Wednesday, March 14, 2007

Some Basic Telnet

Telnet - A Tutorial to Telnet and Hacking

Now you may be looking at this going, "What the hell is Telnet?". If you are, don't worry, I'll explain everything. First of all, Telnet is software that allows you to connect to another Telnet Host.In windows systems Telnet is usually called Telnet32.exe or Telnet.exe. In newer versions of windows it is Telnet32.exe.
*** Note to Windows XP users: Don't go and get the old version of Telnet, because you have a DOS-Based one. I'll give commands along this guide so you can enjoy it too. You have to either run "Telnet" or "cmd" and then "Telnet".

Telnet is not illegal and is used by thousands of remote computers to interchange data, share connections, and do many other things that would be impossible without it.The default port for Telnet is port 23. When I say for instance, 'Connect to the sys' I am referring to connecting on the system's default port for Telnet. Sometimes you can't determine a port so you will have to port scan a sys to find the Telnet Ports.
Port 25 is the 'Sendmail Protocol' port. We will be dealing with this port as well.

Telnet Security
Because there are so many problems with Telnet today involving cyber crime and hacking, SysAdmins often restrict anonymous use of their sys's Telnet Proxies. This is cheap and can be bypassed easily.Most SysAdmins are amatures at what they do and make me laugh.They restrict the Telnet proxies on port 23 and think that we can't telnet to other ports such as 81 and 25 because we can't use the Telnet Proxy. Well they are wrong. We can easily do it and we will. Let me point out a system that has this and was not effective. I will star out the IP for privacy.

Welcome to Microsoft Telnet. Telnet32.exe.
o
202.232.**.**
connecting to 202.232.**.** 23 (The port number)
Connected.
Connection to host lost (unauthorized use of Telnet Proxy(ies).
o
202.232.**.** 25
Connecting to 202.232.**.** 25 (Watch this..)
Welcome to ********.net Sendmail Program. Welcome to all staff.
vrfy bin
..550
vrfy sys
..550
vrfy root
..550
vrfy admin
..550
vrfy games
..550
vrfy uucp
..550
q
..550
c
Connection to host lost on command.

Ok people is there a problem there? How many addys did I get? Am I supposed to have those? Do I care? No. I am just demonstrating how sh1tty Unix-System security is and how easy it is to use the Telnet Proxy to your advantage. Here, I wil list some commands for all of you running under DOS.

C - Close the Current Connection
D - Display the sys's operating paremeters
O - Connect to a host name (on default port 23) [port]
q - Quit (Exit Telnet).
Set- Set Options
Send - Send data/strings to server

Telnet, as you know so far, is a very useful tool for hackers. Hell, if you can't connect to a computer, you can't hack it. Its that simple.Now the best thing about Telnet is that virtually every Windows computer has it, comes with it, and is able to run it.
Things going wrong on hacking or telnet
I have a Windows 98 computer and I am running Telnet. It gives me a lot more options when connecting to a computer, and these commands don't go anywhere! What do I do? I get the hostname part and all that, just what does Term-Type mean?

Ok people, so many people have asked me this I'm ready to start getting an auto-flame response on my e-mail box LoL. Anyway, here goes:

Term Type means Terminal Type. It is the version of the Telnet Terminal that the host or server is running. You have to specify this, Telnet is not hacker-friendly.

In Windows 98/95/ME you are not running a DOS-Based version of Telnet. You get a client program, somewhat considered shit for me. I like the DOS based one and frankly, I find it a lot easier to use.
I can't connect to the host!
Well, the host either doesn't exist, does not support Telnet Packets or Connections, or is currently restricting proxy access or usage from your addy or all addresses. I went further than you because I thought I knew what I was doing! I got this message saying my hacking attempt was logged! Am I going to go to jail!?!?!

Don't worry, as long as its not with the extension .log or .hlog or .hacklog you're fine, as 95 percent of these messages are BS and lies.

IF THEY'RE LIES, how come they knew I was hacking them?

They don't. They simply search for incoming connections not recognized by the server. If the SysAdmins didn't modify the message, you would have gotten this:

"Error 229292: Data not recognized 8191: Distinct Remote Service Lost or Corrupt."

They just modified it. Breath in, breath out, relax.
My dad or mom found out I was hacking, and my dad's an expert on computers! He made it so I can't view anything on AOL. What the hell's going on! Give me a trick to evade this!

Sure thing. Connect to AOL, ping the site you're trying to view, and type in the IP address. You will get to the homepage, but this isn't that good a trick because you can't ping sub-addys and you're going to get text for the sub-urls. This might or might now work.
I was screwing around with my friends computer. I think I left my information somewhere, but where?

Usually, you have a critical system log. If you delete a system file (which unless you're 133t you'd NEVER EVER do) the computer's going to boot and give you a log of what happened before the deletion of the file so you know what went wrong. If you did happen to delete it, it will list something like "deletion from x.x.x.x. (your IP)". If it does, damn, you're busted. But there are ways of getting rid of this "hacker-knock out". First off, get a WAN-Controller, or any sort of program that lets you input screen or Hardware input by the output. This means you can control their computer with yours. But you can't boot this computer, because it will break the connection.

Access the log files usually in system or system32 (both system files located in C:/Windows or C:/). There, you will see encrypted sh1t. CTRL+A will select it all and delete it all. If you do delete this file, (after you do), try recovering the system file. WHATEVER YOU DO DON'T DO A SYSTEM RESTORE, YOU HAVE BEEN WARNED.
Some hacker has my IP and hacks it every time I log on. It's static, which means it doesn't change. How do I make him stop? I don't know what his IP is, either!

Go to start, run, "netstat -a". Hacking is almost equivalent to connecting, if he's hacking you your connected to him and he's connected to you. Netstat -a is a command that allows you to see all your connections to hosts and servers, associated with TCP/IP. If you see a hostname that you don't recognize, log it. In fact, click Print Screen, go to paint, CTRL+V, Crop the image of the DOS window for Netstat, and save it. That should be quite easy.