Dobry den,
mam takovy mensi problem, zkousel jsem pomoci NetBios hacku ovladnout PC,svoje vlastni :) Pri vytvoreni prazdne session se mi veskery pristup k danemu pc zablokoval, proste chyba 5 pristup odepren , tudiz nefungovali ani programy , ktere NULL Session vyuzivaji - Legion,DumpSec...
Bez vytvoreni NULL SESSION se v klidu muzu prochazet po sdilenych slozkach...
Chtel jsem tedy zkouset heslo cracknout pomoci programu NAT, ovsem vystup byl takovyto :
[*]--- Checking host: 192.168.10.2
[*]--- Obtaining list of remote NetBIOS names
[*]--- Attempting to connect with name: *
[*]--- Unable to connect
[*]--- Attempting to connect with name: *SMBSERVER
[*]--- CONNECTED with name: *SMBSERVER
[*]--- Attempting to connect with protocol: MICROSOFT NETWORKS 1.03
[*]--- Server time is Sun Feb 10 16:18:58 2008
[*]--- Timezone is UTC+1.0
[*]--- Remote server wants us to encrypt, telling it not to
[*]--- Attempting to establish session
[*]--- Attempting to access share: \\*SMBSERVER\
[*]--- Unable to access
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) In cygwin_exc
ept_handler
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) Exception tra
pped!
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) exception C00
00005 at 40F7EB
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) exception: ax
80000000 bx 7FFFFFF cx 1F dx 1
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) exception: si
F di 14 bp 245ED38 sp 245ECF8
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) exception is:
STATUS_ACCESS_VIOLATION
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) Stack trace:
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 0: sp =
0x245E908, pc = 0x1001282A
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 1: sp =
0x245E924, pc = 0x7C9037BF
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 2: sp =
0x245E948, pc = 0x7C90378B
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 3: sp =
0x245E9F8, pc = 0x7C90EAFA
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 4: sp =
0x245ED38, pc = 0x410351
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 5: sp =
0x245ED6C, pc = 0x410492
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 6: sp =
0x245ED88, pc = 0x407EFA
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 7: sp =
0x245F230, pc = 0x40A619
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 8: sp =
0x245F2DC, pc = 0x40A9CE
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 9: sp =
0x245F2F4, pc = 0x401681
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 10: sp
= 0x245F31C, pc = 0x4013C1
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 11: sp
= 0x245F33C, pc = 0x10011BEB
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 12: sp
= 0x245FF9C, pc = 0x10011BFF
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 13: sp
= 0x245FFA8, pc = 0x417614
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 14: sp
= 0x245FFB8, pc = 0x401012
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) frame 15: sp
= 0x245FFC0, pc = 0x7C816FD7
(C:\Documents and Settings\Darth-Cz-\Plocha\nat10bin\NAT.EXE 1000) End of stack
trace (more stack frames may be present)
Na danem pocitaci je vypis portu programu nmap takovyto:
21/tcp open ftp
23/tcp closed telnet
25/tcp closed smtp
80/tcp closed http
110/tcp closed pop3
139/tcp open netbios-ssn
143/tcp closed imap
220/tcp closed imap3
443/tcp closed https
445/tcp open microsoft-ds
3389/tcp closed ms-term-serv
Vi nekdo , co je s tou null session a s programem nat? Rad bych ty hesla uhodl :)
----------
Niemand ist so gut,wie er denkt ;)
(odpovědět) |
