?? novell hacking for complete newbies.html
字號(hào):
properties too which I'll cover later. If you have this 'N' you are definitely
on a Novell network. However some mean Admins turn off the nice little 'N'.<br>
You can also right click on a network drive. A network drive is a directory
on a remote computer that has been made to look like a hard drive on your machine.
You'll find these in 'My Computer'. Right click on them. In this menu, there
will be several entries with the red 'N' next to them. Again this is a dead
give away that you are running on a Novell network.</p>
<p><b><font size="4"><a name="5"></a>Hmmmm..... I don't have an account. What
are the usual accounts and passwords and how do I find a valid account?</font></b></p>
<p> Well, there are quite a few standard user names and passwords that are used
on Novell networks. However not all of them are used and sometimes not one is
used. This list comes from the Netware Hack FAQ and I've found it to be quite
comprehensive :<br>
</p>
<table width="99%" border="0" cellspacing="2" cellpadding="2" align="center">
<tr>
<td valign="top"><b>Account </b></td>
<td><b> Purpose</b></td>
</tr>
<tr>
<td valign="top">PRINT </td>
<td>Attaching to a second server for printing</td>
</tr>
<tr>
<td valign="top">LASER </td>
<td>Attaching to a second server for printing</td>
</tr>
<tr>
<td valign="top">HPLASER</td>
<td>Attaching to a second server for printing</td>
</tr>
<tr>
<td valign="top">PRINTER </td>
<td>Attaching to a second server for printing</td>
</tr>
<tr>
<td valign="top">LASERWRITER </td>
<td>Attaching to a second server for printing</td>
</tr>
<tr>
<td valign="top">POST </td>
<td>Attaching to a second server for email</td>
</tr>
<tr>
<td valign="top">MAIL </td>
<td>Attaching to a second server for email</td>
</tr>
<tr>
<td valign="top">GATEWAY </td>
<td>Attaching a gateway machine to the server</td>
</tr>
<tr>
<td valign="top">GATE </td>
<td> Attaching a gateway machine to the server</td>
</tr>
<tr>
<td valign="top">ROUTER </td>
<td>Attaching an email router to the server</td>
</tr>
<tr>
<td valign="top">BACKUP </td>
<td>May have password/station restrictions (see below), used for backing up
the server to a tape unit attached to a workstation. For complete backups,
Supervisor equivalence is required.</td>
</tr>
<tr>
<td valign="top">WANGTEK </td>
<td>See BACKUP</td>
</tr>
<tr>
<td valign="top">FAX </td>
<td>Attaching a dedicated fax modem unit to the network</td>
</tr>
<tr>
<td valign="top">FAXUSER</td>
<td>Attaching a dedicated fax modem unit to the network</td>
</tr>
<tr>
<td valign="top">FAXWORKS </td>
<td>Attaching a dedicated fax modem unit to the network</td>
</tr>
<tr>
<td valign="top">TEST </td>
<td>A test user account for temp use</td>
</tr>
<tr>
<td valign="top">ARCHIVIST</td>
<td>Palidrome default account for backup</td>
</tr>
<tr>
<td valign="top">CHEY_ARCHSVR</td>
<td>An account for Arcserve to login to the server from from the console for
tape backup. Version 5.01g's password was WONDERLAND. Delete the Station
Restrictions and use SUPER.EXE to toggle this account and you have an excellent
backdoor.</td>
</tr>
<tr>
<td valign="top">ROOT </td>
<td>Found on Shiva LanRovers, gets you the command-line equiv of the AdminGUI.
By default, no password. A lot admins just use the AdminGUI and never set
up a password.</td>
</tr>
</table>
<p>Some of these are used quite a lot of the time. ROOT is a good example because
it also ties in with superuser access on Unix and Linux servers. Having a user
called root is quite common now. Accounts by the name 'Admin' , 'Administrator'
and 'Manager' are in common use to.</p>
<p><b>How do I find out if an account is valid?</b></p>
<p> This is surprisingly easy. Type in the username you are trying to check. Type
in any password unless you know it ( if you know the password then the account
is obviously valid) and press enter. You will likely get an error message back.
