============================================================ HACKING FOR NEWBIES BY KILLAHDRAGON ============================================================ ************* written on: 26/09/2001 for Astalavista Group http://www.hacktheworld.net ************** Hacking For Newbies: This file will list and explain all possible ways to hack a system for newbies.I wrote this file for people who have want to hack windows, but if you want to become a real hacker i sugessest getting Linux Disclaimer: All information provided in this file is for education purposes only. I have written up this file to demonstrate how easy it is to hack into a system. I am cannot be held responsible for any actions encourged by this text and therefore cannot be blamed for any damages caused by anyone. This file was written for education purposes only and you should not try to do anything that this file states. Dont be stupid: HACKING IS ILLEGAL Contents: i: Dos commands ii: Staying Anonymous iii: Ports iv: Bios hacking v: remote administration programs (trojans) vi: Manifesto i: DOS Commands. Every windows comes with M$-DOS. To run it click on Start > Run. Then type 'command.com' without the quotes. Now you should see a black screen infront of you with something like 'C:\>' or 'C:\Windows>' This is Dos. Its not very user friendly but once you know the commands it becomes much easier. Basic Dos Commands: cd.. up one directory cd\ goto the main directory dir directory. displays all the files in the current directory cd access a folder called del deletes a file, does prompt for deletion deltree deletes a folder, prompts for deletion move moves a file to another directory eg: If i wanted to move c:\program to c:\windows move c:\program c:\windows copy copies a file to another directory edit Dos editor. start file.ext starts a program in windows. eg: start calc.exe type file.exe types the file onto the screen. [ctrl] + [z] terminates a running program [ctrl] + [break] terminates a running program edit file.ext edits a file using the Dos Editor These are some of the Dos Commands. If you want more help with these commands type in the command then space then /? in dos. eg: move /? this will tell you the syntax and how to use it. Advanced Dos Commands: These commands you need if you want to hack. There are programs out there that do the same but i always use dos. Net Very good. allows you to connect to a remote windows which have file and print sharing on, see iv:Bios hacking Ping sends a packet to the ip and determins their connection. If the packets are returned that means they are online. if you get nothing returned that means they are either offline or behind a firewall Tracert Used to determine which path the packets travel on the net. syntax: tracer eg tracert yahoo.com Netstat -n It can tell you the Ip address fo the person you are chatting to. Many instant messaging programs DCC to your computer, in ICQ the whole conversation is DCC'd so when ever you are chatting to someone on ICQ just go to DOS and type in 'netstat -n' and it will list their IP. In MSN and some IRC's the whole conversation is not DCC'd like ICQ, but the DCC connection opens up while you send them a file. So send the person yuo are chatting to a file and then go to dos and use netstat -n Nbtstat see Bios Hacking WinIpcfg Displays you IP, use IPCONFIG if you have Windows 2000. Thats probably all i can think of for now. Once you know these commands it becomes easier and easier. ii: Staying Anonymous Its very easy for you to hack a system and vice versa for someone to hack your system. So staying anonymous on the net increases you chances very much. In this file i will be talking about proxies. By definition, "proxy" refers to a person or agency who has authority to act for another. So, taken literally, that means a "proxy server" acts in place of another server. If you change your proxy to an anonymous proxy then your IP is hidden from anyone who tries to get it, and without and IP hackers can't hack you. To change your Proxy open up Internet Explorer (i have explorer so i dont know how to do it for netscape or others but it should be very close to this), click on Tools then Internet Options. Click on the connections tab, then click on LAN settings. Make sure 'Use a Proxy server' is checked. Then put the proxy address in the address and the port in the port. For a list of anonymouse proxies go to: http://www.cyberarmy.com/lists/proxy/ http://www.astalavista.com/privacy/proxy/ Wingates servers are just a proxy servers but they work for IRC and Telnet, for a list of wingate servers goto: http://www.cyberarmy.com/lists/wingate/ http://www.astalavista.com/privacy/wingate/list.shtml iii: Ports Everything that you do over the internet is done over a port. You can check what internet services are being used on one machine or you can scan a whole range of IP addresses for one individual service which you can use to hack into the machine. The