Hi there,In today's guide, we'll talk about hacking NetBios. What is NetBIOS?
NetBIOS stands for Network
Basic Input Output System. In basic terms, it's responsible for managing the internal share of files and printers - but it's not limited to these functions. For the purpose of this guide, let's keep it simple. For anyone wanting more information about NetBios, you can find it on Microsoft's site: https://technet.microsoft.com/en-us/library/cc940063.aspx
By default, NetBios is running on ports: 139tcp, 138udp and 137udp. With NetBios, you can collect info like computer names, usernames, domain goups, etc: In the previous image, we see the attacking machine on the left (Windows 10) and the victim's machine on the right (Windows XP).We know that our victim has NetBios enabled and use the "nbtstat" command to uncover deeper info, including whether sharing is enabled.We look for a status code of <20>, which means means sharing is on:
With "net view" we can see what the victim is sharing:
We found a printer and a file called ShareDocs. Finally, let's use "net use" command to "import" the shared files to our system:
You'll see a comparative image of the 2 systems. You've successfully imported the shared files for further study. Thanks and please post your comments below!SaveSave