**************************** windows open file share hack **************************** Intro: Ive typed a text like this before but it was lost in a hardrive crash, and it seems im known for doing this to the people that piss me off. So heres my little disclaimer: im not responsable for what you do , or what happens to someone ( or yourself) for using this information in fact, dont read this, close it right now, its your problem for using tactics like this againts a poor defensless soul, shame on you, hacking of any form is bad...yyeeaahh.. What You Need: You need a computer that can handle running nbtstat and most of the "net" commands. And of course, an active internet connecton.. As well as a version of MS DOS... oh, and a victim. Getting the IP Address: Most of the time people ask me about the open file share hack on IRC, so most of the time its rather easy to get someone IP, especially from IRC ( unless they are using a shell ). If you cant get it from IRC, find out if they use something like ICQ. Have them message you, you message them back, than click start/run /command. When in the command prompt type "netstat" and look for a raw IP address that is connected to you on a odd looking port, that is most liley the ICQ connection. If you have other ways of getting the IP, do so in any way you feel fit. So You Got The IP: Ok you got your IP, so open up the command promt again ( start/run/command ) And type nbtstat -A THEIPADDRESS . If they are running open file share it should come up with some looklikg like this. NetBIOS Remote Machine Name Table Name Type Status ------------------------------------------ c: <20> Unique Registered A: <00> Unique Registered D: <00> Unique Registered MAC ADDRESS = 00-92-27-74-76-5A OK, SO WHATS ALL THIS MEAN??!!!!??!! Heres the easy way, I will tell you only the things that matter in this The Name: the driver or share name that you may or maynot be able to connect to. It is followed by a hex code, <20> means open share name, ( AKA able to be connected to )... easy.. huh? I got My <20>... Now What??: Well keeping in mind that you still have the IP ( if not just go back and get it again, not too hard. Now the tricky part that seems to confused people, and i really dont know why.. All you have to do is type: net use x: //IPADDRESS/SHARENAME ( so for this machine it would be: net use x: //4.22.110.110/C ) ( x is the name of the new drive being created to your computer, it can be other letters, heh.. dont worry ) Now it should have said " Command Completed Successfully, or something along those lines. Now, just change directories in the x: ( cd x: ) and type dir.. and see what your victim is running. Problems? Sometimes they will be passworded, you can give up or try to brute force it by .. well.. guessing. Another error is Host Not Found, this means the person either has no open files shares or has NetBIOS completely uninstalled ( or they dont run windows. ) Other will say things like not responding, or not accessable, this is usually becuase of a firewall. So have fun, dont get yourself in jail for being dumb.. thats about all till next time. Lucid Phreak2000.com