How To Hack Someone By Knowing His IP (1)

--------------------------------------------

NetBIOS Local Name Table

Name Type Status

---------------------------------------------

GMVPS01 <00> UNIQUE Registered

WORKGROUP <00> GROUP Registered

GMVPS01 <03> UNIQUE Registered

GMVPS01 <20> UNIQUE Registered

WORKGROUP <1E> GROUP Registered

---------------------------------------------

If the computer responded "Host not found" Then either one of two things are the case:

1. You screwed up the host name.

2. The host is not hackable.

If number one is the case you're in great luck. If two, This system isn't hackable using the NBTSTAT command. So try another system.

If you got the table as above to come up, look at it carefully as i describe to you each part and its purpose.

Name - states the share name of that certain part of the computer

<00>, <03>, <20>, <1E> - Are the Hexidecimal codes giving you the services available on that share name.

Type - Is self-explanatory. It's either turned on, or activated by you, or always on.

Status - Simply states that the share name is working and is activated.

Look above and look for the following line:

GMVPS01 <20> UNIQUE Registered

See it?

GOOD! Now this is important so listen up. The Hexidecimanl code of <20> means that file sharing is enabled on the share name that is on that line with the hex number. So that means GMVPS01 has file sharing enabled. So now you want to hack this. Here's How to do it. (This is the hard part)

LMHOST File

7. There is a file in all Windows systems called LMHOST.sam. We need to simply add the IP into the LMHOST file because LMHOST basically acts as a network, automatically logging you on to it. So go to Start, Find, FIles or Folders. Type in LMHOST and hit enter. when it comes up open it using a text program such as wordpad, but make sure you do not leave the checkmark to "always open files with this extension" on that. Simply go through the LMHOST file until you see the part:

# This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts

# files and offers the following extensions:

#

# #PRE

# #DOM:

# #INCLUDE 

# #BEGIN_ALTERNATE

# #END_ALTERNATE

# \0xnn (non-printing character support)

#

# Following any entry in the file with the characters "#PRE" will cause

# the entry to be preloaded into the name cache. By default, entries are

# not preloaded, but are parsed only after dynamic name resolution fails.

#

# Following an entry with the "#DOM:" tag will associate the

# entry with the domain specified by . This affects how the

# browser and logon services behave in TCP/IP environments. To preload

# the host name associated with #DOM entry, it is necessary to also add a

# #PRE to the line. The is always preloaded although it will not

# be shown when the name cache is viewed.

#

# Specifying "#INCLUDE " will force the RFC NetBIOS (NBT)

# software to seek the specified and parse it as if it were

# local. is generally a UNC-based name, allowing a

# centralized lmhosts file to be maintained on a server.

# It is ALWAYS necessary to provide a mapping for the IP address of the

# server prior to the #INCLUDE. This mapping must use the #PRE directive.

# In addtion the share "public" in the example below must be in the

# LanManServer list of "NullSessionShares" in order for client machines to

# be able to read the lmhosts file successfully. This key is under

# \machine\system\currentcontrolset\services\lanmans erver\parameters\nullsessionshares

# in the registry. Simply add "public" to the list found there.

#

# The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE

# statements to be grouped together. Any single successful include

# will cause the group to succeed.

#

# Finally, non-printing characters can be embedded in mappings by

# first surrounding the NetBIOS name in quotations, then using the

# \0xnn notation to specify a hex value for a non-printing character.

Read this over and over until you understand the way you want your connection to be set. Here's an example of how to add an IP the way I would do it:

#PRE #DOM:255.102.255.102 #INCLUDE 

Pre will preload the connection as soon as you log on to the net. DOM is the domain or IP address of the host you are connecting to. INCLUDE will automaticall set you to that file path. In this case as soon as I log on to the net I will get access to 255.102.255.102 on the C:/ drive. The only problem with this is that by doin the NETSTAT command while you are connected, and get the IP of your machine. That's why it only works on simple PC machines. Because people in these days are computer illiterate and have no idea of what these commands can do. They have no idea what NETSTAT is, so you can use that to your advantage. Most PC systems are kind of hard to hack using this method now because they are more secure and can tell when another system is trying to gain access. Also, besure that you (somehow) know whether they are running a firewall or not because it will block the connection to their computer. Most home systems aren't running a firewall, and to make it better, they don't know how operate the firewall, therefore, leaving the hole in the system. To help you out some, it would be a great idea to pick up on some programming languages to show you how the computer reads information and learn some things on TCP/IP (Transfer Control Protocol/Internet Protocol) If you want to find out whether they are running a firewall, simply hop on a Proxy and do a port scan on their IP. You will notice if they are running a firewall because most ports are closed. Either way, you still have a better chance of hacking a home system than hacking Microsoft.

Gaining Access

7. Once you have added this to you LMHOST file. You are basically done. All you need to do is go to:

Start

Find

Computer

Once you get there you simply type the IP address or the host name of the system. When it comes up, simply double click it, and boom! There's a GUI for you so you don't have to use DOS anymore. You can use DOS to do it, but it's more simple and fun this way, so that's the only way i put it. When you open the system you can edit, delete, rename, do anything to any file you wish. I would also delete the command file in C:/ because they may use it if they think someone is in their computer. Or simply delete the shortcut to it. Then here's when the programming comes in handy. Instead of using the NBTSTAT method all the time, you can then program you own trojan on your OWN port number and upload it to the system. Then you will have easier access and you will also have a better GUI, with more features. DO NOT allow more than one connection to the system unless they are on a faster connection. If you are downloading something from their computer and they don't know it and their connection is being slow, they may check their NETSTAT to see what is connected, which will show your IP and make them suspicious. Thats it. All there is to it. Now go out and scan a network or something and find a computer with port 21 or something open.