following is a list of Ports and their uses: Port 80 is the port for Http (web sites). Port 21 is for Telnet Port 23 is for FTP port 139 is the netbios port However, there are also ones that remote administration programs (trojans) use like: port 23 - Tiny Telnet Server (= TTS) port 25 - Ajan, Antigen, Email Password Sender, Haebu Coceda (= Naebi), Happy 99, Kuang2, ProMail trojan, Shtrilitz, Stealth, Tapiras, Terminator, WinPC, WinSpy port 31 - Agent 31, Hackers Paradise, Masters Paradise port 41 - DeepThroat port 59 - DMSetup port 79 - Firehotcker port 80 - Executor, RingZero port 99 - Hidden Port port 110 - ProMail trojan port 113 - Kazimas port 119 - Happy 99 port 121 - JammerKillah port 421 - TCP Wrappers port 456 - Hackers Paradise port 531 - Rasmin port 555 - Ini-Killer, NeTAdmin, Phase Zero, Stealth Spy port 666 - Attack FTP, Back Construction, Cain & Abel, Satanz Backdoor, ServeU, Shadow Phyre port 911 - Dark Shadow port 999 - DeepThroat, WinSatan port 1001 - Silencer, WebEx port 1024 - NetSpy port 1042 - Bla port 1045 - Rasmin port 1090 - Xtreme port 1170 - Psyber Stream Server, Streaming Audio trojan, Voice port 1234 - Ultors Trojan port 1243 - BackDoor-G, SubSeven, SubSeven Apocalypse port 1245 - VooDoo Doll port 1269 - Mavericks Matrix port 1349 (UDP) - BO DLL port 1492 - FTP99CMP port 1509 - Psyber Streaming Server port 1600 - Shivka-Burka port 1807 - SpySender port 1981 - Shockrave port 1999 - BackDoor port 1999 - TransScout port 2000 - TransScout port 2001 - TransScout port 2001 - Trojan Cow port 2002 - TransScout port 2003 - TransScout port 2004 - TransScout port 2005 - TransScout port 2023 - Ripper port 2115 - Bugs port 2140 - Deep Throat, The Invasor port 2155 - Illusion Mailer port 2283 - HVL Rat5 port 2565 - Striker port 2583 - WinCrash port 2600 - Digital RootBeer port 2801 - Phineas Phucker port 2989 (UDP) - RAT port 3024 - WinCrash port 3128 - RingZero port 3129 - Masters Paradise port 3150 - Deep Throat, The Invasor port 3459 - Eclipse 2000 port 3700 - Portal of Doom port 3791 - Eclypse port 3801 (UDP) - Eclypse port 4092 - WinCrash port 4321 - BoBo port 4567 - File Nail port 4590 - ICQTrojan port 5000 - Bubbel, Back Door Setup, Sockets de Troie port 5001 - Back Door Setup, Sockets de Troie port 5011 - One of the Last Trojans (OOTLT) port 5031 - NetMetro port 5321 - Firehotcker port 5400 - Blade Runner, Back Construction port 5401 - Blade Runner, Back Construction port 5402 - Blade Runner, Back Construction port 5550 - Xtcp port 5512 - Illusion Mailer port 5555 - ServeMe port 5556 - BO Facil port 5557 - BO Facil port 5569 - Robo-Hack port 5742 - WinCrash port 6400 - The Thing port 6669 - Vampyre port 6670 - DeepThroat port 6771 - DeepThroat port 6776 - BackDoor-G, SubSeven port 6912 - Shit Heep (not port 69123!) port 6939 - Indoctrination port 6969 - GateCrasher, Priority, IRC 3 port 6970 - GateCrasher port 7000 - Remote Grab, Kazimas port 7789 - Back Door Setup, ICKiller port 8080 - RingZero port 9400 - InCommand port 9872 - Portal of Doom port 9873 - Portal of Doom port 9874 - Portal of Doom port 9875 - Portal of Doom port 9876 - Cyber Attacker port 9878 - TransScout port 9989 - iNi-Killer port 10067 (UDP) - Portal of Doom port 10101 - BrainSpy port 10167 (UDP) - Portal of Doom port 10520 - Acid Shivers port 10607 - Coma port 11000 - Senna Spy port 11223 - Progenic trojan port 12076 - Gjamer port 12223 - Hack«99 KeyLogger port 12345 - GabanBus, NetBus, Pie Bill Gates, X-bill port 12346 - GabanBus, NetBus, X-bill port 12361 - Whack-a-mole port 12362 - Whack-a-mole port 12631 - WhackJob port 13000 - Senna Spy port 16969 - Priority port 17300 - Kuang2 The Virus port 20000 - Millennium port 20001 - Millennium port 20034 - NetBus 2 Pro port 20203 - Logged port 21544 - GirlFriend port 22222 - Prosiak port 23456 - Evil FTP, Ugly FTP, Whack Job port 23476 - Donald Dick port 23477 - Donald Dick port 26274 (UDP) - Delta Source port 29891 (UDP) - The Unexplained port 30029 - AOL Trojan port 30100 - NetSphere port 30101 - NetSphere port 30102 - NetSphere port 30303 - Sockets de Troi port 30999 - Kuang2 port 31336 - Bo Whack port 31337 - Baron Night, BO client, BO2, Bo Facil port 31337 (UDP) - BackFire, Back Orifice, DeepBO port 31338 - NetSpy DK port 31338 (UDP) - Back Orifice, DeepBO port 31339 - NetSpy DK port 31666 - BOWhack port 31785 - Hack«a«Tack port 31787 - Hack«a«Tack port 31788 - Hack«a«Tack port 31789 (UDP) - Hack«a«Tack port 31791 (UDP) - Hack«a«Tack port 31792 - Hack«a«Tack port 33333 - Prosiak port 33911 - Spirit 2001a port 34324 - BigGluck, TN port 40412 - The Spy port 40421 - Agent 40421, Masters Paradise port 40422 - Masters Paradise port 40423 - Masters Paradise port 40426 - Masters Paradise port 47262 (UDP) - Delta Source port 50505 - Sockets de Troie port 50766 - Fore, Schwindler port 53001 - Remote Windows Shutdown port 54320 - Back Orifice 2000 port 54321 - School Bus port 54321 (UDP) - Back Orifice 2000 port 60000 - Deep Throat