search for ccna answer

Sunday, March 23, 2008

EH Episode 1 :

Ethical Hacking Episode 1

Target : UTAR Print Server
Time : 21/03/2008
Mission : Print Free
Status : Fail !

Friday, it was a beautiful Friday! I din attend CSA class as I know if go there also wasting time.
It has 1 test and 1 assessment on that day!
Actually that day quite nervous for me...

Where can I go if not attend the class, seriously that is only 1 place can go, it is internet lab. I always spent my free time there. As a result, my internet lab time from 3000 left only 148 mins.(=.=)

In the lab, I did not use my student Id to log in but I prefer to use administrator to log in on the computer instead of log in to the UTAR domain. Why? It is simple , I expect the administrator of UTAR domain wont check out my identity while I am using administrator not student Id. :)

I decide to print out some documents at that time. Well, it is different if you using administrator privilege, you will not get the UTAR printer shortcut on your desktop. So, I need to find the printer myself...

I start to located the printer server, get it \\koa-server
second, ask my partner Calvin to help to get the ip of \\koa-server
Well, it is easy. Just using the ping in the command prompt.

After that, I try to start the Ip
--->In command Prompt
--->Start \\
It pop up 1 authentication window which ask you to input username and password ?
Opps, What is this all about ?
I was decided to give up that time, but unfortunately I get the username and password on my second guess! Haha.. how lucky was I :P
It is awesome!

--->nbtstat -a
Wow, that is great ! The pc had netbios opened!
As a result, I can easily get its C drive.
--->net use z: \\\c$
Ok. I had get the pc C drive on my computer. I quickly run through all the folder inside the c drive, that is 2 user which is administrator and koaserver. Then got many printer link inside, I test to open the printer task link, it is the printer that I looking for to print my documents.

While open the printer task list, I had found out something interesting, that is with the administrator privileges I can cancel the printer job which assign by other student! Wow, I am now be the GOD, I show to Calvin, but he said he can do too. Well, as a result, he cant managed to do as me.

Next step, I going to inject 2 type of Trojan to the pc. One is winvnc, another is red dragonfly server. Both Trojan provide remote control while the red dragonfly server provide file transfer.
--->at \\ 09:11 \interactive cmd \c "%systemroot%\ko3.exe"
--->Access Denied.
WTF? OMG...cant access ? Well.. finally I know what had happened.
--->sc \\ config schedule start =auto
I start the Task Scheduler on that computer.
After that, I thought can be AT...
--->at \\ 09:14 \interactive cmd \c "%systemroot%\ko3.exe"
--->Added a new job with job ID = 1
Then wait for 1 minutes. 1 minutes pass, while I try to connect to the computer with the VNC client. WTF? connection lost ? It can be ..
--->at \\
--->There are no entries in the list.
Haiz.. really cant get why it will fail.
Anyway, I had access the registry key on the computer to start the both Trojan when the computer start.

I still haven't check it out. Hopefully it will be sucess!
I want print free !!!

By Bluefiz
The Going Be Hacker Punya Hacker

No comments: