help with netbios

Started by spine, June 28, 2004, 05:34:43 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 28, 2004, 05:34:43 PM
hi.
i'm having some troubles when hacking netbios.
using Shed, i've scanned a random range of ips, and selected one of those which i would try to hack in. for those who are familiar with shed , it shows me one disk (with the name BABY , for example), and two special devices, Admin$ , and C$.
so far so good..i guess.. :x
after reading some tutorials (Gaurav Kumar's tutorial, for example) and other articles somewhere out there on the web, i was able to gain access to BABY , but it was being barely used.. there was obviously another hard disk, prolly the one containing the operative sys and so on.. and..i can't seem to get there.. when i double click ADMIN$ or C$ , it asks me for user name and password..
what should i do ? is there any way to get there using this method ?
July 01, 2004, 05:52:42 PM #1
Admin$ and C$ are shares created automatically for administrative purposes in WinNT, 2k, XP, and 2k3. Only administrators have rights to those shares initially, so unless you have a valid administrator username/password you won't be able to map it normally... read up on that some more. Google...
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101
July 02, 2004, 01:56:34 PM #2
Spine,

Like Uneek said, what your seeing is the Admin shares that are automatically created in any Windows NT derrivitive OS (NT,2k,XP,2K3). An Admin PW is required to access those shares be it local Admin or if the machine is a part of a domain, a PW for one of the accounts in the Domain Admins group.

All the program seems to do from the sounds of it (never used it myself, not needed to) is enumerate the shared points on Windows machines to include the hidden shares.

<-- ! Insert quick lesson here -->
You can easily hide any Network Share in Windows by placing a dollar sign "$" after the share name. This tells the machine not to advertise its existence to the network browsers on other machines.
<-- ! Endeth the lesson -->

The Admin$ share generally points to the folder where Windows is isntalled such as:
<systemdrive>:\Windows or <systemdrive>:\Winnt

The lettered shares are the drives in the system if they are formatted for Windows to read them (FAT or NTFS).
"A well known hacker is a good hacker, an unknown hacker is a great hacker..."

I don't care what your parents told you, you aren't special.
  • https://github.com/tazinator
Print
Go Up Pages1
User actions
SMF spam blocked by CleanTalk