0

Hey guys, I’m doing a Networks Security course and the lecture said that those that can demonstrate any form of hacking will get bonus marks. I’ve tried searching, but all I really get are explanations of how the hack works… what I’d really like are tools to do the actual hack.

Here’s the setup: There are two machines connected to our local LAN – a Linux system and a Windows system. My PC is also connected to them (since it is in the LAN) and so we really have two Windows systems. I want to be able to hack into the Windows system which doesn’t have any of the service packs installed.

I was thinking of a DoS (Denial of Service) but I really only understand how the ping flood works… and since both PCs are the same bandwidth (100Mbps) a ping attack seems hardly effective. So I was thinking about setting up a small back door (which I think is feasible since people often install cracks, etc and one might be able to sneak in a Trojan). But I have no idea how to do that…

Does anyone have any tools or sites that I could try out? Any suggestions would be kiff! Thanks :)

5
Contributors
5
Replies
7
Views
10 Years
Discussion Span
Last Post by PoovenM
1

Here's my suggestion.
If you are really in a course of this sort.
And if you are really going to get bonus points for demonstration.

Maybe you should go old school and leave all the newer stuff and mainly illegal stuff alone.

Why don't you check into social engineering... You would be surprised what a search on this could unveil and besides. A paper on the methods and effectiveness on social engineering with a minor demonstration will definately impress your instructor.

Stop looking for a trojan, worm, or virus. You're not only wasting your time but you're playing with fire.

Votes + Comments
Thanks for the hint :)
0

Sir,
Actually i'm 17 years old and have a hunger to learn PHP, network security and Visual Basic.. Can you please guide me to get tutorials online for these... Sir i'm interested in cryptanalysis and cryptography with hacking and viruses...

0

Insane thing but try this...

2 systems r connected via lan, assume sys1, sys2. fine... get a bootable usb drive or cd and insert it into the sys1 or sys2.

after booting form the cdrom copy the file called "SAM-security accounts manager" to your pendrive.

dump the hash using some tool, if i remember it it was called somedump... bhaa i don't remember.

after that you will get a hash, then use saminsider and crack the hash to get the password. Now u have the pwd for the box.

do someshit in the sys2, install viri or torjan or whatever and start to play around.

0

ohhh...don't get into trouble...consequences.. is difficult..but if you really want..try searching the web..there's a lot out there..try doing simple things first, check on how to get an administrator account on a computer on the network, then if you have that account you gain access to it remotely... there's one thing for sure.. you can't do it in an easy way..


-------------------------

Strive harder and get tougher...

0

Well our activities are restricted within the domain of our University and within this domain we are exempted from all consequences for the simple fact that we're doing a prescribed course.

Social Engineering sounds interesting. I've never really been good at that sort of thing though. Thanks for the tip!

We actually did consider the SAM attack; theoretically though. I don't think we're allowed physical access to the machines we're attacking.

An interesting tool is DSniff. You should give that a look Shank. It will allow you to view plain text passwords - the aim of the program is to demonstrate weaknesses in the network... it can also effectively allow you to scramble internet access of a node on the same network. There are also tools designed to aid in network protection by detecting weaknesses: Nessus.

Well thanks for the replies!

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.