Forum Thread: Hacking Outside My LAN?

what are the methods to hack a computer that is not on the same network(LAN)?? i have already made some .exe files with backdoors but they all work on the computer which are on the same network....

53 Responses

Arslan:

It shouldn't matter. Either inside the LAN or outside the LAN as long as you have the IP address of the target.

OTW

well if i got the IP address of victim then what methods do u suggest wil be best??

The best method is relative dependent upon the target. There is not one best method.

Have you read my Metasploit tutorials?

hey when you use metasplot and it asks you lhost do you give it a local ip(when hacking outside of lan) or global?

when you are doing a reverstcp attack

i'm reading them now... :) but can u please make a post about what methods to use on what conditions of the target.. it will be really helpful. :)

for start just give me names of two or three general methods.. reply asap :)

Arslan:

Be patient. The method is dependent upon so many things such the OS, the apps, the services, the ports.

Have you done your reconnaissance yet?

i think you have everything you need on this blog/forum(i dont know how to call this) from learning to use the tools ,learning what your target is,how to avoid antiviruses to what to do to control the system after you break in to it,even making a script to hack on its own just after you give it an ip or after an infected system comes online... ,it would be better for you to read all the posts then for us to tell you 1 method and then you learning all about that one method that might not work ....

Ivan,

In reference to building a script to attack once an infected system comes online, do you know how to get the meterpreter call back to activate your script?

no.. but i think after a little research that the answer i needed was port forwarding... after that all the exploits will work outside the LAN... on the other hand its true that there are hundreds of methods each for different condition of target... am i right??? so i just need to port forward to make the exploits work??

Good luck, Arslan. Your impatience is likely to land you a prison term.

haha :P no i'm not that impatient... i just want to learn fast. and u have not answered my above Q... is this a yes for port forwarding??

Arslan:

You have a lot of homework to do.

No, to portforwarding.

OTW

ok then can u assign me some homework... the things necessary to learn for hacking outside LAN!!!... it'll be really helpful cause most of the blogs are filled with c**... only real help i'm getting is from u :)

Ok. Go to my "Hacking for Newbies" and follow the steps there.

Arslan Ahmad:

Take the advice you're being given. You have recognised that you do not have sufficient knowledge to perform the task at hand and have come here for help. We are giving you the correct information, but you are refusing to take any note of it and insist that there is a "quick and easy way" to hack.

Short answer, there is no quick and easy way to hack. At its core, hacking is about manipulating software to do things it isn't intended to do. If you're looking for that quick and easy way, not only will it land you a prison term, but no-one here will help you. I, personally, will not help a script kiddy.

The choice is yours, actually take up the discipline as others have recommended, or don't. Either way it does not affect us in the slightest.

ghost_

Arslan,

This is an art form. We could tell you the easiest way to draw a smiley face is to draw a smiley face and it isn't going to help much at all.

Everything you need is here, as well as a supportive community IF you're willing to take the time to learn. Asking questions that are covered in notes on most of the other articles is only going to get you ignored. LOOK, READ, ATTEMPT the things here and then ask. It's quite clear when you have attempted them as your questions start to become more specific.

Download metasploitable and try attacking that.

yeah i'm now following from step 1... as OTW said... :) thanks for the advice.

one of the Q raised last night was that during doing reconnaissance with hping3... which ip of target do we need to do reconnaissance...? here target being any PC..

I have a question. How can i get victim machine ip address where he is using data card to connect to internet? How can i perform an attack or install a trojan on victim machine?

Arslan

I'm not sure I understand your question. Can you try and put it into a scenario for me.

well its something like this... we want to do reconnaissance of some target which is not on our network. now for reconnaissance u need a private IP of the target to look for open ports etc.

My Q is that what is the method of getting that IP for reconnaissance..!! here target is not any website but PC...

i've read the article by OTW to use netdiscover and ARP to find IP and MAC address .. but here again we need to be on the same network to find the private IP and MAC address. now i hope u understand what i'm asking for...

make a blog and tell him to visit it you can register his ip there or send him a file that will infect him and report back to you(no need to know his ip)..usually SE him.you need to force him to come to your site or program.

Arslan:

There are many ways, but you must be creative as suggested by Ivan.

yeah i got the idea :) thanks again for all ur help..though i'll soon be back with more questions :P

do pubic IP work or we must get the internal(private) IP?