port 61466 - Telecommando port 65000 - Devil thnx 2 AuzyBuild for this list. You will learn alot about ports as you knowledge of hacking increases. iv: BIOS HACKING A very simple method of hacking is Bios hacking. Bios hacking allows you to connect to a remote computer which has file and print sharing on. To check if a certain computer has file and print sharing on then goto DOS and type in nbtstat -a ipaddress if you get a something like Host Not found then the Ip does not have file and print sharing on but if you get something like: NetBIOS Remote Machine Name Table Name Type Status -------------------------------------------- host <20> UNIQUE Registered WORKGROUP <00> GROUP Registered sys <03> UNIQUE Registered Then this Ip has file and print sharing on. Now all you is find what is the name of a host which has a code of 20 (you know the <20> in the second coloumn) the name in this case is 'host' Now you go and open any text editor, eg: Notepad and then click on File>Open and open a file called Lmhosts which is located in C:\Windows. remember Lmhosts does not have an extention so make sure you have File of Types to All Files (*.*). Once you have opened the document go to the end of it and type in the name of the host (in this case its host) and then press tab and type in the Ip address of the host. So Lmhosts (no extension should look like something like this: ---------------------------------------------------- host 210.231.01.23 ---------------------------------------------------- Now save the file and exit. Click on Start and then Find, then click on Computer. Type in the Ip address in the search field and hit enter. You should get a result with the host as the name. double click on it and you are now moving around the victims directory as if it was your own. v: remote administration programs (trojans) Trojans are programs which open up a backdoor so a client and access it. On the internet today there are lots programs but i recommend getting either Sub Seven (easy to use and a lot of features) or Back Orifice (not so easy to use but a lot of features). Make sure you disable you antivirus when dealing with these programs because it detects them as virus' but they are not as long as you dont double click on the server. What these programs do is when you give a person server.exe on disk and he clicks on it, then it opens up a backdoor which you can connect to. Once the person has double clicked on server.exe you open up the client and type in his IP address and it connects to it. Then you can do a lot of things. I cant explain all the features of the program just read the helpp file or download a tutorial on the program from the net, there are many. just goto www.altavista.com and search for Sub seven or Back Orifice. These programs also contain a exe called editserver. this program allows you to edit the way the server or trojan looks and what is does. for example: i can change the icon to a bitmap and when the victim clicks on it i can make it on a picture and at the same time install the trojan. Trojans are a very good way of getting remote access to a system, and i recommend that you read alot about them before you use them. Its very simple to learn about Trojans, i recommend you download Sub Seven or Netbus if its your first time or Back Orifice is you want more control. vi: Manifesto This manifesto was written by the ++The Mento++, its very good and nearly all hackers know it. I suggest you read it: Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering." "Damn kids. They're all alike." But did you, in your three-piece psychology and 1950's technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him? I am a hacker, enter my world. Mine is a world that begins with school. I'm smarter than most of the other kids, this crap they teach us bores me. "Damn underachiever. They're all alike." I'm in junior high or high school. I've listened to teachers explain for the fifteenth time how to reduce a fraction. I understand it. "No, Ms. Smith, I didn't show my work. I did it in my head." "Damn kid. Probably copied it. They're all alike." I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me, or feels threatened by me, or thinks I'm a smart ass, or doesn't like teaching and shouldn't be here. Damn kid. All he does is play games. They're all alike. And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. "This is it... this is where I belong..." I know everyone here... even if I've never met them, never talked to them, may never hear from them again... I know you all... Damn kid. Tying up the phone line again. They're all alike... You bet your ass we're all alike... we've been spoon-fed baby food at school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert. This is our world now... the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals. Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for. I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike.