‘File and Printer Sharing’ Exploit

The easiest way of getting into other computer and getting access to its files is via “‘File and Printer Sharing’ Exploit”…
I’ll explain all the things in detail (as it is a step-by-step tutorial)
Files and Printer Sharing for Microsoft Clients is a feature of Windows which lets its users to Share Files and Printer over the Network. But hackers think differently, for them it’s the easiest way to get into a computer.
These are the steps that a hacker would take:

1. Get your IP.
2. Check for “File and Printer Sharing” vulnerability. By Going to Run/cmd.exe and typing: nbtstat [Ip address here] -N (it should be capital)…
3. He would get something like: (note that this command is “nbtstat -n” not “nbtstat [ip address] -N”, both command s are different. nbtstat -n tells about the Local Address)
4. The 2 digits in the <> brackets are Hex Codes of different services used…The Code to search for is <20> which means that “File and Printer Sharing” is enabled.
5. Once he knows that it is, then he can Get into the files and folders you have shared!
6. I’ll tell you to do that too.
   
   
7. Now what he would do is:Net view \\
8. He would get a response such as:Shared resources at \\ip_address
   Sharename??????????????????? Type?????????? Comment
   MY DOCUMENTS??? ? ? ? ? ? ? ? ? ? ? Disk
   TEMP??????????????????????? ? ? ? ? ? ? ? ? ? ?? Disk
   The command was completed successfully.
9. Now when he has got the list of shared resources, he could easily access them by using the “net use” command. Here’s what a ‘net use’ command would look like:
   Net use x: \\\MY DOCUMENTS
   
10. That’s it…The Hacker has got access to the “My Documents” Folder…

Now, when I have explained about the lack of security due to the “File and Printer Sharing”, I would also explain how to securify it in my next post…
Be back to check it soon or Subscribe to Hacker’s Lane RSS Feeds