HFX Forum

Neophyte Section => How To Hack - How I See It: Phlux's Journal => Topic started by: Phlux on February 23, 2005, 04:38:32 PM

Title: How To Hack - How I See It: My Journal
Post by: Phlux on February 23, 2005, 04:38:32 PM
I am a newbie so don't give me straight up answers. I want to earn this unlike many people who beg for answers.

Ok the first step is th "banner grab" technique which is basically finding out what operating system they are running on and what version. Then you find out their IP address through a "Whois" search.

Then you find the IP range...confused with that part.

With the IP address you can then go on to search for "active machines"  I'm assuming you ping them and see which ones send back packets? If operation time-out occurs, i'm wondering if that means there is no computer to answer back or if it was taking too much time so it canceled its actions.

Now that you have a list of active machines, you can run a portscan. Basically, seeing which ones are willing to "communicate" the port range is from 1 to 65536. The number at which it "communicates" usually determines what type of software is running.

21    FTP server
23    Telnet server
25    Mail server (smtp)
53    Domain name server
80    Web server
443   Secure Web server

------
If you want to hack into a website and upload/change files that appear on a a website i'm guessing you'd want to check port 80? Want to look more into that.
------

Once you find out the active machine ip address and you find what port it is running on, then you "must" go on to find out what software it is running from its "fingerprints". To do this, you can open up telnet from msdos by typing "telnet (ip address) (portnumber)...now you are connected.

Webservers use the language http to communicate, so to get that information we must use an http request.

HEAD /index.html HTTP/1.0
then press enter twice

------
you can also use www.netcraft.com
------

You can fingerprint an ftp server on port 21

That is all I learned so far today. Now I want to look more into a few topics...please - by all means - tell me how I am doing, clues to what i'm doing wrong...a bad direction i'm goin in anything. This will hopefully be an ongoing journal of my education. Hopefully anyone looking for information can look at my post and go through my hard research in a matter of minutes.
Title: Re:How To Hack - How I See It: My Journal
Post by: Tazinator on February 24, 2005, 08:56:27 PM
Nice, think this is a cool thing your doing.

To help you out w/ the IP range, this is a good thing to use if you have a Windows boxen and Linux in a VMWare session or something:
http://www.toolsforselling.com/v1/1/iplookup.htm

Its a free tool that does an ARIN lookup and tells you the owner of the address block. You could always do manually as well. If your on Linux entirely, the web way:

http://ws.arin.net/cgi-bin/whois.pl?queryinput=xx.xx.xx.xx
(Where "x" = IP values)

To hack a website, you need to check a little more then 80. 80 will only tell you the server is a webserver, you need to grab the HTTP header info which may or may not tell you what version of a webserver it is. This can do it for you if the admin didnt turn off the versioning in the headers:
http://www.netcraft.com/whats

Also, for breaking in, look for cross site scripting vulns on that web server, either in the scripts that may be hosted on it (Webmail, Form processing, etc) that may provide a means to look at and modify info on the server, or possibly holes inherent to that web servers version.

To correct you here a bit also:
QuoteOnce you find out the active machine ip address and you find what port it is running on,...
Machines and IP's dont run on ports unless you are talking about a switch or router. I think you mean is Check the services running on that IP by the ports that are responding to connections.

Also, you cant always Telnet to a specific port and connect. What Telnet will tell you basically is verify whats running on that port by the response you see on your screen. (sometimes admins like to fool or try to fool with people by modifying services to run on non-standard ports, such as a Web server listening on 7777 (Oracle AS :P) etc.)[/color]. Telnet sometimes can display the raw response data it recieves and give you a clue to whats actually listening to that port number.

You have the right idea, just need to fine tune it a little bit. But again, I think its cool what your doing as far as posting what you learn on your own and all.
Title: Re:How To Hack - How I See It: My Journal
Post by: jemidon66 on March 18, 2005, 02:03:31 PM
I think this is a great idea.  I have been learning also and having your info out there is fun to see how we are compared and how your ideas are the same etc.

Thanks for posting

Jemidon
Title: Re:How To Hack - How I See It: My Journal
Post by: Zerored on July 16, 2005, 06:16:33 PM
*Dusts off old tools for some good fun*
Title: Re:How To Hack - How I See It: My Journal
Post by: benthehutt on August 13, 2005, 01:08:26 AM
Whatever happened to phlux?
Title: Re:How To Hack - How I See It: My Journal
Post by: Tazinator on August 23, 2005, 02:45:34 PM
Dont know. I noticed that he vanished as well.
Title: Re:How To Hack - How I See It: My Journal
Post by: wilnix on September 04, 2005, 05:01:28 AM
He ran out of plutonium for his capacitor, and the Libyans aren't selling anymore...


