Today,I will write about hacking computer inside the LAN network.
This technique will be taking advantage of Port 139.
Most of the time,Port 139 will be opened.
First of all,I will do a port scanning at the target computer which is 192.168.40.128.
This computer is inside my LAN network.
I will scan it using Nmap.
![[Image: 1_13.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uS9fI-2wPdodISHqp4utBQscZb8pj9WAvTYa_ctWxYFIeFl6rFAuEAmIAyOQwQj3Wv6PUg_pcEZzbma67ZDUPkj1bFWO-Bow=s0-d)
I get the result and it shows Port 139 is opened up for me.
Now you will need both of these tools:
** USER2SID & SID2USER
** NetBios Auditing Tool
You can get both of them on the Internet.
After you get both of them,put them in the C:\ directory.
![[Image: 2_1.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vNZyLorT4DUQM9MabAnGsX-9zhCAyKp0q2mWcSc0VXSLhMmO3hLyWQaVUsYAvDyL7NTJHL6ce5mQ8ET4P07vBZvpkwBYg=s0-d)
You now need to create a null session to the target computer.
![[Image: 3_3.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_upzoZwSeBqbioaIbNbyWWjLqjYCXy1waTfSA_aJC09EJ6bDPmz1ZF0RQ68qAaHJh-U64ntmv9W3yoalFfOSFq0XCdXLLA=s0-d)
Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.
We will first using USER2SID to get the ID.
![[Image: 4_10.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_speKj7vmdAcADjWeNgvtlhuahpv6EP83seDf5QtOF6ZqBdNtK_3ICs5s2VonlX_SdSul0vZtb-jIMCq_LrC8nWKS_Tgo-Gog=s0-d)
We will test against the Guest account because Guest account is a built in account.
After we get the ID,we need to do some modification on the ID.
We take the ID we get from the guest account and modified it become
"5 21 861567501 1383384898 839522115 500".
Please leave out the S-1-,leave out all the - too.
![[Image: 5_8.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u9ECKVwcvsWP-f5wVT03Y-Gs3_vjRrlVaAH0Z5sL2xvzrE0dYgILjv47Jzn3m4NhFDkN_yBH6z0_pWi29_FcaEZFVIFPjU=s0-d)
Now you will see that you get the username of the Administrator account.
In this case,the Administrator account is Administrator.
Create a text file called user.txt and the content will be the username of the Admin account.
![[Image: 6.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tNX60hbMSYu3Pn55coOTO5-FpkKCvU_ThdNFQGt8AG1G6Qkz_iAsu8Fp8pjp59rFjDMS6pueXtNNzvj7iqUR2QvZxxIA=s0-d)
Prepare yourself a good wordlist.
![[Image: 7.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sdzilfTb7oIMp4VIF_OZJ7gS5Dud6H44krNMz_NFqBGBMHzDL7S0Dck8LfMEwTLb582siWF1RrMhplsJ-tr9u9fXcJuQ=s0-d)
Now put both of them in the same directory with the NetBios Auditing Tool.
![[Image: 8.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vDXkztln4hh_OD9HsshiKGyzO3nB-8rWBK2buYS6J5PiviC-o_KImSEoJSeAL2xXvhq0iA7VziM87tfem4eB6nF3rE=s0-d)
Now we are going to crack the Admin account for the password in order to access to the target computer.
Browse to the NetBios Auditing Tool directory.
![[Image: 9_1.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uAlnzdXfoH-RXs4kRGC-df3suWQCBtInpHS0oCLCOiHBrUna7AnNBPU6W2m-_ZZkv1WsT91uO9oFgieM3Hmn9XEbuEZHx2=s0-d)
Press on enter and the tool will run through the passlist.
![[Image: 10.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_szP_z1k5vkKAn_kjUavs43KR051N1O9VaNVBMRTWrAkfMkMsZ2LRpsRmwyheDOmYTaU6nolN7SUF4-9Uxath-Osi1cP04=s0-d)
In this case,I have get the password.
In order to proof that I can get access to the target computer using this password.
![[Image: 11.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vmoweJN8b2Q_Z_c5UZ-KJc4Z0Y1sS1HODoGjyTANoc-hu1oVKcVmbKOFAFcYulkzpU1Dly8TZ3mGf7McrnYkegmkiDHj0=s0-d)
After you press enter,it will prompt you for the username and password.
