ethicalHacker Posted September 4, 2010 Share Posted September 4, 2010 How can i execute batch file in another pc? my both pc is running windows 7 and my wifi is connect to public network. so i cant access to file sharing folder. i want to execute the file in my another pc without any notification. Sorry if i ask at wrong section. Quote Link to comment Share on other sites More sharing options...
Sparda Posted September 4, 2010 Share Posted September 4, 2010 Rubber ducky can do this... sort of. Quote Link to comment Share on other sites More sharing options...
ethicalHacker Posted September 4, 2010 Author Share Posted September 4, 2010 Rubber ducky is need to plug it in to that pc first. but now i want to execute that file in PC2 using PC1 without touching that PC2. can i do this? or must use file sharing? Quote Link to comment Share on other sites More sharing options...
Sparda Posted September 4, 2010 Share Posted September 4, 2010 You would need access to service that the PC provides in order to run it remotely. Quote Link to comment Share on other sites More sharing options...
ethicalHacker Posted September 4, 2010 Author Share Posted September 4, 2010 it means if the pc have block file sharing and remote access then there is no way to doing thing i want. right? Quote Link to comment Share on other sites More sharing options...
Sparda Posted September 4, 2010 Share Posted September 4, 2010 If all remote services have been disabled/blocked there is pretty much nothing you can do. The rubber ducky would still work, and you can do some browser autopwn. Quote Link to comment Share on other sites More sharing options...
ethicalHacker Posted September 4, 2010 Author Share Posted September 4, 2010 because today i just learn about trojan. in class is local network so it works. i try at home when i close file sharing and remote access then it cant works anymore. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted September 4, 2010 Share Posted September 4, 2010 (edited) Well if you are in a networking class you should be able to figure out why it doesn't work. Firewalls, wrong IP's, so on. When I took my network forensics course we had to make our own scripts to remotely pull volatile data from any remote machine. We had to do this for XP and Vista/7. We created our own batch files and used sysinternals suite of tools to remotely get the data we wanted. In order to access any remote system, Webserver/remote desktop/ftp/whatever, there needs to be a service running on the destination so you can talk to it. It is like if you try to call a house on a land line and they have no phone plugged in at the house. Edited September 4, 2010 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
ethicalHacker Posted September 5, 2010 Author Share Posted September 5, 2010 if the pc have enable the firewall and disable the file sharing. do i hav any chance to write a script to disable the firewall and enable the file sharing? Quote Link to comment Share on other sites More sharing options...
digip Posted September 5, 2010 Share Posted September 5, 2010 (edited) IF there are known vulnerabilities in the system, then you could use something like metasplot to spawn a reverse shell and execute services and programs remotely. There are also tools to help you trick a person at the remote machine into clicking or visiting a site that can exploit their browser and do the same thing. In some instances, just getting them to view a webpage will be all you need to execute commands on the remote machine, but that requires social engineering someone into clicking a link or opening a site in a vulnerable browser. Edited September 5, 2010 by digip Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted September 6, 2010 Share Posted September 6, 2010 Try performing a Null Share Attack. http://technofriends.in/2008/10/09/underst...ession-attacks/ Quote Link to comment Share on other sites More sharing options...
digip Posted September 6, 2010 Share Posted September 6, 2010 (edited) Try performing a Null Share Attack. http://technofriends.in/2008/10/09/underst...ession-attacks/ I believe Null Sessions only worked on Windows 2000 and XP prior to SP1 (read and write access). In XP Sp2 and later, Server 2003, it only gave read access, and that has been patched against too I think. Depends on the OS and patch level. Edited September 6, 2010 by digip Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted September 6, 2010 Share Posted September 6, 2010 I believe Null Sessions only worked on Windows 2000 and XP prior to SP1 (read and write access). In XP Sp2 and later, Server 2003, it only gave read access, and that has been patched against too I think. Depends on the OS and patch level. Yes you are correct, but if you know the local administrator account details for that particular machine you are trying to attack, you could pretty much own the machine, using the method I mentioned. What do you think? Quote Link to comment Share on other sites More sharing options...
digip Posted September 7, 2010 Share Posted September 7, 2010 (edited) Yes you are correct, but if you know the local administrator account details for that particular machine you are trying to attack, you could pretty much own the machine, using the method I mentioned. What do you think? net use command with a null session if even works only gives you read access though. If you have the admin pass, then your pretty much going to be able to own the machine anyway and that wouldn't be a null session, that would be a real logged on session, depending on how you logged in, either via the domain or such if its on one, or RDP if its setup on the machine. There was a bat script I created that if someone at a remote machine clicked and ran locally it would not only turn on Terminal Services and RDP services, but also added an admin user to the system with a password of my choosing, which in his case could do the trick but he would have to get someone with local admin rights on a machine to run it. At one point I had it working in an Internet Explorer exploit as well, but that required 1, a system not patched against the exploit, and 2, for the user to view the page in a vulnerable version of Internet Explorer which would execute upon viewing the page. Social engineering someone will probably be more effective than any physical attack unless you really know everything there is about your target network, OS's and vulns they have. Edited September 7, 2010 by digip Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.