Literally, hacking is to get something or someone on the internet without
their consent or interest. While speaking of a short, hacking is a very easy
job, it is as if instead of the using front door, finding a hidden door of a
house and the seizure of valuables(hijacking the precious things). Among
the main hacking, hacking through the IP address is one of the most
common yet with a powerful beggining.
You may want to hack the website and put your advertisement there or grab
some database information.
In this type of hacking, you are playing with the web server’s computer
instead of the administrator’s computer.
Because for eg. www.website.com is in a separate Web server instead of
the personal computer.
Another might be to access the computer of your friend from your home.
Again, based on IP, and it is only possible when your friend’s computer is
online. If it is off or not connected to the Internet, allowing external IP
hacking(remote IP Hacking) is quite impossible.
Well, both have the same process. So Let's summarize what we should do.
First Of All Confirm the site or the computer you wanna hack.
1. Discover or trace their IP addresses.
2. Verify that the IP address is online
3. Scan open ports
4. Check the doors Venerability(for venerable ports)
5. Access through the door(probably the port).
6. Brute force username and password
Now let me just briefly describe the basic steps that a child can also
understand if you didnt get.
First, get the IP address of the victim.
To get the IP address of the victim's website, ping for it in command
prompt.
For example,
ping www.google.com
=>
To retrieve the IP address of google.com
That's how we can get the IP address of the victim's website.
What about your friend's PC? You can't do www.yourfriendname.com, huh?
Finding the IP address of your friend's PC is a bit complicated and most
difficult, if it has a dynamic IP address, which changes constantly.
A common method to detect the IP address of your friend is talking to him.
Go Here From your Friend's Computer:
http://www.tracemyip.org/
From Here You Can Check Out His IP-Address & Note It Down somewhere.
Now, did you have the IP address?
If yes then do check it out if he/she's online? ITo know the online status just
ping the IP address, if it is online it will reply.
If the IP address is online, scan for the open ports. Open ports are like
closed doors, without locks, you can get in and out easily.
Use the Advanced Port Scanner to scan all open and venerable ports/doors.
Now that you have the IP address and open port of the victim, now you can
use telnet to try to access it.
Make sure you have telnet enabled on your computer or install it from:
Control Panel > Add or Remove Programs > Add Windows Components
Then open command prompt and use the telnet command to access the IP
address.
Use the following syntax for the connection.
You will be prompted for login information.
If you can easily guess the information then it's okay. Or you can use some
brute force tools below.
1. Brutus
Brutus is one of the fastest, most flexible remote password crackers you can
get your hands on - is also free. It 'available for Windows 9x, NT and 2000,
there is no UN * X version available although it is possible at some point in
the future. This Windows-only cracker bangs against network services of
remote systems trying to guess passwords using a dictionary and its
permutations. It supports HTTP, POP3, FTP, SMB, Telnet, IMAP, NTP, and
more.
Platform: Windows
2. THC-HYDRA
This tool enables the rapid dictionary attacks against systems connecting to
the network, including FTP, POP3, IMAP, Net-bios, Telnet, HTTP
authentication, LDAP NNTP, VNC, ICQ, SOCKS5, PCNFS, and more. Includes
SSL support and is apparently now part of Nessus.
Platform: UNIX , Windows
3. TSGrinder
TSGrinder terminal server is the first gross instrument of force. The main
idea is that the administrator account, since it cannot be locked out for local
logons, can be brute forced. And having an encrypted channel for the
process of TS Logon that helps to keep IDS from catching the attempts.
This is a "dictionary" based attack tool, but has some interesting features
like "1337" conversion and supports multiple attack windows from a single
dictionary file. It supports multiple password attempts in the same way, and
lets you specify how often you try a combination of username / password
on a particular connection.
Platform: Windows
In this way, you will be able to hack remote computer using just the IP
address . !!
No comments:
Post a Comment