0P3N Blog Blog Post
Ready to Start Your Career?
Create Free Account
By: Chilico
June 13, 2016

Hacking NetBIOS

By: Chilico
June 13, 2016
By: Chilico
June 13, 2016
Hacking NetBIOS - CybraryHi there,In today's guide, we'll talk about hacking NetBios. What is NetBIOS?NetBIOS stands for Network Basic Input Output System. In basic terms, it's responsible for managing the internal share of files and printers - but it's not limited to these functions. For the purpose of this guide, let's keep it simple. For anyone wanting more information about NetBios, you can find it on Microsoft's site: https://technet.microsoft.com/en-us/library/cc940063.aspx By default, NetBios is running on ports: 139tcp, 138udp and 137udp. With NetBios, you can collect info like computer names, usernames, domain goups, etc: In the previous image, we see the attacking machine on the left (Windows 10) and the victim's machine on the right (Windows XP).We know that our victim has NetBios enabled and use the "nbtstat" command to uncover deeper info, including whether sharing is enabled.We look for a status code of <20>, which means means sharing is on:Screenshot2.png With "net view" we can see what the victim is sharing:Screenshot3.pngWe found a printer and a file called ShareDocs. Finally, let's use "net use" command to "import" the shared files to our system:Screenshot5.pngYou'll see a comparative image of the 2 systems. You've successfully imported the shared files for further study. Thanks and please post your comments below!SaveSave

Do you like to write about your infosec knowledge, skills, opinions, or exploits?

Blog Icon

Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry