Wednesday, February 23, 2011

Windows password cracker


What is ophcrack?

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.

Features:

  • » Runs on Windows, Linux/Unix, Mac OS X, ...
  • » Cracks LM and NTLM hashes.
  • » Free tables available for Windows XP and Vista.
  • » Brute-force module for simple passwords.
  • » Audit mode and CSV export.
  • » Real-time graphs to analyze the passwords.
  • » LiveCD available to simplify the cracking.
  • » Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.
  • » Free and open source software (GPL).

Download

Hack someone's PC using NETBIOS


What is it?

NetBIOS Hacking is the art of hacking into someone else’s computer through your computer. NetBIOS stands for “Network Basic Input Output System.” It is a way for a LAN or WAN to share folders, files, drives, and printers.


-How can this be of use to me?-
Most people don’t even know, but when they’re on a LAN or WAN they could possibly have their entire hard drive shared and not even know. So if we can find a way into the network, their computer is at our disposal.


-What do I need?-
Windows OS
Cain and Abel


==========================
-[Step 1, Finding the target.]-
==========================
So first off we need to find a computer or the computer to hack into. So if your plugged in to the LAN, or connected to the WAN, you can begin. Open up Cain and Abel. This program has a built in sniffer feature. A sniffer looks for all IP addresses in the local subnet. Once you have opened up the program click on the sniffer tab, click the Start/Stop sniffer, and then click the blue cross


Another window will pop up, make sure “All host in my subnet” is selected, and then click ok.


It should begin to scan.



Then IP’s, computer names, and mac addresses will show up.
Now remember the IP address of the computer you are going to be breaking into.
If you can’t tell whether the IP address is a computer, router, modem, etc, that’s ok.
During the next step we will begin our trial and error. 
==========================
-[Part 2, Trial and Error]-
==========================
Now, we don’t know if we have our designated target, or if we have a computer or printer, or whatever else is on the LAN or WAN.
If you did get the IP of the target though, I still recommend reading through this section, for it could be helpful later on.
Click on the start menu and go to run, type in cmd, and click ok.
This should bring up the command prompt.
From here we will do most of the hacking.
Now I will be referring to certain commands that need to be inputted into the command prompt.
I will put these commands in quotes, but do not put the quotes in the code when you type it into the prompt.
I am only doing this to avoid confusion.
Let’s get back to the hacking.
Type in “ping (IP address of the target).” For example in this tutorial, “ping 192.168.1.103.”
This will tell us if the target is online.
If it worked, it will look something like this (note, I have colored out private information):


IF it didn’t work, meaning that the target is not online, it will look something like this:


If the target is not online, either switch to a different target, or try another time. If the target is online, then we can proceed.  

==========================
-[Part 3, Gathering the Information.]-
==========================


Now, input this command “nbtstat –a (IP address of target).” An example would be “nbtstat –a 192.168.1.103.”
This will show us if there is file sharing enabled, and if there is, it will give us the: currently logged on user, workgroup, and computer name.








Ok, you’re probably wondering, “What does all this mean to me?” Well, this is actually very important, without this, the hack would not work. So, let me break it down from the top to bottom. I will just give the first line of information, and then explain the paragraph that follows it.


The information right below the original command says: “Local Area Connection,” this information tells us about our connection through the LAN, and in my case, I am not connected through LAN, so the host is not found, and there is no IP. 


The information right below the “Local Area Connection,” is “Wireless Network Connection 2:” It gives us information about the connection to the target through WAN. In my case I am connected through the WAN, so it was able to find the Node IpAddress. The Node IpAddress is the local area IP of the computer you are going to break into.


The NetBIOS Remote Machine Name Table, give us the workgroup of our computer, tells us if it is shared, and gives us the computer name. Sometimes it will even give us the currently logged on user, but in my case, it didn’t. BATGIRL is the name of the computer I am trying to connect to. If you look to the right you should see a <20>. This means that file sharing is enabled on BATGIRL. If there was not a <20> to the right of the Name, then you have reached a dead end and need to go find another IP, or quit for now. Below BATGIRL is the computers workgroup, SUPERHEROES. If you are confused about which one is the workgroup, and the computer, look under the Type category to the right of the < > for every Name. If it says UNIQUE, it is one system, such as a printer or computer. If it is GROUP, then it is the workgroup
==========================
-[Step 4, Breaking In]-
==========================


Finally it’s time.
By now we know: that our target is online, our target has file sharing, and our target’s computer name.
So it’s time to break in.
We will now locate the shared drives, folders, files, or printers. Type in “net view \\(IP Address of Target)”
An example for this tutorial would be: “net view \\192.168.1.103”






We have our just found our share name. In this case, under the share name is “C,” meaning that the only shared thing on the computer is C. Then to the right, under Type, it says “Disk.” This means that it is the actual C DISK of the computer. The C DISK can sometimes be an entire person’s hard drive. 
All's that is left to do is “map” the shared drive onto our computer. This means that we will make a drive on our computer, and all the contents of the targets computer can be accessed through our created network drive. Type in “net use K: \\(IP Address of Target)\(Shared Drive). For my example in this tutorial, “net use K: \\192.168.1.103\C.” Ok, let’s say that you plan on doing this again to a different person, do u see the “K after “net use?” This is the letter of the drive that you are making on your computer. It can be any letter you wish, as long as the same letter is not in use by your computer. So it could be “net use G...,” for a different target.






As you can see, for my hack I have already used “K,” so I used “G” instead.
You may also do the same for multiple hacks.
If it worked, it will say “The command completed successfully.”
If not, you will have to go retrace you steps.
Now open up “my computer” under the start menu, and your newly created network drive should be there.


Now, if you disconnect from the WAN or LAN, you will not be able to access this drive, hence the name Network Drive.
The drive will not be deleted after you disconnect though, but you won’t be able to access it until you reconnect to the network.
So if you are doing this for the content of the drive, I recommend dragging the files and folders inside of the drive onto your computer,
because you never know if the target changes the sharing setting.
If you are just doing this to hack something, then go explore it and have some well deserved fun!


Congratulations! You’re DONE!


-Commands used in this tutorial:
PING
NBTSTAT -a (IP Address of Target)
NET VIEW \\(IP Address of Target)
NET USE K: \\(IP Address of Target)\(SHARENAME)

Hack your desired PC on LAN


i think there are already many tut on lan hacking but i found this tut .... its really nice .... so i decided to share it with u all.

Hacking Computer Inside LAN Network


This technique will be taking advantage of Port 139.

Most of the time,Port 139 will be opened.

First of all,I will do a port scanning at the target computer which is 192.168.40.128.

This computer is inside my LAN network.

scan it using Nmap.



I get the result and it shows Port 139 is opened up for me.

Now you will need both of these tools:
** USER2SID & SID2USER
** NetBios Auditing Tool

You can get both of them on the Internet.

After you get both of them,put them in the C: directory.

 
You now need to create a null session to the target computer.



Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.

We will first using USER2SID to get the ID.




We will test against the Guest account because Guest account is a built in account.

After we get the ID,we need to do some modification on the ID.

We take the ID we get from the guest account and modified it become
"5 21 861567501 1383384898 839522115 500".

Please leave out the S-1-,leave out all the - too.


Now you will see that you get the username of the Administrator account.

In this case,the Administrator account is Administrator.

Create a text file called user.txt and the content will be the username of the Admin account.



Prepare yourself a good wordlist.



Now put both of them in the same directory with the NetBios Auditing Tool.


MAIN PART

Now we are going to crack the Admin account for the password in order to access to the target computer.

Browse to the NetBios Auditing Tool directory.



Press on enter and the tool will run through the passlist.



In this case,I have get the password.

In order to proof that I can get access to the target computer using this password.


After you press enter,it will prompt you for the username and password.




Therefore,just input them inside the prompt and continue.



Target C drive will be on your screen.



In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.

CLICK HERE to download Software .