Hacking NetBIOS

June 13, 2016 | Views: 12093

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hi there,

In today’s guide, we’ll talk about hacking NetBios.

 

What is NetBIOS?

NetBIOS stands for Network Basic Input Output System. In basic terms, it’s responsible for managing the internal share of files and printers – but it’s not limited to these functions. For the purpose of this guide, let’s keep it simple. For anyone wanting more information about NetBios, you can find it on Microsoft’s site: https://technet.microsoft.com/en-us/library/cc940063.aspx

 

By default, NetBios is running on ports: 139tcp, 138udp and 137udp. With NetBios, you can collect info like computer names, usernames, domain goups, etc:

Screenshot.png

In the previous image, we see the attacking machine on the left (Windows 10) and the victim’s machine on the right (Windows XP).
We know that our victim has NetBios enabled and use the “nbtstat” command to uncover deeper info, including whether sharing is enabled.
We look for a status code of <20>, which means means sharing is on:

Screenshot2.png

 

With “net view” we can see what the victim is sharing:

Screenshot3.png

We found a printer and a file called ShareDocs.

 

Finally, let’s use “net use” command to “import” the shared files to our system:

Screenshot5.png

You’ll see a comparative image of the 2 systems. You’ve successfully imported the shared files for further study.

 

Thanks and please post your comments below!

Save

Save

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
21 Comments
  1. The real danger of NetBios traffic regarding security is that this protocoll is neither signed nor encrypted. Therefore, that might offer the possibility that faked browserlists etc. could inject malware to your clients/ servers or redirect them to faked servers.
    Beside this Netbios presents a great deal of important information of your environment to an attacker who has simple access to your network.
    Last but not least, most people using Netbios have installed the WINS service on some of their Domaincontrollers as well. WINS is a Windows component which has been outdated for years and should be regarded all but secure.

  2. At best, you could TRY to call this, exploitation of a shared folder setup by a moron. This article doesnt belong here.

  3. This is not a hack, this is how windows is designed to work, this does not bypass any security protocol or any firewall. All you have done is use the command line to find and map a shared folder to a drive letter. This could have been done easier and quicker using the GUI.

    This should not be titled as a hack, the title should be revised to, “How to map a shared drive using command prompt”

  4. great work

Page 3 of 3«123
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel