governments and PsyOps Regarded as Apostles.
9.     | Even if we painstakingly piece together something lost,
10.     | - it doesn't mean things will ever go back to how they were.
11.     | IRC >> IIP->127.0.0.1 6668 << Channel: #TeamBerserk
12.     | https://www.Twitter.com/TeamBerserk
13. --------------------------------------------------------------------------------------
14.  
15. /=====================================================================================\
16. |             __ __              _   __             ____  __                __        |
17. |          __/ // /_____  ____  / | / /__ _      __/ __ )/ /___  ____  ____/ /        |
18. |         /_  _  __/ __ \/ __ \/  |/ / _ \ | /| / / __  / / __ \/ __ \/ __  /         |
19. |        /_  _  __/ /_/ / /_/ / /|  /  __/ |/ |/ / /_/ / / /_/ / /_/ / /_/ /          |
20. |         /_//_/  \____/ .___/_/ |_/\___/|__/|__/_____/_/\____/\____/\__,_/           |
21. |                     /_/                                                             |
22. \=====================================================================================/
23.     | Anonymous Operation: New Blood
24.     | Articles and Guides written by Gutts of TeamBerserk
25.     | IRC.AnonNet.ORG - IRC.AnonOps.COM - IRC.AnonPlus.COM - IRC.AnonPlusRadio.COM
26.     | IRC.AnonSet.COM - IRC.Cryto.NET - IRC.CyberGuerrilla.ORG - IRC.VoxAnon.SE
27. ---------------------------------------------------------------------------------------
28.  
29. HashTags: #Anonymous, #opNewBlood, #Hacking, #Network, #DoS, #Ports, #Protocol, #Services
30.  
31. [ Network ] -> [ Port Exploitation ] -> [ Common Protocols ]
32.  
33. ============================================
34. + Building a Strong Foundation For Hacking +
35. ============================================
36.  
37. *** This is the third video tutorial of a series I am making for the New-Blood Hacker ***
38.  
39. - How To Exploit, Crack and Hack Common Network Protocols and Ports -
40.  
41. Before we begin, I would like to go over the Common Network Protocols and Ports, Ports which run Common Services.
42.  
43. An Operating System binds a Service to ( usually ) default Port Numbers, these numbers are an indication that these Services are running on a Host you scanned
44. with a port scanner such as NMap. NMap is one of the best scanning tools, it comes standard with several quite useful scripts in the .nse file extension.
45. NMap is written for nearly every Operating System. Common Services running on a Host Operating System could be SSH on Port 22 by Default, SSH is short-
46. for Secure Shell and this Service is a standard among Unix and *Nix Operating Systems, *Nix being Linux Distributions. The equivalent on a Windows Host-
47. would be RDP on Port 3389 by Default, RDP is short for Remote Desktop Protocol, which could be either a Terminal Shell or a Remote View of the GUI,-
48. Graphical User Interface of the Operating System. Cisco Routers ( usually ) use a Terminal Shell on Port 23 by Default being the Telnet Protocol.
49.  
50. The goal of Port Scanning is to identify OPEN Ports running vulnerable Services. For Instance, if you scanned the IP Address: 235.224.88.28 and NMap-
51. reported that Port: 22 is Open and the Operating System is binding the Service: Secure Shell to this port, you would look up the VERSION of this SSH-
52. Software running on the host machine and comb search for exploits on this version; if none already exist you can try your hand at writing an exploit yourself-
53. by downloading the software and looking through it for bugs or you can either brute force crack the "root" username's password using brute force cracking-
54. scripts/software or you can combo crack the "root" username's password using combo cracking scripts/software.
55.  
56. The brute force method literally goes from a-z, 0-9 and characters. The combo crack method cycles through a text list of passwords against the "root" username.
57. With enough speed and time you will eventually get in. The better way is to find an exploit in this software yourself or use an exploit for this software-
58. if it already exists. Another method is Social Engineering the user behind the "root" username. This tutorial won't go into Social Engineering the Target or-
59. exploiting the Services Software. Gutts from TeamBerserk wrote a very useful script for NMap which brings back thousands of vulnerable hosts running Common Services-
60. on default Ports; this script is shown in the Tutorial Video counterpart. With this script you will bring back thousands of Home Machines,-
61. Business and Corporate Machines.
62.  
63. If you watched my previous tutorial videos and read their tutorial texts you will already know how to use a Terminal and Shell to run Commands on the OS.
64. If your permissions are not elevated you will need to elevate them with the proper OS Commands.
65.  
66. You will need to know the common Ports and Services before starting. Common Ports and Services would be: Port: 21 - FTP, Port: 22 - SSH, Port: 137 - NetBIOS-
67. Port: 3389 and Port 3390 - RDP, Port: 23 - Telnet, etc.
68.  
69. Once you have a target you should begin gathering as much information on it as possible. I personally like hacking the Chinese and the Koreans.
70. From my experience also, from these methods about 10% of the time the username is Administrator, Guest or Owner with no password for RDP and root
71. with no password for SSH. The Other 90% of the yield will need cracking.
72. ---------------------------------------------------------------------------------------
73.  
74. NMap Scans
75. (01): - Download NMap Port Scanner From:
76.     ( http://nmap.org/dist/nmap-6.25-setup.exe )
77.     Install NMap.
78.     NMap Scan For Target IP: nmap -T4 -A -v
79.     NMap Scan For Port by IP Range: nmap -p <port> -P0 -sS <ip/24>
80. ---------------------------------------------------------------------------------------
81.  
82. NCrack Port Cracking
83. (02): - Download NCrack Port Cracker From:
84.     ( http://nmap.org/ncrack/dist/ncrack-0.4ALPHA-setup.exe )
85.     Install NCrack
86.     NCrack Commands For Combo Cracking A Service: ncrack -vv -U username.list -P passwords.list <ip:port>
87.                               ncrack -vv --user <username> -P passwords.list <ip:port>
88.     NCrack Command For All Switches: ncrack --help
89.     Open a Terminal and type cd path/to/ncrack.exe and then type the above commands on the target IP.
90. ---------------------------------------------------------------------------------------
91.  
92. Username and Password Lists
93. (03): - Download Username and Password Lists From:
94.     ( http://seclists.org/nmap-dev/2009/q3/320 )
95.     ( http://ophcrack.sourceforge.net/tables.php )
96.     The Above lists can be loaded into ncrack with the -U <usernames.list> and -P <passwords.list> switches.
97. ---------------------------------------------------------------------------------------
98.  
99. This Tutorial ( AnonPST: https://pastebin.com/raw.php?i=ydF53wDL )
100. This Tutorial ( YouTube: https://youtu.be/1qYZBjSQP10 )
101.  
102. - Tutorial Written by Mechan1mA of TeamBerserk; This Tutorial is intended for Windows OS 7 and greater, these same methods work on any Operating System however.