|
Estimated time to
load this page
19 sec at
56.6kbps
05 sec at ISDN
|
Technology Update |
|
What’s
the differences between CDMA (Code Division Multiple Access)
& GSM (Global System for
Mobile
Communication) ?
The only differences are the way by which voice gets
carried from one phone to the other. CDMA assembles multiple
voices into the same frequency, & also increases voice
clarity. The technology also helps you receive calls when the
signal is weak & thus it doesn't have the problems like
Call Failed or Fading during high traffic density.
This also gives CDMA service providers the flexibility
to provide data & video service.
CDMA was invented during World War 2 when Allied forces
wanted to get past the Germans by sending coded messages over
different frequencies & giving them the ability to be
accessed from different points-hence
"Code Division Multiple Access."
Presently CDMA mobiles are available with Reliance,
TATA Indicom, Hyundia Infocom
|
|
|
|
Mail Me at |
|
desert_ghost85 @yahoo.com
|
|
|
|
TELNET
a Cool Hacking Tool
Telnet Explained
By Abhijit
[email protected]
Note: I have decided to launch manuals about hacking
using telnet in two parts. In the first part I'll
explain basics of telnet and working with telnet and in
the second part I'll show some advanced methods of
hacking through telnet. Further this manual is in its
BETA stage and I'll be grateful for suggestions for
improvements.
Part 1
Here I am going
to figure out one the most kewl utility available under
the TCP/IP set of protocols. Well I guess you peoples
are familiar with TCP/IP protocols. Then also I am gonna
tell you the basics of these sets of protocols. Well
first of all, protocols means some rules for
communication between systems over a network. TCP/IP is
the most popular sets of protocols used in our current
state for communication over the internet. There are
various utilities under TCP/IP, some are command
utilities, some are transfer utilities and some are
printer utilities..
Command Base Utility : REXEC (Remote Execution) , RSH
(Remote Shell) and Telnet
Transfer Utilities : FTP , RCP, TFTP
Printer Utilities : LPR, LPQ
Well all these utilities works according to the TCP/IP
and obeying the protocols of TCP/IP (Transmission
Control Protocol/Internet Protocol). In this manual I'll
lay stress mainly on Telnet, a command base utility
available under the TCP/IP set of protocols.
What is telnet?
Basically telnet a.k.a(also
know as) terminal emulator is a console based tool which
enables an user to use the resources of another system
by connection to it using its IP address and a valid
shell in the target system. Well in simpler sense telnet
also works like Trojans, in client server fashion. Using
a telnet client an user connects to the telnet server of
a remote system running on a specified port. The default
port for telnet is port 23. Well these are all about
telnet in the conventional sense of term. Now I think I
should tell you more about telnet in hackers sense of
term.. Well to start with I must say that telnet is the
ultimate tool for hackers. All big big hackers use it in
exploiting loopholes in systems.. You can start telnet
by going to run and type telnet and press enter.
Generally in win 95/98/Me a telnet window will pop up..
but in windows xp, windows 2000 telnet will start within
a dos box ie. within console.
To run telnet in console even in win 98/95,Me just copy
the coding below save as i_wanna_be_a_hacker.reg and run
it..
REGEDIT 4 [HKEY_USERS\S-1-5-21-1229272821-1563985344-1060284298-1003
\Software\Microsoft\Telnet]"MODE"="CONSOLE"
Well you can also use that telnet available in win 98
which opens up in a separate window. Click on connect
and in the host field enter the target IP. In the
terminal type write vt100. Or plain and simple way..
just open DOS box.. and type telnet
without <> and the default settings will work as
fine as mmmm.. cant find any words to compare.. sorry :(
What can I do with telnet?
