How To: How Hackers Use Your IP Address to Hack Your Computer & How to Stop It

How Hackers Use Your IP Address to Hack Your Computer & How to Stop It

Your IP (Internet Protocol) address is your unique ID on the internet. It's synonymous with your home address. Anyone in the world can contact your computer through its IP address, and send a retrieve information with it.

I'm sure at one time or another you've heard that hackers can hack your computer via your IP address. This is one of the reasons proxies and anonymity services exist, to protect people from learning your IP address. So how are hackers using just an address to get into your computer and make your life hell?

Open ports. Your computer runs services like media sharing on what are called ports. A port is just an opening that a service uses as a communications endpoint. There are 65,535 total allocated ports in TCP/UDP. To exploit a service on a port, a hacker would banner grab for the software and version. After they learn that information, they would search sites like Packet Storm for known exploits to run against the service.

Today's Null Byte is going to demonstrate a simple "port scan" on local computer using Nmap, and teach how a hacker would exploit these services, as well as how to guard ourselves against it. This will be done under Linux, but Nmap is available for all platforms. If you can't figure out how to install it in Windows with the GUI installer (yeah, right), follow along using Cygwin.

Step 1 Download & Install Nmap

Bold words are commands that must be entered in a terminal emulator.

First, we must download Nmap, which is going to be our tool that we use for port scanning and information gathering:

    wget http://nmap.org/dist/nmap-5.51.tar.bz2

Now, extract the archive:

    tar -zxvf nmap-5.51.tar.bz2

Change to the newly made directory:

    cd <directory name>

This is the standard installation procedure:

   ./configure

   make && sudo make install

Nmap should now be installed!

Step 2 Scan for a Target

Let's scan a local computer. I'm going to use a website as an example, rather than a local computer. This is because my firewall is absolutely crazy, and filters out scans. Don't scan a remote computer with the intentions of doing bad deeds. This is for educational purposes only.

Start by mapping out your local network:

    sudo nmap -sP 192.168.1.0/24

That should return a list of hosts that are up for a port scan!

How Hackers Use Your IP Address to Hack Your Computer & How to Stop It

Step 3 Scan Your Individual Target

Out of the returned list of targets, pick one that you would like to scan for services. Let's do a full scan of all the TCP/UDP ports:

    sudo nmap -p 1-65535 -T4 -A -v <target IP goes here>

You should get something that looks like the following image:

How Hackers Use Your IP Address to Hack Your Computer & How to Stop It

As you can see, this target has MANY open ports. SSH piques my interest, so let's move on to banner grabbing to learn the software version or our choice of service.

Step 4 Banner Grabbing

For this, you can use the regular ol' telnet client. Telnet comes with Windows and most Linux distros:

    telnet <host IP> <port banner to grab>

From this, I would learn which software version the service is running, then see if I can find a way to exploit it.

How Can I Protect Myself?

Luck for all of you lovely people, I recently made a tutorial on iptables, which will filter out unwanted connections. Also, disable any unnecessary programs that connect to the internet (remote administration, media sharing, etc).

Windows users, install Comodo firewall, it's incredible and uses a simple point and click installation, and will filter ports for you. It has great default settings and it is free.

Photo by powtac

26 Comments

you are noob bitch the only noob say do u have hacker program
if u want to be hacker...

1 first get ICDL

2 learn more about c++

3 learn windows commands 7,8,xp

4 and also learn small lunix commands for nobody say to you im a hacker and tell you lunix commands and u dont it
exploits/pentest

5 if u used c++ you can make a hacker programm for you only or make a groupe .. use windows command and c++ lunix commands every thing

and upload it to your friends that know about ICDL or computer commands

i know the ip address of that computer i want to hack... lz tell me how can i...
i want to hack my frnd computer. he has given me a permission to hack his computer.

how do u down load it

Is there anyway you could post an after pic of the telnet service after you run it? PM me with it if you want

i do not get any banner after connecting to the host
and can not find where to put the username and password

Morgan:

The banner will only appear if there is a web server running like IIS or Apache.

OTW

how to hack ip address ?

Omer:

Welcome to our community of hackers here at Null Byte!

Do you have BackTrack installed? If so, Metasploit is included and you can use it to hack.

OTW

hi, i dont if there's any related post about what i'm looking for but what if i want to access my home computer by another computer in another network.

Thanks anyway

Jessica:

If you enable RDP on your home computer you can access it remotely.

OTW

Here is an interesting scenario I need some help on. I upgraded a touchscreen laptop that had Windows 8.1 on it. The laptop was dropped a few months back and messed up the sensors in the screen but did not crack the screen. I found that if I remoted in with Remote Desktop, I could just disable the HID Compliant touchscreen service in the Device Manager and then I could use the laptop just fine. However, after upgrading to Windows 10 a couple of days ago, the HID touchscreen service was reloaded and I have only been able to physically access it once. (do to a break in the screen bouncing around everywhere) I disabled the HID touchscreen service once again and checked the "Allow Remote Access to Your Computer" settings as well as the firewall rules and all is set to allow remote access. Yet, I cannot access through RD. I have since, tried to find some backdoor options with metasploit etc, which led me to this site. (Very good and informative site by the way as I am a network admin specializing in CyberSecurity and always good to find new useful info). Any ideas on using Metasploit on Windows 10 to backdoor the target pc that is also Windows 10? Thanks

this site software is very wonder full.......

can someone help me please. somebody is hacking into our school network and shutting down our computers. we work on computers almost all the time and it is annoying us. a have basic knowledge on linux and i know java and c#. is there something i can do.

when i run the command it says:
Nmap done: 256 IP addresses (0 hosts up) scanned in 206.10 seconds

also.. what does the 24 in 'sudo nmap -sP 192.168.1.0/24' stands for??

thanks

First, is that your internal network, 192.168.1.0? If not, use an appropriate IP address range.

Second, the 24 in the command represents CIDR notation. It means look for all 255 IP addresses in the fourth octet of the IP address.

If none of this makes sense, you might want to read some of the basic networking tutorials here on Null Byte.

(thanks for the really fast response.
my internal network is '172.16.146.1' i used it but i still got 0 hosts up)

nvm, it started working. when i use telnet it says:
Trying 172.16.146.xxx...
Connected to 172.16.146.xxx.
Escape character is '^'.

what does it mean?

Occupy The Web.
I just wanted to ask you a question.

Here is the scenario,

I want to hack into someone's computer that is outside the network, (By outside I mean he lives far away) The only thing I know is his Pubic IP Address, Can I or Can I not Hack into my Victim computer?

If I can, then How? Any Guides Please?

Your Sincerely,
One of your Greenhorn Hackers. ;) ,

What you want to do sounds very illegal, especially for a white hat community. That's okay. As long as it's just a "scenario".

You can still hack a system outside of your network using portforwarding. Hope this helps! - Cameron

thats another very good idea too

just google how to hack computer using internet protocol address

thank you so much for information.....

So i've been getting hacked recently and I want to know If I can find out who's hacking me from my computer and hack them because they made it so I could't factory reset so I want to disable every thing on them as pay back

  • is that your internal network, 192.168.1.0? If not, use an appropriate IP address range.
  • the 24 in the command represents CIDR notation. It means look for all 255 IP addresses in the fourth octet of the IP address.

If none of this makes sense, you might want to read some of the basic networking tutorials here on Null Byte.

Just stumbled onto this article. The comments are...interesting.
Great article, though.

Share Your Thoughts

  • Hot
  • Latest