IPC $ after connection failure

It is not difficult for a friend who often reads articles related to intrusions to find that most of the intrusions require ipc $ connections (in fact not the same). As mentioned in many security journals, the ipc $ is frequently used, whether before obtaining the administrator or after obtaining the administrator. This seems to be a big gap. It seems that what others say is as easy as a glacier, but in fact, most administrators will not give you this opportunity, the Administrator will try every means to block this known vulnerability. A fool will drive sharing, waiting for you to go black ~~ As a result, many friends complained that ipc $ could not be connected, or what number was wrong. This has greatly affected our enthusiasm for learning hackers. Today, I would like to share with you the reasons for the failure of ipc $ and the solution.
What is ipc $?
We 'd better first look at what is an ipc $ connection. Ipc (internet process connection) is a remote network connection. While ipc $, admin $, c $, d $, and e $ are shared by winnt and win2000 by default. Ipc $ is a type of pipe communication, which establishes a connection between two ip addresses. We usually see that the host of the other party has opened 139,445, and we usually say that the other party has shared the host. You can try to connect with ipc $. Net use \ remote ipipc $ "password" user: "username" [1]
Note: This function is available only in winnt and win2000, and does not exist in Windows98.

Many of my friends are confused about the concept of ipc $ connection. Here I would like to say that ipc $ connections are divided into ipc $ NULL connections and ipc $ connections with certain permissions, after an empty connection is established, many friends are anxious to copy the tool. This is certainly an error [2]. In fact, this is also a problem that many friends often encounter. Because this is a null connection and does not have any permissions (just like Anonymous Access), no commands can be executed except to obtain netbios information of the remote host.
However, after you have obtained certain permissions, you can copy the file. For example, if you get an administrator password that is an empty password, that is, an ipc $ connection with certain permissions, empty connection is just a simple communication pipeline established with the remote host. Is it useless? Of course not. We can use brute-force cracking to get the Administrator's password, that is, we can hang on the dictionary to continuously test the ipc $ null connection, so as to achieve the Administrator's password, the most famous tool is Xiao Rong's smbcrack. this is not the focus of this Article. If you are interested, you can go to www.itaq.org to read related articles.
Now I have a clear understanding of the ipc $ null connection and the ipc $ connection with certain permissions.

Now, let's analyze the Common Failure Causes of ipc $. All we need is a virtual machine, or you have your own zombie or LAN. I select a virtual machine here (the reason is simple: Save Money ~~~ Don't hit me ).
1. 1326 Error
Run the net use \ 192.168.60.128ipc $ "12345"/user: "admaninistrator" command to connect. [3] The system reports a 1326 error. Logon Failed: Unknown user name or Password error. This error is very common ~~~, We checked our command and found that it was a user name input error. (Or your password is incorrect)
3. Error 53
Enter net use \ 192.168.60.128ipc $ "12345"/user: "admninistrator" again, and report system error 53 [4]. The network name cannot be found. The path cannot be found, but the network name cannot be found. Let's take a look at the system process. The remote host (Virtual Machine) opened a firewall. We killed this process. Check that the connection is successful!
2. Error 67
This is what we often encounter, which makes many of our new friends very depressed. Let's give it a try and enter the command net use \ 192.168.60.128ipc $ "12345"/user: "admninistrator" reported system error 67 [5]. The network path cannot be found. We need to go to our virtual machine and check the sharing. It turns out that sharing is not enabled. No wonder we cannot find the path. [6] We can use net share to open sharing. In this way, no error will be reported.
Solution
We now know the cause of the failure of ipc $. We know that network administrators with a little security awareness will close the sharing and will not give you a chance to connect to his machine with a simple ipc $, however, if he shields ipc $ sharing and opens a small number of services (or disables many services that can be used at all), even if you use some methods such as overflow attacks and get the permissions, after you enter the system, it makes no sense to add an account. If you want to use ipc $ to connect to the upload tool, you will find continuous errors. Errors 1326 and 67 are relatively simple and easy to handle. What should we do if we encounter a remote connection failure when the peer opens a firewall (error 67? Several methods are provided here,
1. kill the firewall in the remote host. If the recipient installs the resouce kit, we can use the tlist and kill commands to find and kill the firewall process.
2. Use tftp. It doesn't mean that some administrators have installed the resouce kit. What should we do? We know that 2000 is a built-in tftp. We can use tftp to upload tools, such as tlist and kill, and then disable firewall and anti-virus software.
3. Use your own ftp. We can also drive an ftp server by ourselves, and then use a remote computer, in turn, ftp our own machine, to achieve the purpose of the upload tool. And then kill the process... (in fact, there is no need to) the rest will be yours.

In fact, this article does not have any technical skills. It just gives a summative answer to some of the frequently asked questions from online friends. I hope it will bring convenience to beginners. I also hope that beginners can understand that many things should be done by themselves. Don't just ask questions, because no one in this field can really help, only you !! What is a hacker ?? No matter how many people you ask, there is only one answer: hackers are a spirit and a spirit of self-exploration.