The famous black ice firewall, I believe you warrior Diamondback they have heard of it! It is by virtue of its superior anti-black abilities and become dear Internet users friends travel home, surf the Internet essential good product. （As if in to it for advertising。。。。 Oh that we today refer to it, is not to teach you how to configure it, but use it to make a“scanner”in. Cut the crap, and start our invasion. In the black ice of the event, select a Tcp_Probe_NetBIOS event of the computer, just take a look at his information. In General, information on the more detailed, the other more likely to have a vulnerability, the invasion success rate is higher. Note down its IP .. 1 2 6. 2 1 4 normally are with yourself the same network, all in one campus network to within! in. The next big debut is the Pstools kit. First with psexec with the connection. We at the command line enter psexec\\.. 1 2 6. 2 1 4 -u administrator –p “” cmd.exe Here-u after the input is user name,-p after input of Login of the password, the here detected are generally adminstartor/empty token(If prompted login password error, you can use the Ntscan scan it) it.. Now we have partnered with it to establish a connection, in your own computer in the CMD use psloggedon to see who currently login to this PC, the input psloggedon\\ .. 1 2 6. 2 1 4 (There is no need to enter a user name and password,because the connection has been established, the same below), as shown in Figure 3, the small shadow I connected to is also displayed. Then use psinfo to see the Computer Configuration, the input psinfo –d\\.. 1 2 6. 2 1 4 The configuration is too General-like.
The computer's overall configuration we already know much, then take a look inside what some resources, maybe a movie library! （The fantasy of ing on your own computer to run the line in input\\.. 1 2 6. 2 1 4 \c$is. In his each disk in a circle, without the original fantasy in the movie library, there is no useful good stuff. Well, we take a look at each other in the Doing. Upload a radmin self-extracting Trojan, use psexec to get the CMD to run the Trojans are not at command, trouble! And use also rest assured that this get the CMD to run the file in the other computer running, and not at your own computer to run it. With netstat –an look at the ports opened. I'm here to open the is 7 7 6 0 port. OK, open up, we use a client connection. Forget it, are one and the same school, or informing him of it! In their computer to make a“hacked”picture. Uploaded to his launch bar, the specific location is the system disk:\ Documents and Settings\username\Start Menu\Programs\Startup. Then use the psshutdown tool to tell him a joke. Psshutdown –t 6 0 –r –m “because of the systems too you long you long ugly, and have the application restart.” \\ .. 1 2 6. 2 1 4 Mean system 6 0 seconds after the restart. So he after the restart you can see the“hacking”that picture. This does not directly put the picture on his desktop is because I do so too, but they did to me, vulnerability is still in it. The invasion ends, to summarize: 1. This invasion on their own and did not bother to find the target, but through the black ice get. Like this yourself crashing into the tree the rabbit was quite a bit, so sit back and wait method is still have the harvest of the 2. Here to give the chickens most of them are 2000professional edition of a very little part of the windows xp, this is because the installation 2000professional Edition system default for each disc as well as ipc$, admin$are shared. So here is a small shadow I remind 2000professional Edition user as soon as possible to remove the default share and ipc$share. 3. Here the invasion with the psexec tool to directly obtain each other's cmd, avoids the ipc$invasion when lengthy the invasion step, more suitable for novice friends to use.