The most common network command essence
"World Business Review" ICXO.com (Date: 2004-07-15 11:12)
1. Ping it is used to check if the network is smooth or a network connection speed. As a living administrator or hacker living online, the ping command is the first DOS command that must be mastered. The principle it uses is that the machine has a unique IP address on the network, we give the target The IP address sends a packet, and the other party returns a different size packet. According to the returned packet we can determine the existence of the target host, you can initially determine the operating system of the target host, etc. Let's take a look at some of its commonly used operations. Let's take a look at the help, type in the DOS window: ping /? Enter, appear as shown in Figure 1. The help screen shown. Here, we only master some basic useful parameters (below). -T indicates that the packet is sent between the uninterrupted target IP until we force it to stop. Imagine if you use 100M broadband access, and the target IP is 56K kitten, then how long, the target ip is turned off because of the data that can not bear so much data, huh, an attack is so simple to achieve. -L Define the size of the sending packet, the default is 32 bytes, and we use it to maximize to 65500 bytes. It will have a better effect in combination with the -t parameter introduced above. -N defines the number of times the data packet to the target IP, the default is 3 times. If the network speed is slower, it is also a lot of time for us for 3 times, because now our purpose is just to determine if the target IP exists, then it is defined as once. Description, if the -t parameter is used together, the ping command is based on the back parameters, such as "ping ip -t -n 3", although the -t parameter is used, but not always ping. But only ping 3 times. In addition, the PING command is not necessarily ping IP, or the host domain name can be directly ping, so that the IP of the host can be obtained. Let's take an example to illustrate the specific usage. Here, Time = 2 indicates that the time used from the issuance of packets to the return packet is 2 seconds, and can determine the size of the network connection speed from here. The return value from the TTL can initially determine the operating system of the PING host, which says "initial judgment" is because this value can be modified. Here TTL = 32 indicates that the operating system may be Win98. (Small knowledge: If TTL = 128, the target host may be Win2000; if tlt = 250, the target host may be UNIX) As for the use of the ping command to quickly find the local area network failure, quickly search the fastest QQ server, can be Others conduct ping attacks ... These depends on everyone. Second, NBTSTAT This command uses this command to use this command to get the NetBIOS information of the remote host, such as the user name, the MAC address of the network card, etc. Here we need to know a few basic parameters. -A uses this parameter, as long as you know the machine name of the remote host, you can get its NetBIOS information as shown in Figure 3. -A This parameter can also get the NetBIOS information of the remote host, but you need to know its IP. -N lists NetBIOS information of the local machine. When the other party's IP or machine name is obtained, the nbtstat command can be used to further get the other party's information, which has added the insurance factor we invaded.
Third, NetStat This is a command to view the network status, and the operation is simple and powerful. -A View all open ports of the local machine, which can effectively discover and prevent Trojans, you can know information such as services that machines driven, as shown in Figure 4. Here you can see that the local machine has an FTP service, Telnet service, email service, web service, etc. Usage: NetStat -a IP. -R Lists the current routing information, telling us of the gateway, subnet mask of the local machine, and other information. Usage: NetStat -R IP. Fourth, Tracert Tracks Routing Information, use this command to detect all the ways throughout the data from the local machine to the target host, which is very helpful for us to understand the network layout and structure. Here, the data is transmitted from the local machine to 192.168.0.1 machine, and there is no transfer in the middle, indicating that the two machines are in the same local area network. Usage: Tracert IP. 5. Net this command is the most important one in the network command. It is necessary to keep the usage of each subcommand, because its function is too powerful, which is simply Microsoft to provide us the best intrusion tool. First let's take a look at it all of which subcommands, type net /? Enter. Here, we focus on grasping a few intrudes commonly used subcommands. NET View Use this command to view the remote host's sharing resource. The command format is NET View / IP. NET USE uses a shared resource of the remote host as the local origin, and the graphical interface is convenient, huh, huh. The command format is NET USE X: / IPShareName. One of the above represents a total of 192.168.0.5IP's total names of Magic to a local Z disk. The IPC $ Connection (NET USE / IPIPC $ Password / User: Name) is established and 192.168.0.7. After the IPC $ is connected, huh, you can upload the file: Copy nc.exe / 192.168.0.7admin $, indicating that nc.exe under the local directory is transmitted to the remote host, and the other DOS commands you want later are It can be invasive. Net Start uses it to launch the service on the remote host. When you have a connection to the remote host, if you find what the service doesn't start, and you want to use this service? Use this command to start. Usage: Net Start ServerName, as shown in Figure 9, successfully launched a Telnet service. What should I do after the NET STOP invasion discovers a service of the remote host? The use of this command is OK, usage and NET Start. NET User Viewings related to accounts, including new accounts, delete accounts, view specific accounts, activation accounts, account disabilities, etc. This is very advantageous for our invasion, and it provides a premise for our cloning account. Type NET User without parameters, you can view all users, including disabled. The following explanation. 1, NET User ABCD 1234 / Add, newly built a user name ABCD, password 1234 account, default is a member of the user. 2, Net User ABCD / DEL, delete users named ABCD. 3, NET user abcd / activ: NO, disabled users named ABCD.
4, Net User ABCD / Active: YES, activates users named ABCD. 5. Net user abcd, see the case where the user name is ABCD. Net localgroup View all information related to the user group and perform related operations. Type NET localGroup without parameters to list all current user groups. During the invasion process, we generally use it to increase an account to the Administrator group account so that we can control the entire remote host with this account. Usage: Net localgroup groupname usrname / add. Now let's add the newly built user ABCD to the Administrator group, this time ABCD users are already super administrators, huh, you can use net user abcd to see his status, and Figure 10 can be seen come out. But this is too obvious, the network management can leak the flaws at a time of seeing the user, so this method can only deal with the rookie network management, but we have to know. The current means is to use other tools and means to clone a super administrator who can't see the network management, which is later. Interested friends can refer to the "Wanted Deep Solvement Account" in the 30th issue of "hacking line". NET TIME This command can view the current time of the remote host. If your goal is just entering the remote host, then this command may not be used. But simple intrusion is successful, is it just to see? We need further penetration. This requires the current time of the remote host to know, because the time and other means (later) can implement a certain command and program timing start, to further invade the foundation for us. Usage: NET TIME / IP. 6. The role of this command is to arrange a specific command and program in a specific date or time (knowing that Net Time is important?). When we know the current time of the remote host, you can use this command to execute a program and command after a certain time (for example 2 minutes). Usage: at Time Command / Computer. Indicates that the computer named A-01 opens Telnet service at 6:55, and the NET Start Telnet is the command to turn on the Telnet service. Seven, FTP everyone should be more familiar with this order? There are a lot of hosts on the Internet, which is anonymous, that is, anyone can go up. Now if you sweep a host of an open FTP service (generally open 21-port machine), what if you still don't use FTP command? The basic FTP command usage is given below. First, type the FTP Enter to the command line, the ftp prompt, you can type "Help" to view the help (any DOS command can use this method to see its help). Everyone may see, so much ordered how to use it? In fact, there are so many, mastering a few basic things. The first is the login process, which is used to use Open, enter the "Open host IP FTP port" in the FTP prompt, and the general port is 21, which is not written. Then enter the legal username and password to log in, here is an anonymous FTP as an example. The username and password are FTP, and the password is not displayed. When prompted **** logged in, you will explain the successful landing. Here is an anonymous login, the user is displayed as anonymous.