If the message says something on the lines of "Invalid password" or
"Unknown Error" followed by a number , it is a fair bet that the account
exists. If you get the Unknown Error message, it is likely that the account
is there but has been locked out. This is also a cunning way of locking out
someone's account who you don't like.</p>
<p><b><font size="4"><a name="6"></a>How do I lock out my enemies accounts?</font></b></p>
<p> Well, this is particularly easy to do. Most Admins for security have a limit
on how many times someone can login incorrectly before the account gets locked
out. This is usually set to 5 times. Here's how you do it.<br>
</p>
<ol>
<li>Type in your friend /enemies login name.</li>
<li>Put it an obviously wrong password. Anything will do.</li>
<li>Hit 'Enter'.</li>
<li>The computer should bounce back with an error about an invalid password.
This is what we want so keep going.</li>
<li>Repeat from stage three until the server comes back with an unknown network
error. </li>
</ol>
<p>Once you get the unknown network error, you have successfully locked out the
account. It won't work again until an admin manually unlocks it. This could
mean a disabled account for hours or even days. Snik snik!</p>
<p><b><font size="4"><a name="7"></a>Is there an easy way to get Admin access?</font></b></p>
<p>This only works on Netware 3.*. You use a program called NW-HACK.exe . A nice
little program that sits and waits till an Admin logs in and then creates a
nice account for you with super user access. You will be able to find this program
on the Internet but I'm not going to spend much time on it because it has a
full set of docs with the program itself.</p>
<p><b><font size="4"><a name="8"></a>What about the Net Plug attack?</font></b></p>
<p> This is an attack that I worked out myself before I was given Admin status.
It always works and I've yet to see it fail. Make sure you are at a windows
95 or 98 machine. I doubt NT would be fooled by this trick but I don't have
any NT machines so I can't test it for you.</p>
<p></p>
<p>Note : Most Admins, believe that they are the most knowledgeable about their
system. Many also believe that no one else knows much about computers. In other
words, for whatever reasons, they are not too concerned about us i.e. the idiots
attacking their servers. Why? Because we aren't good enough. So why waste valuable
time configuring security that won't be needed eh? I think I've made my point.
They don't see us as a threat. You don't consider a house spider a threat so
you don't go round putting up netting to keep them out. Why? You can't be bothered.
The same rule applies here. Even if you are a computer genius, play it dumb.
Admins like to lecture the uninitiated and would love to appear smarter than
you. This is the way you want it. The Admins will think you're a nice guy or
gal, totally harmless. This sometimes gives you more leverage because they like
you, they'll be willing to help you. They also won't expect you to launch a
huge assault on their servers either However sometimes there are some smart
people out there who will notice your talents and pull you over to their side.
This isn't a bad place to be and can be advantageous later.</p>
<p></p>
<p>First of all, login as yourself. Crash your computer and reset it . Walk over
to your favourite admin (the one that hates you most is the best choice ) and
apologise for being an idiot but the computer won't let you login and could
s/he please come and take a look for you. Mumbling and grumbling they'll come
over. The best way to test if it is the machine is for them to login. Of course,
they'll log in as an admin or equivalent. They'll check your account and see
that your account is fine. They'll tell you to log onto another machine and
your account will be okay. They'll now log off and walk off in disgust thinking
you are a computer moron. Not so my friend, we've just done them good and proper!<br>
Turn off the computer and pull out the network lead. Turn it back on again.
The computer will detect that you aren't on a network and will dump you at a
desktop with restrictions of the last user. If this user is the admin then chances
are that he or she will have full access to everything including DOS and drive
access. Perfect for installing all those really kewl programs you have on a
?? 快捷鍵說(shuō)明
復(fù)制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號(hào)
Ctrl + =
減小字號(hào)
Ctrl + -