Wilnix
Title: Re:How To Hack - How I See It: My Journal
Post by: Tazinator on September 05, 2005, 01:09:12 AM
1.21 Jiggawatts is a hard amount of power to generate these days. Though he could always pick up some more plutonium from one of the old soviet blocks.
Title: Re:How To Hack - How I See It: My Journal
Post by: Cobra on September 05, 2005, 04:59:35 AM
I think the Electronics Recycling place deal with plutonium...
Title: Re:How To Hack - How I See It: My Journal
Post by: madmelon on February 22, 2006, 08:40:53 PM
Am new on this hacking stuff, it get's confusing the more i try to catch up.
Title: Re:How To Hack - How I See It: My Journal
Post by: Cobra on February 23, 2006, 08:35:52 AM
Just have to keep at it man .. ask questions
Title: Re:How To Hack - How I See It: My Journal
Post by: Zerored on May 03, 2006, 04:32:26 PM
how bout a honeypot or something set up so they can try stuff..of course, youd have to keep everyone else here off it hehe..
Title: Re:How To Hack - How I See It: My Journal
Post by: Link3 on May 09, 2006, 07:47:52 AM
thats not a bad idea.. a wargame server would alse be interesting..
Title: Re:How To Hack - How I See It: My Journal
Post by: Metgod on May 09, 2006, 07:56:50 PM
I can only think of one set of war game servers... and I personally wouldn't recommend it if it was the last server on earth.. since it's from Ms. Meinel.. haha.. any one remember her ?

I'm sure there are others though... I just don't know (or care) about them really.
Title: Re:How To Hack - How I See It: My Journal
Post by: Zerored on May 10, 2006, 02:45:57 PM
dude...dont ever mention that name again...meinel....*shivers*
Title: Re:How To Hack - How I See It: My Journal
Post by: godaigo on May 10, 2006, 02:59:25 PM
Hey, but didn't you just mention it! The cycle will never end!!!!  ;D
Title: Re:How To Hack - How I See It: My Journal
Post by: Metgod on May 10, 2006, 09:24:43 PM
haha... Godaigo has a point, but then so does Zero...

You're both right! Yeah!





Title: Re:How To Hack - How I See It: My Journal
Post by: Link3 on May 13, 2006, 03:46:46 PM
yeah, i can remember  ::)

i wanted to say, however, to set up your own wargame servers..

:)
Title: Re:How To Hack - How I See It: My Journal
Post by: jakebb5 on November 08, 2007, 05:41:13 PM
i would like 2 c if n e body can hack this server iv been trying 4 like 5 months hasent worked yet heres the ipaddress
216.162.19.65 try like 2 c how good u ppl r ::) 8)
Title: Re:How To Hack - How I See It: My Journal
Post by: Cobra on November 09, 2007, 11:42:31 AM
Board of Cooperative Educational Services ... err.. why?
Title: Re:How To Hack - How I See It: My Journal
Post by: chicagorush on November 15, 2007, 08:39:27 PM
lol cause he probably wants to change his grades :P
Title: Re:How To Hack - How I See It: My Journal
Post by: Ziropod on January 08, 2008, 07:51:36 AM
A great hack would be a virtual world.
Something like habbo hotel
Or runescape
But its almost impossible to hack them  ::)
Title: Re: How To Hack - How I See It: My Journal
Post by: slickmike2 on January 22, 2009, 02:10:52 PM
 ;)well i`ma new beginer well how you grab banner can you direct me of by the way your site kick ass `cause d other ones are redundant so phuck dat, direct me step by step please!!!!!!alight tazinator aight ya know to hack so bank account 2 spent dat cash you baller`s world.  d hfx rulez...
Title: Re: How To Hack - How I See It: My Journal
Post by: Cobra on January 23, 2009, 12:13:34 PM
Ouch! Where do you begin with someone like that!
Title: Re: How To Hack - How I See It: My Journal
Post by: Gabriel 23 on January 29, 2009, 03:48:08 AM
Hi I'm extremely new but I am also fasinated by this topic so any info that you guys can give me would be wonderful
thx
Title: Re: How To Hack - How I See It: My Journal
Post by: Cobra on January 30, 2009, 09:32:46 AM
Gabriel23: Need to know specifics on what ya want help/info on man...

Cheers!