![[Image: 12_6.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t-jo35curLC10NwtfrrOpCe19kvor4YO0CslyWDhXYw_jvqFzCd2aNYlT_ZQqtZRFrqUJDhRrYEdPHR2WNdrQUMRYxum8w=s0-d)
Therefore,just input them inside the prompt and continue.
![[Image: 13.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u_hbrNAf_avNcRY9QyJyVjIDWoFVbUv5wiZAyq6zjH8oREDyf3Qd3Nfvl0nEz21JrHblU9VUlc0S88oXJgifcPKAzpSY4=s0-d)
Target C drive will be on your screen.
![[Image: 14.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sidXsna2uz_qkfpIrrSmHjBFFLaNP7fSyucqCYWJkeGQ37xgGpQpq6sYKTG79EsO1WjJoVgrzZU4RKFppthBCDdbl-lAU=s0-d)
In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.
The download link of the tools will be:
Download Tools.rar
This technique will be taking advantage of Port 139.
Most of the time,Port 139 will be opened.
First of all,I will do a port scanning at the target computer which is 192.168.40.128.
This computer is inside my LAN network.
I will scan it using Nmap.
I get the result and it shows Port 139 is opened up for me.
Now you will need both of these tools:
** USER2SID & SID2USER
** NetBios Auditing Tool
You can get both of them on the Internet.
After you get both of them,put them in the C:\ directory.
You now need to create a null session to the target computer.
Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.
We will first using USER2SID to get the ID.
We will test against the Guest account because Guest account is a built in account.
After we get the ID,we need to do some modification on the ID.
We take the ID we get from the guest account and modified it become
"5 21 861567501 1383384898 839522115 500".
Please leave out the S-1-,leave out all the - too.
Now you will see that you get the username of the Administrator account.
In this case,the Administrator account is Administrator.
Create a text file called user.txt and the content will be the username of the Admin account.
Prepare yourself a good wordlist.
Now put both of them in the same directory with the NetBios Auditing Tool.
Now we are going to crack the Admin account for the password in order to access to the target computer.
Browse to the NetBios Auditing Tool directory.
Press on enter and the tool will run through the passlist.
In this case,I have get the password.
In order to proof that I can get access to the target computer using this password.
After you press enter,it will prompt you for the username and password.
Therefore,just input them inside the prompt and continue.
Target C drive will be on your screen.
In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.
The download link of the tools will be:
Download Tools.rar
......................................................................................................................................................................................................   
 
Finaly its just a ip scanner in which we brute force somthing..
ReplyDeleteChoice of making passwords is ours so its not like a smart-work...
Anyhow thanks for the brute forcing technique...
nice and clear
ReplyDeletebut "Prepare yourself a good wordlist" isn't that the difficult part, or there is a ready made list?
wow.. nice tut..
ReplyDeletebut i not enough understanding about it...:D
keep share...
can we know the ip address of the person we are chatting with
ReplyDeleteaayush u can know each and everything with ur chatting but for dat u have to try few things of own ... and i agree with bung hackers about tute comment .
ReplyDeleteWow!! i am so much happy after read your post and really nice technique ideas as well as i will also use in mu office.Thanks you so much for sharing this technique.
ReplyDelete---------
Computer Networking Los Angeles
Thanks a lot for enjoying this beauty article with me. IT Support in this day and age is of paramount importance for all those that are interested in taking their experience with technology to the next level.
ReplyDeletethe anient method is to open cmd
ReplyDeletetype ipconfig
type nbtstats -A ipaddr
see if u got "20"
if yes its ok
type nbtstats-R
edit lmhost
type ipaddr #PRE
save it
net view
net use \\ipadrr\IPC$
dont crash computer use it just for knowledge
I have some problems here I got all the required programs that you asked and Everything is gone okay until The Command completed successfully but I don't know what's went wrong after exactly when I wrote "c:\>cd userid" This is not working just please make it clear if you could because i tried a lot of things but I guess the step is a bit difficult...thx .
ReplyDeleteplease share your link for tools on some other servers like rapidshare or mediafore, megaupload is block in my country
ReplyDeleteI m unable to do that :( i followed the described procedure correctly. but i cant create null sessions
ReplyDelete