This technique will be taking advantage of Port 139.
Most of the time,Port 139 will be opened.
First of all,I will do a port scanning at the target computer which is 192.168.40.128.
This computer is inside my LAN network.
I will scan it using Nmap.
I get the result and it shows Port 139 is opened up for me.
Now you will need both of these tools:
** USER2SID & SID2USER
** NetBios Auditing Tool
You can get both of them on the Internet.
After you get both of them,put them in the C:\ directory.
You now need to create a null session to the target computer.
Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.
We will first using USER2SID to get the ID.
We will test against the Guest account because Guest account is a built in account.
After we get the ID,we need to do some modification on the ID.
We take the ID we get from the guest account and modified it become
"5 21 861567501 1383384898 839522115 500".
Please leave out the S-1-,leave out all the - too.
you will see that you get the username of the Administrator account.
In this case,the Administrator account is Administrator.
Create a text file called user.txt and the content will be the username of the Admin account
Prepare yourself a good wordlist.
Now put both of them in the same directory with the NetBios Auditing Tool.
Press on enter and the tool will run through the passlist.
In this case,I have get the password.
In order to proof that I can get access to the target computer using this password
After you press enter,it will prompt you for the username and password
Therefore,just input them inside the prompt and continue
Target C drive will be on your screen.
In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.
The download link of the tools will be:
http:*//www.*rapidspread.*com/file.jsp?id=tv8szrwjkz [remove stars*]
Most of the time,Port 139 will be opened.
First of all,I will do a port scanning at the target computer which is 192.168.40.128.
This computer is inside my LAN network.
I will scan it using Nmap.
I get the result and it shows Port 139 is opened up for me.
Now you will need both of these tools:
** USER2SID & SID2USER
** NetBios Auditing Tool
You can get both of them on the Internet.
After you get both of them,put them in the C:\ directory.
You now need to create a null session to the target computer.
Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.
We will first using USER2SID to get the ID.
We will test against the Guest account because Guest account is a built in account.
After we get the ID,we need to do some modification on the ID.
We take the ID we get from the guest account and modified it become
"5 21 861567501 1383384898 839522115 500".
Please leave out the S-1-,leave out all the - too.
you will see that you get the username of the Administrator account.
In this case,the Administrator account is Administrator.
Create a text file called user.txt and the content will be the username of the Admin account
Prepare yourself a good wordlist.
Now put both of them in the same directory with the NetBios Auditing Tool.
Press on enter and the tool will run through the passlist.
In this case,I have get the password.
In order to proof that I can get access to the target computer using this password
After you press enter,it will prompt you for the username and password
Therefore,just input them inside the prompt and continue
Target C drive will be on your screen.
In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.
The download link of the tools will be:
http:*//www.*rapidspread.*com/file.jsp?id=tv8szrwjkz [remove stars*]
0 comments:
Post a Comment