Showing posts with label network hack. Show all posts
Showing posts with label network hack. Show all posts

What is ip & what is public & private ip?

nternet Protocol (IP) addresses are usually of two types: Public and Private. If you have ever wondered to know what is the difference between a public and a private IP address, then you are at the right place. In this post I will try to explain the difference between a public and a private IP addres in layman’s terms so that it becomes simple and easy to understand.

What are Public IP Addresses?

A public IP address is assigned to every computer that connects to the Internet where each IP is unique. Hence there cannot exist two computers with the same public IP address all over the Internet. This addressing scheme makes it possible for the computers to “find each other” online and exchange information. User has no control over the IP address (public) that is assigned to the computer. The public IP address is assigned to the computer by the Internet Service Provider as soon as the computer is connected to the Internet gateway.

A public IP address can be either static or dynamic. A static public IP address does not change and is used primarily for hosting webpages or services on the Internet. On the other hand a dynamic public IP address is chosen from a pool of available addresses and changes each time one connects to the Internet. Most Internet users will only have a dynamic IP assigned to their computer which goes off when the computer is disconnected from the Internet. Thus when it is re-connected it gets a new IP.

You can check your public IP address by visiting www.whatismyip.com

What are Private IP Addresses?

An IP address is considered private if the IP number falls within one of the IP address ranges reserved for private networks such as a Local Area Network (LAN). The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private networks (local networks):

10.0.0.0 – 10.255.255.255 (Total Addresses: 16,777,216)
172.16.0.0 – 172.31.255.255 (Total Addresses: 1,048,576)
192.168.0.0 – 192.168.255.255 (Total Addresses: 65,536)

Private IP addresses are used for numbering the computers in a private network including home, school and business LANs in airports and hotels which makes it possible for the computers in the network to communicate with each other. Say for example, if a network X consists of 10 computers each of them can be given an IP starting from 192.168.1.1 to 192.168.1.10. Unlike the public IP, the administrator of the private network is free to assign an IP address of his own choice (provided the IP number falls in the private IP address range as mentioned above).

Devices with private IP addresses cannot connect directly to the Internet. Likewise, computers outside the local network cannot connect directly to a device with a private IP. It is possible to interconnect two private networks with the help of a router or a similar device that supports Network Address Translation.

If the private network is connected to the Internet (through an Internet connection via ISP) then each computer will have a private IP as well as a public IP. Private IP is used for communication within the network where as the public IP is used for communication over the Internet. Most Internet users with a DSL/ADSL connection will have both a private as well as a public IP.

You can know your private IP by typing ipconfig command in the command prompt. The number that you see against “IPV4 Address:” is your private IP which in most cases will be 192.168.1.1 or 192.168.1.2. Unlike the public IP, private IP addresses are always static in nature.

Unlike what most people assume, a private IP is neither the one which is impossible to trace (just like the private telephone number) nor the one reserved for stealth Internet usage. In reality there is no public IP address that is impossible to trace since the protocol itself is designed for transparency.
Owner prem singh 0 comments
Labels: ,

Netbios Tricks [ hack ]

THIS NETBIOS HACKING GUIDE WILL TELL YOU ABOUT HACKING REMOTE COMPUTER AND GAINING ACCESS TO IT’S HARD-DISK OR PRINTER. NETBIOS HACK IS THE EASIEST WAY TO BREAK INTO A REMOTE COMPUTER.

STEP-BY-STEP NETBIOS HACKING PROCEDURE

1.Open command prompt

2. In the command prompt use the “net view” command
( OR YOU CAN ALSO USE “NB Scanner” OPTION IN “IP TOOLS” SOFTWARE BY ENTERING RANGE OF IP ADDRESSS. BY THIS METHOD YOU CAN SCAN NUMBER OF COMPUTERS AT A TIME).

Example: C:\>net view \\219.64.55.112

The above is an example for operation using command prompt. “net view” is one of the netbios command to view the shared resources of the remote computer. Here “219.64.55.112″ is an IP address of remote computer that is to be hacked through Netbios. You have to substitute a vlaid IP address in it’s place. If succeeded a list of HARD-DISK DRIVES & PRINTERS are shown. If not an error message is displayed. So repeat the procedure 2 with a different IP address.

