Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /====================================================================================\
- | _____ ___ _ __ __ ___ ___ ___ ___ ___ ___ _ __ |
- | |_ _| | __| /_\ | \/ | | _ ) | __| | _ \ / __| | __| | _ \ | |/ / |
- | | | | _| / _ \ | |\/| | | _ \ | _| | / \__ \ | _| | / | ' < |
- | |_| |___| /_/ \_\ |_| |_| |___/ |___| |_|_\ |___/ |___| |_|_\ |_|\_\ |
- \====================================================================================/
- | - T E A M B E R S E R K -
- | Corporations, Governments and PsyOps Regarded as Apostles.
- | Even if we painstakingly piece together something lost,
- | - it doesn't mean things will ever go back to how they were.
- | IRC >> IIP->127.0.0.1 6668 << Channel: #TeamBerserk
- | https://www.Twitter.com/TeamBerserk
- --------------------------------------------------------------------------------------
- /=====================================================================================\
- | __ __ _ __ ____ __ __ |
- | __/ // /_____ ____ / | / /__ _ __/ __ )/ /___ ____ ____/ / |
- | /_ _ __/ __ \/ __ \/ |/ / _ \ | /| / / __ / / __ \/ __ \/ __ / |
- | /_ _ __/ /_/ / /_/ / /| / __/ |/ |/ / /_/ / / /_/ / /_/ / /_/ / |
- | /_//_/ \____/ .___/_/ |_/\___/|__/|__/_____/_/\____/\____/\__,_/ |
- | /_/ |
- \=====================================================================================/
- | Anonymous Operation: New Blood
- | Articles and Guides written by Gutts of TeamBerserk
- | IRC.AnonNet.ORG - IRC.AnonOps.COM - IRC.AnonPlus.COM - IRC.AnonPlusRadio.COM
- | IRC.AnonSet.COM - IRC.Cryto.NET - IRC.CyberGuerrilla.ORG - IRC.VoxAnon.SE
- ---------------------------------------------------------------------------------------
- HashTags: #Anonymous, #opNewBlood, #Hacking, #Network, #DoS, #Ports, #Protocol, #Services
- [ Network ] -> [ Port Exploitation ] -> [ Common Protocols ]
- ============================================
- + Building a Strong Foundation For Hacking +
- ============================================
- *** This is the third video tutorial of a series I am making for the New-Blood Hacker ***
- - How To Exploit, Crack and Hack Common Network Protocols and Ports -
- Before we begin, I would like to go over the Common Network Protocols and Ports, Ports which run Common Services.
- An Operating System binds a Service to ( usually ) default Port Numbers, these numbers are an indication that these Services are running on a Host you scanned
- with a port scanner such as NMap. NMap is one of the best scanning tools, it comes standard with several quite useful scripts in the .nse file extension.
- NMap is written for nearly every Operating System. Common Services running on a Host Operating System could be SSH on Port 22 by Default, SSH is short-
- for Secure Shell and this Service is a standard among Unix and *Nix Operating Systems, *Nix being Linux Distributions. The equivalent on a Windows Host-
- would be RDP on Port 3389 by Default, RDP is short for Remote Desktop Protocol, which could be either a Terminal Shell or a Remote View of the GUI,-
- Graphical User Interface of the Operating System. Cisco Routers ( usually ) use a Terminal Shell on Port 23 by Default being the Telnet Protocol.
- The goal of Port Scanning is to identify OPEN Ports running vulnerable Services. For Instance, if you scanned the IP Address: 235.224.88.28 and NMap-
- reported that Port: 22 is Open and the Operating System is binding the Service: Secure Shell to this port, you would look up the VERSION of this SSH-
- Software running on the host machine and comb search for exploits on this version; if none already exist you can try your hand at writing an exploit yourself-
- by downloading the software and looking through it for bugs or you can either brute force crack the "root" username's password using brute force cracking-
- scripts/software or you can combo crack the "root" username's password using combo cracking scripts/software.
- The brute force method literally goes from a-z, 0-9 and characters. The combo crack method cycles through a text list of passwords against the "root" username.
- With enough speed and time you will eventually get in. The better way is to find an exploit in this software yourself or use an exploit for this software-
- if it already exists. Another method is Social Engineering the user behind the "root" username. This tutorial won't go into Social Engineering the Target or-
- exploiting the Services Software. Gutts from TeamBerserk wrote a very useful script for NMap which brings back thousands of vulnerable hosts running Common Services-
- on default Ports; this script is shown in the Tutorial Video counterpart. With this script you will bring back thousands of Home Machines,-
- Business and Corporate Machines.
- If you watched my previous tutorial videos and read their tutorial texts you will already know how to use a Terminal and Shell to run Commands on the OS.
- If your permissions are not elevated you will need to elevate them with the proper OS Commands.
- You will need to know the common Ports and Services before starting. Common Ports and Services would be: Port: 21 - FTP, Port: 22 - SSH, Port: 137 - NetBIOS-
- Port: 3389 and Port 3390 - RDP, Port: 23 - Telnet, etc.
- Once you have a target you should begin gathering as much information on it as possible. I personally like hacking the Chinese and the Koreans.
- From my experience also, from these methods about 10% of the time the username is Administrator, Guest or Owner with no password for RDP and root
- with no password for SSH. The Other 90% of the yield will need cracking.
- ---------------------------------------------------------------------------------------
- NMap Scans
- (01): - Download NMap Port Scanner From:
- ( http://nmap.org/dist/nmap-6.25-setup.exe )
- Install NMap.
- NMap Scan For Target IP: nmap -T4 -A -v
- NMap Scan For Port by IP Range: nmap -p <port> -P0 -sS <ip/24>
- ---------------------------------------------------------------------------------------
- NCrack Port Cracking
- (02): - Download NCrack Port Cracker From:
- ( http://nmap.org/ncrack/dist/ncrack-0.4ALPHA-setup.exe )
- Install NCrack
- NCrack Commands For Combo Cracking A Service: ncrack -vv -U username.list -P passwords.list <ip:port>
- ncrack -vv --user <username> -P passwords.list <ip:port>
- NCrack Command For All Switches: ncrack --help
- Open a Terminal and type cd path/to/ncrack.exe and then type the above commands on the target IP.
- ---------------------------------------------------------------------------------------
- Username and Password Lists
- (03): - Download Username and Password Lists From:
- ( http://seclists.org/nmap-dev/2009/q3/320 )
- ( http://ophcrack.sourceforge.net/tables.php )
- The Above lists can be loaded into ncrack with the -U <usernames.list> and -P <passwords.list> switches.
- ---------------------------------------------------------------------------------------
- This Tutorial ( AnonPST: https://pastebin.com/raw.php?i=ydF53wDL )
- This Tutorial ( YouTube: https://youtu.be/1qYZBjSQP10 )
- - Tutorial Written by Mechan1mA of TeamBerserk; This Tutorial is intended for Windows OS 7 and greater, these same methods work on any Operating System however.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement