Jump to content

Bat File Question


ethicalHacker
 Share

Recommended Posts

Well if you are in a networking class you should be able to figure out why it doesn't work. Firewalls, wrong IP's, so on.

When I took my network forensics course we had to make our own scripts to remotely pull volatile data from any remote machine. We had to do this for XP and Vista/7. We created our own batch files and used sysinternals suite of tools to remotely get the data we wanted.

In order to access any remote system, Webserver/remote desktop/ftp/whatever, there needs to be a service running on the destination so you can talk to it.

It is like if you try to call a house on a land line and they have no phone plugged in at the house.

Edited by Mr-Protocol
Link to comment
Share on other sites

IF there are known vulnerabilities in the system, then you could use something like metasplot to spawn a reverse shell and execute services and programs remotely. There are also tools to help you trick a person at the remote machine into clicking or visiting a site that can exploit their browser and do the same thing. In some instances, just getting them to view a webpage will be all you need to execute commands on the remote machine, but that requires social engineering someone into clicking a link or opening a site in a vulnerable browser.

Edited by digip
Link to comment
Share on other sites

Link to comment
Share on other sites

I believe Null Sessions only worked on Windows 2000 and XP prior to SP1 (read and write access). In XP Sp2 and later, Server 2003, it only gave read access, and that has been patched against too I think. Depends on the OS and patch level.

Edited by digip
Link to comment
Share on other sites

I believe Null Sessions only worked on Windows 2000 and XP prior to SP1 (read and write access). In XP Sp2 and later, Server 2003, it only gave read access, and that has been patched against too I think. Depends on the OS and patch level.

Yes you are correct, but if you know the local administrator account details for that particular machine you are trying to attack, you could pretty much own the machine, using the method I mentioned. What do you think?

Link to comment
Share on other sites

Yes you are correct, but if you know the local administrator account details for that particular machine you are trying to attack, you could pretty much own the machine, using the method I mentioned. What do you think?

net use command with a null session if even works only gives you read access though. If you have the admin pass, then your pretty much going to be able to own the machine anyway and that wouldn't be a null session, that would be a real logged on session, depending on how you logged in, either via the domain or such if its on one, or RDP if its setup on the machine.

There was a bat script I created that if someone at a remote machine clicked and ran locally it would not only turn on Terminal Services and RDP services, but also added an admin user to the system with a password of my choosing, which in his case could do the trick but he would have to get someone with local admin rights on a machine to run it. At one point I had it working in an Internet Explorer exploit as well, but that required 1, a system not patched against the exploit, and 2, for the user to view the page in a vulnerable version of Internet Explorer which would execute upon viewing the page.

Social engineering someone will probably be more effective than any physical attack unless you really know everything there is about your target network, OS's and vulns they have.

Edited by digip
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...