Jump to content

NetBIOS Hacking


ArkNinja

Recommended Posts

Hello all,

I was looking into NetBIOS hacking, and attempted to do it on an XP Box, and I was successful to connect to it, and I had full samba control. Now I am wonder how this could do any damage, because as far as I could tell, you cannot execute programs with samba, so it is essentially like FTP. I was thinking you could maybe add something to the start-up folder in the Start Menu and have it execute something on system start up like spawning a shell or VNC access. I was wondering what all of your views on this.

./Ark

Link to comment
Share on other sites

Hello all,

I was looking into NetBIOS hacking, and attempted to do it on an XP Box, and I was successful to connect to it, and I had full samba control. Now I am wonder how this could do any damage, because as far as I could tell, you cannot execute programs with samba, so it is essentially like FTP. I was thinking you could maybe add something to the start-up folder in the Start Menu and have it execute something on system start up like spawning a shell or VNC access. I was wondering what all of your views on this.

./Ark

You might find this interesting: http://www.tazforum.thetazzone.com/viewtopic.php?t=3613

Link to comment
Share on other sites

You would be surprised how many systems are compromised by this, you can upload/download files to the computer without knowledge of the computer operator/owner. The only issue with it from a hackers perspective is that Microsoft (for once) made it secure by not allowing programs to be executed from within the Samba command line. What I did to see the potential of this is to upload a Windows Shortcut file to the C:\Documents and Settings\All Users\Start Menu\Programs\Startup folder and upload a backdoor to the drive and I pointed the shortcut to the backdoor so that on system startup it starts the backdoor. This means I have actual access to the machine, not just read/write access.

Link to comment
Share on other sites

You would be surprised how many systems are compromised by this, you can upload/download files to the computer without knowledge of the computer operator/owner. The only issue with it from a hackers perspective is that Microsoft (for once) made it secure by not allowing programs to be executed from within the Samba command line. What I did to see the potential of this is to upload a Windows Shortcut file to the C:\Documents and Settings\All Users\Start Menu\Programs\Startup folder and upload a backdoor to the drive and I pointed the shortcut to the backdoor so that on system startup it starts the backdoor. This means I have actual access to the machine, not just read/write access.

Well, I don't think anyone in 2009 is surprised by a netbios exploit, but I understand what you're saying :).

One thing I've done to protect myself is to dual home all of my machines, keeping a "local" VLAN and an "internet" VLAN, that way we can do file sharing and generally insecure things on our class A network, and just keep strictly TCP/IP on our class C network.

Link to comment
Share on other sites

The thing is that this 'feature' is enabled by default on XP and lower as far as I can tell (maybe Vista too), so there is a plethora of available targets for this, although you really would need to be on their network for this exploit to work due to the fact that I doubt anyone has the NetBIOS port forwarded. Pineapple anyone?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...