3. After succeeding, use the “net use” command in the command prompt. The “net use” is another netbios command which makes it possible to hack remote drives or printers.

Example-1:
C:\>net use D: \\219.64.55.112\F
Example-2:
C:\>net use G: \\219.64.55.112\SharedDocs
Example-3:
C:\>net use I: \\219.64.55.112\Myprint


NOTE: In Examples 1,2 & 3, D:,G: & I: are the Network Drive Names that are to be created on your computer to access remote computer’s hard-disk.


NOTE: GIVE DRIVE NAMES THAT ARE NOT USED BY ANY OTHER DRIVES INCLUDING HARD-DISK DRIVES, FLOPPY DRIVES AND ROM-DRIVES ON YOUR COMPUTER. THAT IS, IF YOU HAVE C: & D: AS HARD DIRVES, A: AS FLOPPY DIVE AND E: AS CD-DRIVE, GIVE F: AS YOUR SHARED DRIVE IN THE COMMAND PROMPT

F:,”SharedDocs” are the names of remote computer’s hard-disk’s drives that you want to hack. “Myprint” is the name of remote computer’s printer. These are displayed after giving “net use” command. “219.64.55.112″ is the IP address of remote computer that you want to hack.

4. After succeeding your computer will give a message that “The command completed successfully“. Once you get the above message you are only one step away from hacking the computer.

Now open “My Computer” you will see a new “Hard-Disk drive”(Shared) with the specified name. You can open it and access remote computer’s Hard-Drive. You can copy files, music, folders etc. from victim’s hard-drive. You can delete/modify data on victim’s hard-drive only if WRITE-ACCESS is enabled on victim’s system. You can access files/folders quickly through “Command Prompt”.

NOTE: If Remote Computer’s Firewall Is Enabled Your Computer Will Not Succeed In Gaining Access To Remote Computer Through Netbios. That is Netbios Hacking Is Not Possible In This Situation.(An Error Message Is Displayed). So Repeat The Procedure 2,3 With Different IP Address.
Owner prem singh 0 comments
Labels: ,

Methode To Detect Anonymous IP Addresses

http://whatismyipaddress.com/ip-lookupAs the fraudsters are now becoming more sophisticated in bypassing the Geo-location controls by using proxies (Anonymous IPs) to spoof their IP address, it has become very much necessary to come up with a means for detecting the proxies so that the authenticity of the users can be verified. Using a proxy (web proxy) is the simplest and easiest way to conceal the IP address of an Internet user and maintain the online privacy. However proxies are more widely used by online fraudsters to engage in cyber crimes since it is the easiest way to hide their actual Geo-location such as city/country through a spoofed IP address. Following are some of the examples where fraudsters use the proxies to hide their actual IP.

1. Credit Card Frauds

For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for which the billing address is associated with New York. Most credit card merchants use Geo-location to block orders from countries like Nigeria and other high risk countries. So in order to bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it appears to have come from New York. The IP address location appears to be legitimate since it is in the same city as the billing address. A proxy check would be needed to flag this order.


2. Bypass Website Country Restrictions

Some website services are restricted to users form only a selected list of countries. For example, a paid survey may be restricted only to countries like United States and Canada. So a user from say China may use a proxy so as to make his IP appear to have come from U.S. so that he can earn from participating in the paid survey.

Proxy Detection Services


So in order to stop such online frauds, Proxy Detection has become a critical component. Today most companies, credit card merchants and websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind and FraudLabs to detect the usage of proxy or spoofed IP from users participating online.

Proxy Detection web services allow instant detection of anonymous IP addresses. Even though the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs like AOL and MSN are forms of proxies and are used by both good and bad consumers.


How Proxy Detection Works?

Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy. Merchants can obtain the IP address of the users from the HTTP header on the order that comes into their website. This IP address is sent to the proxy detecting service in real time to confirm it’s authenticity.

The proxy detection services on the other hand compare this IP against a known list of flagged IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These proxy detection services work continuously to grab a list or range of IPs that are commonly used for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or spoofed IP.


How to Tell Whether a given IP is Real or a Proxy?