Generally hackers aims at
connecting to the daemon of a open port of a particular
system and tries to get root on that system. First you
need a good port scanner to scan down the open ports of
a particular system. Then you may connect to an open
port using telnet. For example once I port scanned the
webserver of a friend of mine who happens to be a great
web developer and found that port 25 is open along with
SMTP daemon running in it. so using telnet I connected
myself to his server on port 25 and using his SMTP
service I send a couple of anonymous mails to my
friends… mainly to him telling him that I am using his
service :))
example:
c:\telnet
Welcome to Microsoft Telnet Client
Escape Character is 'CTRL+]'
Microsoft Telnet>open anisurrahman.net
Connecting to anisurrahman.net....
Connected..
.
.
.
well now what.. now the
SMTP service is mine.. I just played around with it…
well if you are not used with telnet commands just type
HELP after your connected and you will get the list of
all the commands supported by the webserver.
Anyway I am going to show how I send a fake mail using
simple commands supported by all ESMTP sever (ESMTP =
Extended Simple Mail Transfer Protocol)
Here we go :
Telnet>open anisurrahman.net 25
Connecting….
Connected to anisurrahman.net
220 Welcome to anisurrahman.net ESMTP service 8.9.3
HELO Abhisek
220 Welcome to sendmail Abhisek
MAIL FROM:[email protected]
240 Sender set to [email protected]
RCPT TO:[email protected]
240 Recipient set to [email protected]
DATA
220 End with "."
Subject : Hello Rony
Hey whats up boss… I am sending fake mail using you
SMTP service… Don't be angry on me… Sorry..
.
240 CA55910 Message accepted for delivery..
Note: thinking what the values 240 , 220 or CA55910 is..
Don't think much.. the values 240 or 220 are just
message code of the server. For example the server will
response with 220 for displaying a banner in here.. see
all the banners has come up with 220.. the server has
denote confirmation with 240 in here… its not much
important according to me..
And about CA55910..its the MSGID or Message ID… in the
logs of the server this ID denotes the mail that you
just send along.
Note: This is my earnest request to each and everybody
who reads this manual.. please do not send any fake mail
at [email protected] and please do not use the service
at anisurrahman.net He is a very good friend of mine.. I
have learnt many things regarding web designing and web
programming from him..
Please note: sometimes you may get Relay Denied error
on some server.. well I wont go into much details about
this topic cause I guess I don't have enough knowledge
about it..
Bingo !! I have send a fake mail !!! I am a hacker !!!
yes !!
Well nothing to think like that cause sending fake mails
doesn't make you a hacker. Well it has nothing to do
with hacking. Fake mails can also easily be traced down
and your ISP can be found out easily. Then if the victim
sends a mail at [email protected] and complains about your
activity then sorry boy you may lose you ISP account..
Anyway try sending some fake mails to yourself and get
used with telnet.
Hey guys [and gals if any] don't get excited and get
going to hack with telnet cause things are not that easy
as it seems to be. I have made myself in only to the
SMTP service of anisurrahman.net I haven't yet got root
on it.
Well there are many more games which you can play using
telnet. For example you can start a raw session of IRC
using telnet.
I guess you all are familiar with IRC(internet relay
chat). You may use mIRC, Pirc etc softwares to start an
IRC session. But there you don't have to do much as the
software will do things for you.
Well I think here I need to explain some basics of IRC
and how IRC servers works.
Well for starting an IRC session you need to connect to
an IRC server on the port running the IRC daemon. The
default ports are 7000,6667 etc. in mIRC when you wish
to connect to a server the default port used is 6667.
Type /server irc.dal.net [port] in mIRC window.
Note : in place of port type the port number without []
If you leave it blank then the default port will be
taken as 6667.
This command will connect to irc.dal.net server then by
typing /join #channelname you can join any channel and
start you IRC session.
Tip : To know the IP address or the host name of a
person in IRC session is the easiest. Just type /whois
in the channel window and you will get his/her IP
address (some types this IP is resolved into host
name…it depends on the server)
Now I guess your familiar with basic IRC command which
you can use in mIRC.
Now lets come to our point..ie. starting a raw IRC
session using telnet.
Generally many IRC warfare technique writers or others
have written many manuals on starting a raw IRC session
using telnet but I think they are not really intended
for newbies. In here I am going to explain things in a
simple easy to understand way.
When you connect to an IRC server it authenticates you
only by your username and host address and asks for a
nick. While using mIRC these infos are provided by the
software itself as provided by the user. But while
connecting to an IRC server in raw mode.. ie. using
telnet you need to provide these infos.
Note : Some servers doesn't support raw IRC session as
it is quite a bit insecure..
Now to start.. telnet in to an IRC server on port 7000
or 6667
Tip: In raw mode you don't need to give a / before
commands as in mIRC.
Telnet>open irc.servername.net 6667
nick
user
please note: don't give the <> sign.. I have used
these signs only to distinguish the commands that I have
to type in to the terminal.
you are now connected to an IRC server using telnet..
you can use mIRC commands here but without /
to send a private message the command is :
PRIVMSG NICK MESSAGE :
Now I guess you are quite familiar with the workings and
usage of telnet.
With telnet you can know surely use the resources of a
remote computer provided that you are allowed the access
the resources…. If not… then what else but to hack
into it.
Brief idea of telnet
hacking (basics)
Generally telnet is used to
connect to a particular daemon running on a particular
port on a target system. Well the very aim of using
telnet to connect to the daemons is to get root on the
system. But if you are thinking that you'll connect to
the SMTP server of your ISP and will get root in your
ISP's system then forget it pal. What hackers do is
first port scan the target system and find out the open
ports and the daemons running the open ports.
Note: you can use nMAP. It is a very fast and so called
SYN Stealth port scanner available for download with
source file at http://www.insecure.org
but remember if your ISP kick your ass for port scanning
their system then don't get flamed on me..
Now as you have found an open port say port 21 running
an ftp server. Well all you need to do is to telnet in
to the port. But things are not that easy and you wont
get root easily.. some ftp servers or better to say 98%
of the daemons running on a server allow access only to
valid users thus asking for user name and password. In
such case when your facing an username and password
prompt either you have to make the sysadmin's daughter
you girl friend and then trick her to know the password
or you have to play around with other methods like brute
force hacking.. etc.
Well another vulnerability existing on various daemons
is the trust-relationship. Well often servers
authenticates an user only by his IP considering that
the server has trust-relationship with the client and
the clients IP is already in the database of the trusted
IP's. Now if you can spoof your IP according to one of
the trusted IP's of the server then you can get yourself
inside a system. Spoofing IP is a complicated subject
though apparently its definition stands as "Faking
the actual IP with some other". Its not really easy
to spoof your IP and exploit a trust-relationship as you
have to block the trusted client with DoS attack so that
it cannot reply to the SYN/ACK packets send by the
server to it. If it receives the SYN/ACK packets from
the sever unexpectedly then surely it will reply with a
FIN packet so as to end the connection.
Anyway I wont go into much details about IP Spoofing
since it's a very complicated subject and you have to
understand it thoroughly in order to execute it.
Note: Please don't get angry on me for using terms like
SYN/ACK packets FIN Packets in the above paragraph if
you are not familiar with it.. well its common terms in
IP spoofing.. I just came across a very good IP Spoofing
manual.. you can come across it..
"IP Spoofing Demystified" available for
download in the books section of http://blacksun.box.sk
Well that's it for now.. the second part of this manual
will be up soon.. if anybody of you know about some more
fun with telnet do let me know about it or write an
article by yourself and I'll be glad to publish it on HC
"But did you, in your three- piece psychology
and 1950's
techno brain, ever take a look behind the eyes of the
hacker?
Did you ever wonder what made him trick,
what forces shaped him, what may have molded him?
I am a hacker, enter my world..."
("The Conscience of a Hacker", The Mentor)
TOP | |
| Send Feed Back At |
[email protected] | |
|
