Net BIOS attack

Posted by Sayantan March 31, 2009 2:42 AM
So NetBIOS is the first thing when you want to root to learn. In my article i will considerate that my target don”t have password protected the files, shared files.

Tools:
Windows target and attacker(i don”t know if this attack work on Linux or other os)

First we need to choose a target we will consider our target to be a friend from the same LAN who own BOX666

Step 1:
open cmd
start->run->cmd->enter

Step 2:
Now we need to gather info about our target BOX666 to do this we will do a net view command

c:>net view

We do this to see all computers from our LAN

Without scanning the host for open ports we can see if our target is vulnerable to NetBIOS attack and have Printer and Files Sharing activate. We use the nbtstat command. but we need the ip address not the box name so we will ping our target

c:>ping BOX666

After the pinging process end we have our target ip let’s say 1.1.1.1

Now we can use nbtstat command

c:>nbtstat -A 1.1.1.1

Now we get a list of some starnge data all what we are looking for is this:

<20>

This is a hex number who tell us that the BOX666 is vulnerable. Now we need to connect to target but if we connect what we can take. To gather information about shared files on BOX666 we use net view command

c:>net view 1.1.1.1

Now we have a list of shared files. Sometimes stupid users share a full partition or all partitions even the one where Windows is installed >:)

Step 3:
Now let’’s connect using net use command

c:\>net use x: \\1.1.1.1shared_item

With this command we have created an network driver. To download data, upload data you can use cmd or windows explorer(recommended)

Step 4:
After you have done your job close the connection by using net use command

c:>net use x: /d

Now the network driver is gone

Congrats now you know how to do a NetBIOS Attack.

0 Response to "Net BIOS attack"

Post a Comment