Arslan:

If you want to resolve the private v. public IP address, you could just use the IPv6 address.

OTW

what it depends on??

and as friend ivan suggested that send a file that report back to u... is there a tutorial for creating such a file.. that would be really helpful.. :) i know my Q sound stupid and basic but i'm just starting in the world of hacking so any help would be appreciated...

Arslan,

There are several available right here. As I said yesterday, READ ATTEMPT AND THEN ask : -)

ok just give me the links to some of them cause all the methods i have read are use within LAN....

Of course, since you have legitimate access to the victim computer you could always ATTEMPT IT

Arslan;

Problem solving is an essential hacker skill.

OTW

yeah i know and i have attempted them like creating a malicious pdf etc and got success but now i'm trying to get out of LAN and hack other computers through web... i have also legitimate access to them.. but i don't know how to do that.. i mean how should i make such file that listen back to my IP... is there any tutorial to make that kind of file etc.?? if there is just give me a link... of course i will read it and then attempt it and then ask u any Q...

Arslan Ahmad:

Please refer to this article.

We're happy to help when you've made genuine effort to solve the problems presented to you at hand, but it becomes painfully obvious when you have not even attempted to understand for yourself.

ghost_

that pdf that you "tried" works outside of LAN

no just inside LAN... and sorry it was an .exe file with backdoor...

well the pdf stuff is a normal pdf that crashes when you open it and opens a connection to you

what port did you use

Let me put this in another way. I want to access my friend laptop. Is there a way to find his public IP address? How can i perform an attack on internet? I have seen many methods using metasploit, but LHOST value we give our private IP. In that case we can perform attack only in same LAN network. How can i make it to work on internet since i don't even know his IP address?

SK:

LHOST is not a problem. When you send a packet out to the Internet, your NAT device translates the private IP to a public IP. When the target responds, the NAT device translates back.

OTW

Will all home wireless network router device do this?

yes, ALL routers do this.

If your router didn't do this, you could never get a TCP connection.

I have already tried that. It didn't work and i couldn't able get reverse TCP connection. That time i didn't configure port forwarding in my router. May be that could be the reason that attack didn't work. I will try now.

Can you suggest a vulnerability and exploit for windows 8 machine?

most of the windows 7 attacks works on windows 8.
there are no major security updates on 8, all updates were based on resource allocations and speed.
as such, you can use reverse tcp easy on 8, with no problems.

Also, windows defender is better on 8, so its more likely that your exploit would be discovered, so first thing you should do is disable defender.

mererpreter> shell
sc config wscsvc start= disabled (notice the space between = and disabled)
that should do the trick...

There are SO many reasons that it might have failed.

Why bother with 8 when it is such miniscule fraction of installed systems?

the only reason was you didn't infect his pc you saw a tutorial online that hacked using one exploit and that exploit doesn't work on his pc that's why you didn't do it!

Thank you Ghost for this powerful message -"Take the advice you're being given. You have recognised that you do not have sufficient knowledge to perform the task at hand and have come here for help. We are giving you the correct information, but you are refusing to take any note of it and insist that there is a "quick and easy way" to hack.

Short answer, there is no quick and easy way to hack. At its core, hacking is about manipulating software to do things it isn't intended to do. If you're looking for that quick and easy way, not only will it land you a prison term, but no-one here will help you. I, personally, will not help a script kiddy.

The choice is yours, actually take up the discipline as others have recommended, or don't. Either way it does not affect us in the slightest."

I too was in hurry to go outside LAN but after reading your comment, I've slowed down my pace. I will LOOK, READ and attempt things first, like EX1S7 has said.

So, I will ask for anybody who knows where I can get comprehensive notes on IP and Port Forwarding. Please just share a LINK and I'll do the reading. I've searched through HOW-TOs to find one but I couldn't.

Hi all.. I have a question. Its regarding setting up the payload..

Ive got my old pc running w8.1 on another network and originally set my personal ip to a static ip but realised i needed to send the vict's (my) pc to my public IP.. But then realised that my public IP (routers IP) changes once and a while, im assuming when it boots up its designated a new IP each time. Is there any way to set my router to a static IP or do I HAVE to do a dynamic dns.. I have a no IP address and was wondering if i could put that address in the LHOST perhaps.. Im just thinking of different ways to connect a remote pc from outside my network..

Share Your Thoughts

  • Hot
  • Active