Literally, hacking is to get something
or someone on the internet without their consent or interest. While
speaking of a short, hacking is a very easy job, it is as if instead of
the using front door, finding a hidden door of a house and the seizure
of valuables(hijacking the precious things). Among the main hacking,
hacking through the IP address is one of the most common yet with a
powerful beggining.
You may want to hack the website and put your advertisement there or grab some database information.
In this type of hacking, you are playing with the web server’s computer instead of the administrator’s computer.
Because for eg. www.website.com is in a separate Web server instead of the personal computer.
Another might be to access the computer of your friend from your home. Again, based on IP, and it is only possible when your friend’s computer is online. If it is off or not connected to the Internet, allowing external IP hacking(remote IP Hacking) is quite impossible.
You may want to hack the website and put your advertisement there or grab some database information.
In this type of hacking, you are playing with the web server’s computer instead of the administrator’s computer.
Because for eg. www.website.com is in a separate Web server instead of the personal computer.
Another might be to access the computer of your friend from your home. Again, based on IP, and it is only possible when your friend’s computer is online. If it is off or not connected to the Internet, allowing external IP hacking(remote IP Hacking) is quite impossible.
Well, both have the same process. So Let's summarize what we should do.
First Of All Confirm the site or the computer you wanna hack.
1. Discover or trace their IP addresses.
2. Verify that the IP address is online
3. Scan open ports
4. Check the doors Venerability(for venerable ports)
5. Access through the door(probably the port).
6. Brute force username and password
Now let me just briefly describe the basic steps that a child can also understand if you didnt get.
First, get the IP address of the victim.
To get the IP address of the victim's website, ping for it in command prompt.
For example,
ping www.google.com
=>
To retrieve the IP address of google.com
First Of All Confirm the site or the computer you wanna hack.
1. Discover or trace their IP addresses.
2. Verify that the IP address is online
3. Scan open ports
4. Check the doors Venerability(for venerable ports)
5. Access through the door(probably the port).
6. Brute force username and password
Now let me just briefly describe the basic steps that a child can also understand if you didnt get.
First, get the IP address of the victim.
To get the IP address of the victim's website, ping for it in command prompt.
For example,
ping www.google.com
=>
To retrieve the IP address of google.com
That's how we can get the IP address of the victim's website.
What about your friend's PC? You can't do www.yourfriendname.com, huh?
Finding the IP address of your friend's PC is a bit complicated and most difficult, if it has a dynamic IP address, which changes constantly.
A common method to detect the IP address of your friend is talking to him.
Go Here From your Friend's Computer:
http://www.tracemyip.org/
From Here You Can Check Out His IP-Address & Note It Down somewhere.
Now, did you have the IP address?
If yes then do check it out if he/she's online? ITo know the online status just ping the IP address, if it is online it will reply.
If the IP address is online, scan for the open ports. Open ports are like closed doors, without locks, you can get in and out easily.
Use the Advanced Port Scanner to scan all open and venerable ports/doors.
What about your friend's PC? You can't do www.yourfriendname.com, huh?
Finding the IP address of your friend's PC is a bit complicated and most difficult, if it has a dynamic IP address, which changes constantly.
A common method to detect the IP address of your friend is talking to him.
Go Here From your Friend's Computer:
http://www.tracemyip.org/
From Here You Can Check Out His IP-Address & Note It Down somewhere.
Now, did you have the IP address?
If yes then do check it out if he/she's online? ITo know the online status just ping the IP address, if it is online it will reply.
If the IP address is online, scan for the open ports. Open ports are like closed doors, without locks, you can get in and out easily.
Use the Advanced Port Scanner to scan all open and venerable ports/doors.
Now that you have the IP address and open port of the victim, now you can use telnet to try to access it.
Make sure you have telnet enabled on your computer or install it from:
Control Panel > Add or Remove Programs > Add Windows Components
Control Panel > Add or Remove Programs > Add Windows Components
Then open command prompt and use the telnet command to access the IP address.
Use the following syntax for the connection.
Use the following syntax for the connection.
You will be prompted for login information.
If you can easily guess the information then it's okay. Or you can use some brute force tools below.
1. Brutus
Brutus
is one of the fastest, most flexible remote password crackers you can
get your hands on - is also free. It 'available for Windows 9x, NT and
2000, there is no UN * X version available although it is possible at
some point in the future. This Windows-only cracker bangs against
network services of remote systems trying to guess passwords using a
dictionary and its permutations. It supports HTTP, POP3, FTP, SMB,
Telnet, IMAP, NTP, and more.
Platform: Windows
2. THC-HYDRA
This
tool enables the rapid dictionary attacks against systems connecting to
the network, including FTP, POP3, IMAP, Net-bios, Telnet, HTTP
authentication, LDAP NNTP, VNC, ICQ, SOCKS5, PCNFS, and more. Includes
SSL support and is apparently now part of Nessus.
Platform: UNIX , Windows
3. TSGrinder
TSGrinder
terminal server is the first gross instrument of force. The main idea
is that the administrator account, since it cannot be locked out for
local logons, can be brute forced. And having an encrypted channel for
the process of TS Logon that helps to keep IDS from catching the
attempts. This is a "dictionary" based attack tool, but has some
interesting features like "1337" conversion and supports multiple attack
windows from a single dictionary file. It supports multiple password
attempts in the same way, and lets you specify how often you try a
combination of username / password on a particular connection.
Tags
tecnologia