There are a few free sites that help you determine whether or not a given IP is a proxy. You can use free services like WhatisMyIPAddress to detect proxy IPs. Just enter the suspected IP in the field and click on “Lookup IP Address” button to check the IP address. If it is a suspected proxy then you will see the results something as follows.


Owner prem singh 1 comments
Labels: ,

Command-Line[DOS Hack] Programs for Intranets and the Internet 

NETSTAT.exe      TCP/IP Network Statistics

Displays protocol statistics and current TCP/IP network connections.
it has some optional commands also which could used with this program.
How to use:
NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r] [interval]

  -a         Displays all connections and listening ports.

  -e         Displays Ethernet statistics.  This may be combined with the
             -s option.

  -n         Displays addresses and port numbers in numerical form.

  -p proto   Shows connections for the protocol specified by proto; proto
             may be TCP or UDP.  If used with the -s option to display
             per-protocol statistics, proto may be TCP, UDP, or IP.

  -r         Displays the routing table.

  -s         Displays per-protocol statistics.  By default, statistics
             are shown for TCP, UDP and IP; the -p option may be used
             to specify a subset of the default.

  interval   Redisplays selected statistics, pausing interval seconds
             between each display.  Press CTRL+C to stop redisplaying
             statistics.  If omitted, netstat will print the current
             configuration information once. 
NOTE: I would recommend that you always use the '-a' parameter so you can see
 UDP 'listening ports' as well (often used by trojans), and not just the active TCP
 connections; then switch between using the '-a' and no parameters at all, to see the
 differences.  When you're offline, you normally shouldn't see any connection data! 
If you do see an OPEN PORT NUMBER 'listening' for a connection (using the '-a' parameter),
 it may be that your computer has been infected with a trojan!
----------------------------------------------------------------------
PING.exe
This Program is use to check any connection. If we are 
getting Reply from a connection than it is connected and working.
How To Use:
 
ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
            [-r count] [-s count] [[-j host-list] | [-k host-list]]
            [-w timeout] destination-list

Options:
    -t             Ping the specifed host until interrupted.
    -a             Resolve addresses to hostnames.
    -n count       Number of echo requests to send.
    -l size        Send buffer size.
    -f             Set "Don't Fragment" flag in packet.
    -i TTL         Time To Live.
    -v TOS         Type Of Service.
    -r count       Record route for count hops.
    -s count       Timestamp for count hops.
    -j host-list   Loose source route along host-list.
    -k host-list   Strict source route along host-list.
    -w timeout     Timeout in milliseconds to wait for each reply.
 
Note: There is a special Ip number every should know about
127.0.0.1 [localhost] this ip is our local ip number of each computer.
------------------------------------------------------------------------------------
TRACERT.exe
This Program will trace the complete route of any connected server or an service.
How To use it:
tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name

Options:
    -d                 Do not resolve addresses to hostnames.
    -h maximum_hops    Maximum number of hops to search for target.
    -j host-list       Loose source route along host-list.
    -w timeout         Wait timeout milliseconds for each reply.


Example:
C:\WINDOWS>tracert www.ucla.edu

Tracing route to www.ucla.edu [169.232.33.129]
over a maximum of 30 hops:

  1   141 ms   132 ms   140 ms  wla-ca-pm6.icg.net [165.236.29.85]
  2   134 ms   131 ms   139 ms  whv-ca-gw1.icg.net [165.236.29.65]
  3   157 ms   132 ms   143 ms  f3-1-0.lai-ca-gw1.icg.net [165.236.24.89]
  4   194 ms   193 ms   188 ms  a0-0-0-1.dai-tx-gw1.icg.net [163.179.235.61]
  5   300 ms   211 ms   214 ms  a1-1-0-1.ati-ga-gw1.icg.net [163.179.235.186]
  6   236 ms   237 ms   247 ms  a5-0-0-1.was-dc-gw1.icg.net [163.179.235.129]
  7   258 ms   236 ms   244 ms  163.179.243.205
  8   231 ms   233 ms   230 ms  wdc-brdr-03.inet.qwest.net [205.171.4.153]
  9   240 ms   230 ms   236 ms  wdc-core-03.inet.qwest.net [205.171.24.69]
 10   262 ms   264 ms   263 ms  hou-core-01.inet.qwest.net [205.171.5.187]
 11   281 ms   263 ms   259 ms  hou-core-03.inet.qwest.net [205.171.23.9]
 12   272 ms   229 ms   222 ms  lax-core-02.inet.qwest.net [205.171.5.163]
 13   230 ms   217 ms   230 ms  lax-edge-07.inet.qwest.net [205.171.19.58]
 14   228 ms   219 ms   220 ms  63-145-160-42.cust.qwest.net [63.145.160.42]
 15   218 ms   222 ms   218 ms  ISI-7507--ISI.POS.calren2.net [198.32.248.21]
 16   232 ms   222 ms   214 ms  UCLA--ISI.POS.calren2.net [198.32.248.30]
 17   234 ms   226 ms   226 ms  cbn5-gsr.calren2.ucla.edu [169.232.1.18]
 18   245 ms   227 ms   235 ms  www.ucla.edu [169.232.33.129]

