:

IP Command prompt
IP
IP
IP
Port Port
Scaning
Ping
:
.1
.2

 :
Hacker(1()
( Wacker(2 )
( Cracker(3 )
Preaker(4

Win 2000 & Linux .

.
TCP/IP.
C , HTML .
Win 2000 , Linux
.

 IP : Command prompt
: IP
.
: Command prompt cmd .
1.Start>Programs>Accessories>Command Prompt

2.Run>command or cmd

 IP :
:
-1 IE Toolbar
IP .

 IP:
Ping command prompt :
sazin.com
:
ping sazin.com ping www.sazin.com

 request timed out

IP .

: IP
persianweb.com Domian

. whois

whois -h magic 63.148.227.65

sazin.com resolves to 63.148.227.65
Trying whois -h whois.arin.net 63.148.227.65
Qwest Communications NET-QWEST-BLKS-2 (NET-63-144-0-0-1)
63.144.0.0 - 63.151.255.255
Neutron Digital Media Corp. QWST-63-148-224 (NET-63-148-224-01)
63.148.224.0 - 63.148.231.255
. IP
9

 IP :
cmd :
1.ipconfig
2.netstat -n

10

: ipconfig
:
: ip address IP

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 217.66.198.116
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 217.66.198.116

11

: Netstat -n
IP cmd
. Local Address
Active Connections

Proto
TCP
TCP
TCP
TCP
TCP

Local Address
217.66.198.116:2469
217.66.198.116:2471
217.66.198.116:2473
217.66.198.116:2474
217.66.198.116:2476

Foreign Address
State
64.58.76.177:80 ESTABLISHED
66.163.175.130:80 ESTABLISHED
212.73.194.143:80 ESTABLISHED
212.73.194.143:80 ESTABLISHED
212.73.194.136:80 SYN_SENT

12

 IP :
nestant n .
:
Foreign Address
State
66.163.173.77:5050 ESTABLISHED
66.218.75.149:80
LAST_ACK
212.234.112.74:5101 SYN_SENT

Local Address
195.219.176.126:1296
195.219.176.126:1341
195.219.176.126:1325

Proto
TCP
TCP
TCP

foreing address IP 5101

.

13

 Port Port :

.

.

25 E-mail .

14

Port Num
-------7
9
11
13
15
19
21
23
25
37
39

Service
------echo
discard
systat
daytime
netstat
chargen
ftp
telnet
smpt
time
rlp

Why it is phun!
---------------------------------------Host repearts what you type
Dev/null
Lots of info on users
Time and date at computers location
Tremendous info on networks
Pours out a stream of ASCII characters.
Transfers files
Where you log in.
Forge email
Time
Resource location

15

43
53
70
79
80
110
119
443
512
513

514
520

whois
domain
gopher
finger
http
pop
nntp
shttp
biff
rlogin
Who
shell
syslog
route

Info on hosts and networks

Nameserver
Out-of-date info hunter
Lots of info on users
Web server
Incoming email
Usenet news groups -- forge posts, cancels
Another web server
Mail notification
Remote login
Remote who and uptime
Remote command, no password used!
Remote system logging
Routing information protocol

16

 : Scaning
1.port scanning
IP IP
.
.
( NetscanTools Pro 2000 : winScan)...

2.IP Scanning
ip up down.
ip .
( ! )

17

 : Ping

IP Domain .
TCP/IP
.
cmd :

Ping ip-or-domain

18

19

yahoo

.

:
1.Back Door
2.Spoofing
3.Man in the Middel
4.TCP/IP Hijacking (Session Hijacking )
5.Replay
6.Smurfing
7.DNS Poisoning
8.Social Engineering
9.Birthday
10.Dictionary
11.Software Explotation
12.War Dialing
20

: Back Door

Back Door .

21

: Spoofing
.
:
.

22

: Man in the Middel

: TCP/IP Hijacking
TCP .

23

: Replay
sniffer
Replay .

: Smurfing
ICMP

24

: DNS Poisoning
DNS .

: Social Engineering



.

25

: Birthday
Birthday Brute-Force
:Brute force
.
:

.

26

: Dictionary
.

: Software Explotation
.
:
Service Pack Hotfix

27

: War Dialing

.

28

 :
( Buffer Overflow Expliots.1 )

.2 cgi-bin
.3 ( )

29

: Buffer Overflow Expliots

:
Code Red URL
IIS.

30

 : cgi-bin

.

:
URL :
http://app.com/proc.cgi?file=prod.xml
Proc.cgi
URL :
http://app.com/proc.cgi?file=../../etc/passwd
Proc.cgi
.
31

 :
.
:

:
<input type=hidden value=2149.38 >2149.38
2149.38

<Input Type=Hiddein Value=1.99>2149.38
1.99 !
32

.
.

33

 :
.1
.2 ( )
.3 .
.4 .

34

 :

9-0

!@#$%^&*)(_+|~={}[];<>?./

.

.
35

36