Thursday, 17 January 2013

Basic Networking and Hacking Commands

Basic Networking and Hacking Commands

Here I am going to tell some useful basics Commands for a Networking on a "Command Prompt"(CMD).
In case you don’t know how to get CMD open , then click on Start, then Run, then type “cmd" without quotes.

Lets start with some simple commands

1) ping : It sends a message to a computer anywhere on the network/internet, and if the computer is connected you will get a response. If the computer is not connected to the network/internet you wont get a response.

Examples
ping 192.168.1.4 (192.168.1.4 is the IP address is you want to check whether it is connected or not )
or
ping www.myworld.com
(www.myworld.com is the website you want to ping, if you don’t know the IP).

There are many ption with this commands
ping /? this help command give more option with description
2) nslookup : This command have different functionalities. The name nslookup means "name server lookup".
This is used find Domain Name System (DNS) details, including IP addresses of a particular computer, MX records for a domain and the NS servers of a domain.
Examples
nslookup www.google.com

Server: mumns4.mtnl.net.in (This is your nearest DNS server of your service provider with IP address)
Address: 59.185.3.12

Non-authoritative answer:
Name: google.com (This is a DNS server name of website you want to know)
Address: 209.85.153.104

Another function of nslookup is to find out mail server and its IP address
Now MX records(Mail eXchange record) is an entry in a DNS database that points to the mail server for that domain.In a small company, the MX record typically directs all e-mail to the same domain. However, a company may handle e-mail using a different domain name,in this case the MX record is configured route to the mail server.

nslookup (enter)
set type=mx (enter)
yahoo.com (This command will give you the mail servers IP address of yahoo.com.)

3) tracert : The tracert displays each host that a packet travels through as it tries to reach its destination.
each host is considered as hop you can see how many “hops” from the website you are way with this command:
Example
tracert 209.85.153.104
or
tracert google.com



4)arp : This command display and modifies the IP to Physical Address translation table used by "Address Resolution Protocol".
Address Resolution Protocol protocol used to obtain a node's physical address. Suppose a node (source) wants to communicate with target node. Source sends arp request with target IP address target responds by sending its physical address.
Examples
arp -a (Displays current ARP entries table.)

There are many option with this commands
arp /? this help command give more option with description.


5)netstat (network statistics): is used displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics.
Examples
netstat -a (Displays all active TCP connections and the TCP and UDP ports on which the computer is
listening).

There are many option with this commands
netstat /? this help command give more option with description.

6) ipconfig :(internet protocol configuration) displays all current TCP/IP network configuration values like IP address ,subnet mask,gateway etc.
Examples
ipconfig (display only the IP address, subnet mask and default gateway).
ipconfig /all (Display full configuration information including DHCP ,DNS address ,physical address etc.
ipconfig /release (this will release your IP)
ipconfig /renew (this will renew your iP)


There are many option with this commands
ipconfig /? this help command give more option with description.

7) nbtstat : This command will show you the netbios name of the target.
nbtstat is use to troubleshoot NetBIOS name resolution problems. When a network is functioning normally, NetBIOS over TCP/IP (NetBT) resolves NetBIOS names to IP addresses. The nbtstat command removes and corrects preloaded entries.
Examples
nbtstat -a computername (displays local NetBIOS name table for that computer as well as the MAC
address of the adapter card).
nbtstat -A < IP address > (command performs the same function using a target IP address rather than a
name).
nbtstat - c (option shows the contents of the NetBIOS name cache, which contains NetBIOS name-to-IP
address mappings).
nbtstat -n (displays the names that have been registered locally on the system by NetBIOS applications
such as the server and redirector).
There are many option with this commands
nbtstat /? this help command give more option with description.
8) net use : This command connects / disconnects the computer from a shared resources such as other computers, printers and drives, or allow to view the information about current computer connections. In addition, it provides other functionalities as well. Net use is used to display a list of network connection information on shared resources.
If you will use net use command without any parameters, you will retrieves a list of network current connections.
There are many option with net use see the option in image.The with this bracket [ ] is optional.

examples

net use \\ IP address\IPC$ “” /user:administrator (this command will allow you to connect to the target
as administrator)

Now if you want to connect to the target and browse the entire C drive, then use this command:
net use K: \computername\C$ (this will create a virtual drive on your “my computer” folder)

Note : Keep in mind that this will only works if the target doesn’t have an administrator password set.
or you will have to provide administrator password within a command.

To hack administrator password of any pc on LAN use "Cain and Abeil" tool (see video of my previous post )

This command makes use of the SMB (server message block) and the NetBios protocol on port 139 or 445. By default, in the basic windows XP configuration, it is enabled. Thus, users can connect and disconnect from shared resources such as computers, printers and drives.


It also connects to the IPC$ (interprocess communication share). This is so called the null session connection, which allows unauthenticated users. The basic use for connecting anonymously is: net use \\ IP address\IPC$ “” /u:””. For example, if this is typed in the command prompt: net use \\192.168.1.101\IPC$ "" /u:"", you would be connecting to the share IPC$ of the network 192.168.1.101 as an anonymous user with blank password. If successfully connected to the target machine, a lot of information can be gathered such as shares, users, groups, registry keys and more. This would provide a hacker with a lot of information about a remote user.