Trace complete. 
-----------------------------------------------------------------
 
NBTSTAT.exe
It Will display protocol statics and current TCP/IP connection
 
How to Use:
NBTSTAT [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-s] [S]
        [interval]

  -a   (adapter status) Lists the remote machine's name table given its
                        name.
  -A   (Adapter status) Lists the remote machine's name table given its
                        IP address.

  -c   (cache)          Lists the remote name cache including the IP
                        addresses.

  -n   (names)          Lists local NetBIOS names.

  -r   (resolved)       Lists names resolved by broadcast and via WINS

  -R   (Reload)         Purges and reloads the remote cache name table

  -S   (Sessions)       Lists sessions table with the destination IP
                        addresses.

  -s   (sessions)       Lists sessions table converting destination IP
                        addresses to host names via the hosts file.

    RemoteName   Remote host machine name.
    IP address   Dotted decimal representation of the IP address.

    interval     Redisplays selected statistics, pausing interval seconds
                 between each display. Press Ctrl+C to stop redisplayin
statistics. 
-------------------------------------------------------------------------
ROUTE.exe

Manipulates network routing tables.

ROUTE [-f] [command [destination] [MASK netmask] [gateway]]

  -f      Clears the routing tables of all gateway entries.  If this is
          used in conjunction with one of the commands, the tables are
          cleared prior to running the command.

  command      Specifies one of four commands
 
                 PRINT     Prints a route
                 ADD       Adds a route
                 DELETE    Deletes a route
                 CHANGE    Modifies an existing route

  destination  Specifies the host to send command.

  MASK         If the MASK keyword is present, the next parameter is
        interpreted as the netmask parameter.

  netmask      If provided, specifies a sub-net mask value to be associated
        with this route entry.  If not specified, if defaults to
        255.255.255.255.

  gateway      Specifies gateway.

 All symbolic names used for destination or gateway are looked up in the
 network and host name database files NETWORKS and HOSTS, respectively.
 If the command is print or delete, wildcards may be used for the
 destination and gateway, or the gateway argument may be omitted.
 --------------------------------------------------------------------
 ARP.exe      Address Resolution Protocol
It displays & modifies the ip number in to a physical address translation
table used by address resolution protocol. 
ARP -s inet_addr eth_addr [if_addr]
ARP -d inet_addr [if_addr]
ARP -a [inet_addr] [-N if_addr]

 -a           Displays current ARP entries by interrogating the current
         protocol data.  If inet_addr is specified, the IP and Physical
         addresses for only the specified computer are displayed.  If
         more than one network interface uses ARP, entries for each ARP
         table are displayed.
 -g                             (Same as -a)

  inet_addr   Specifies an internet address.

 -N if_addr   Displays the ARP entries for the network interface
              specified by if_addr.

 -d           Deletes the host specified by inet_addr.

 -s        Adds the host and associates the Internet address inet_addr
         with the Physical address eth_addr.  The Physical address is
         given as 6 hexadecimal bytes separated by hyphens. The entry
         is permanent.

  eth_addr    Specifies a physical address.

   if_addr    If present, this specifies the Internet address of the
              interface whose address translation table should be
              modified.  If not present, the first applicable interface
              will be used.










Owner
prem singh


0
comments
























Labels:
,













        

      









Subscribe to:
Posts (Atom)