Your IP (Internet Protocol) address is your unique ID on the internet. It's synonymous with your home address. Anyone in the world can contact your computer through its IP address, and send a retrieve information with it.
I'm sure at one time or another you've heard that hackers can hack your computer via your IP address. This is one of the reasons proxies and anonymity services exist, to protect people from learning your IP address. So how are hackers using just an address to get into your computer and make your life hell?
Open ports. Your computer runs services like media sharing on what are called ports. A port is just an opening that a service uses as a communications endpoint. There are 65,535 total allocated ports in TCP/UDP. To exploit a service on a port, a hacker would banner grab for the software and version. After they learn that information, they would search sites like Packet Storm for known exploits to run against the service.
Today's Null Byte is going to demonstrate a simple "port scan" on local computer using Nmap, and teach how a hacker would exploit these services, as well as how to guard ourselves against it. This will be done under Linux, but Nmap is available for all platforms. If you can't figure out how to install it in Windows with the GUI installer (yeah, right), follow along using Cygwin.
Step 1 Download & Install Nmap
Bold words are commands that must be entered in a terminal emulator.
First, we must download Nmap, which is going to be our tool that we use for port scanning and information gathering:
wget http://nmap.org/dist/nmap-5.51.tar.bz2
Now, extract the archive:
tar -zxvf nmap-5.51.tar.bz2
Change to the newly made directory:
cd <directory name>
This is the standard installation procedure:
./configure
make && sudo make install
Nmap should now be installed!
Step 2 Scan for a Target
Let's scan a local computer. I'm going to use a website as an example, rather than a local computer. This is because my firewall is absolutely crazy, and filters out scans. Don't scan a remote computer with the intentions of doing bad deeds. This is for educational purposes only.
Start by mapping out your local network:
sudo nmap -sP 192.168.1.0/24
That should return a list of hosts that are up for a port scan!
Step 3 Scan Your Individual Target
Out of the returned list of targets, pick one that you would like to scan for services. Let's do a full scan of all the TCP/UDP ports:
sudo nmap -p 1-65535 -T4 -A -v <target IP goes here>
You should get something that looks like the following image:
As you can see, this target has MANY open ports. SSH piques my interest, so let's move on to banner grabbing to learn the software version or our choice of service.
Step 4 Banner Grabbing
For this, you can use the regular ol' telnet client. Telnet comes with Windows and most Linux distros:
telnet <host IP> <port banner to grab>
From this, I would learn which software version the service is running, then see if I can find a way to exploit it.
How Can I Protect Myself?
Luck for all of you lovely people, I recently made a tutorial on iptables, which will filter out unwanted connections. Also, disable any unnecessary programs that connect to the internet (remote administration, media sharing, etc).
Windows users, install Comodo firewall, it's incredible and uses a simple point and click installation, and will filter ports for you. It has great default settings and it is free.
Just updated your iPhone to iOS 18? You'll find a ton of hot new features for some of your most-used Apple apps. Dive in and see for yourself:
34 Comments
thnks my frnd the infrmat:°
do you have free hacker program ?
you are noob bitch the only noob say do u have hacker program
if u want to be hacker...
1 first get ICDL
2 learn more about c++
3 learn windows commands 7,8,xp
4 and also learn small lunix commands for nobody say to you im a hacker and tell you lunix commands and u dont it
exploits/pentest
5 if u used c++ you can make a hacker programm for you only or make a groupe .. use windows command and c++ lunix commands every thing
and upload it to your friends that know about ICDL or computer commands
i know the ip address of that computer i want to hack... lz tell me how can i...
i want to hack my frnd computer. he has given me a permission to hack his computer.
how do u down load it
Is there anyway you could post an after pic of the telnet service after you run it? PM me with it if you want
i do not get any banner after connecting to the host
and can not find where to put the username and password
hey did you get the answer for your question?
if yes please tell me why this keeps happening.
I've been dealing with the same thing for a while now
Morgan:
The banner will only appear if there is a web server running like IIS or Apache.
OTW
how to hack ip address ?
Omer:
Welcome to our community of hackers here at Null Byte!
Do you have BackTrack installed? If so, Metasploit is included and you can use it to hack.
OTW
hi, i dont if there's any related post about what i'm looking for but what if i want to access my home computer by another computer in another network.
Thanks anyway
Jessica:
If you enable RDP on your home computer you can access it remotely.
OTW
Here is an interesting scenario I need some help on. I upgraded a touchscreen laptop that had Windows 8.1 on it. The laptop was dropped a few months back and messed up the sensors in the screen but did not crack the screen. I found that if I remoted in with Remote Desktop, I could just disable the HID Compliant touchscreen service in the Device Manager and then I could use the laptop just fine. However, after upgrading to Windows 10 a couple of days ago, the HID touchscreen service was reloaded and I have only been able to physically access it once. (do to a break in the screen bouncing around everywhere) I disabled the HID touchscreen service once again and checked the "Allow Remote Access to Your Computer" settings as well as the firewall rules and all is set to allow remote access. Yet, I cannot access through RD. I have since, tried to find some backdoor options with metasploit etc, which led me to this site. (Very good and informative site by the way as I am a network admin specializing in CyberSecurity and always good to find new useful info). Any ideas on using Metasploit on Windows 10 to backdoor the target pc that is also Windows 10? Thanks
this site software is very wonder full.......
can someone help me please. somebody is hacking into our school network and shutting down our computers. we work on computers almost all the time and it is annoying us. a have basic knowledge on linux and i know java and c#. is there something i can do.
when i run the command it says:
Nmap done: 256 IP addresses (0 hosts up) scanned in 206.10 seconds
also.. what does the 24 in 'sudo nmap -sP 192.168.1.0/24' stands for??
thanks
First, is that your internal network, 192.168.1.0? If not, use an appropriate IP address range.
Second, the 24 in the command represents CIDR notation. It means look for all 255 IP addresses in the fourth octet of the IP address.
If none of this makes sense, you might want to read some of the basic networking tutorials here on Null Byte.
(thanks for the really fast response.
my internal network is '172.16.146.1' i used it but i still got 0 hosts up)
nvm, it started working. when i use telnet it says:
Trying 172.16.146.xxx...
Connected to 172.16.146.xxx.
Escape character is '^'.
what does it mean?
Occupy The Web.
I just wanted to ask you a question.
Here is the scenario,
I want to hack into someone's computer that is outside the network, (By outside I mean he lives far away) The only thing I know is his Pubic IP Address, Can I or Can I not Hack into my Victim computer?
If I can, then How? Any Guides Please?
Your Sincerely,
One of your Greenhorn Hackers. ;) ,
What you want to do sounds very illegal, especially for a white hat community. That's okay. As long as it's just a "scenario".
You can still hack a system outside of your network using portforwarding. Hope this helps! - Cameron
thats another very good idea too
just google how to hack computer using internet protocol address
thank you so much for information.....
So i've been getting hacked recently and I want to know If I can find out who's hacking me from my computer and hack them because they made it so I could't factory reset so I want to disable every thing on them as pay back
If none of this makes sense, you might want to read some of the basic networking tutorials here on Null Byte.
Just stumbled onto this article. The comments are...interesting.
Great article, though.
I am thinking we should create a group somewhere on the net so that we teach each other how to pentest because its big career boost these days.Companies are more and more interested in pentesters and i am one hell of the person who is interested in learning everything about pen test to help get pay rise........
Anybody interested in teaching me full pen testing should let me know asap.I am ready to lean I have achieved a lot with the Cisco certs but i want an upgrade in security pen testing
I am interesting in learning all the black hacks tricks and white hack tricks because that's the only way to defend an organization effectively. I want to learn everything so i need a mentor badly please
I need someone to chat with about the in's and out's of how this really works...... my douché backwash of a bf is lying to me about everything I think.... it is a very messed up and twisted situation i have going on atm..... any advice is greatly appreciated. ... please pm me if you are brave.... thanks ..... have a magnificent day/night!!
Sometimes I try and connect to the ports with netcat, but i never get a login prompt.
and if i do, how do i exploit it?
Another question, Let's say netcat returns me the version of the service, do i look it up on metasploit using the search command?
favery clear that`s nice
i did least step sudo nmap -p 1-65535 -T4 -A -v <target IP goes here>
now taking time 23 min 49%
and next telnet as you said ... but what next of telnet telnet <host IP> <port banner to grab> what do after this step ?
is there a way to do it on windows 7
Share Your Thoughts