|
Agent MadHatter
Mad as a Hatter



Registered: 07/23/09
Posts: 944
Last seen: 10 years, 7 months
|
Hacking Help..
#10995565 - 09/03/09 09:56 PM (14 years, 8 months ago) |
|
|
So as you may have read I have a bad virus...While I've taken a few ethical hacking course, I'm no pro.
This virus is so bad, It restarts my computer during movies, it closes word programs without saving, the person behind it has even sent me a 'server' message saying I can't download the anti virus I was downloading.
I've tried installing an anti virus, and it closes that before it finishes installing.
Well, I got a port scanner and a port listener, I found the port it is using (135) and I want to kill the port, then wait for him to re-connect and send him something.
I'm not sure what I would send, but I'd like some help. I'm thinking a brute force attack? But thats really basic and he probably will just fuck me over if I tried that.
How can I do what I want to?
-------------------- "May the long-time sun shine upon you And all love surround you And the clear light within you Guide your way home." "Its never too late to start beefing up your obituary"- The Most Interesting Man in the World
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,392
Last seen: 2 days, 21 hours
|
|
You should apologize to the hacker for not installing your security patches on time, causing him to waste his valuable time owning your system. You are lucky he isn't going to send you an invoice.
Reinstall your OS, install all security patches, run Secunia PSI, then hit the d00d in the eye with an electron.
|
Agent MadHatter
Mad as a Hatter



Registered: 07/23/09
Posts: 944
Last seen: 10 years, 7 months
|
|
I cant do that. I don't have the OS to install. I don't want to fuck with losing data, everything is encrypted so copying it and re copying it will lose it all, PLUS, I don't have the drivers.
-------------------- "May the long-time sun shine upon you And all love surround you And the clear light within you Guide your way home." "Its never too late to start beefing up your obituary"- The Most Interesting Man in the World
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,392
Last seen: 2 days, 21 hours
|
|
If you can hit the hacker in the head with a hammer, you won't need to spend time deactivating his backdoors.
|
shroommachine
Stranger


Registered: 01/03/05
Posts: 1,202
Loc: Florida
Last seen: 9 years, 10 months
|
|
Why would a person do this to you?
-------------------- And I said, I don't care if they lay me off either, because I told, I told Bill that if they move my desk one more time, then, then I'm, I'm quitting, I'm going to quit. And, and I told Don too, because they've moved my desk ...four times already this year and I used to be over by the window and I could see the squirrels, and they were merry, but then, they switched from the Swingline to the Boston stapler, but I kept my Swingline stapler because it didn't bind up as much and I kept the staples for the Swingline stapler and its not okay because if they take my stapler then I'll set the building on fire.
|
Agent MadHatter
Mad as a Hatter



Registered: 07/23/09
Posts: 944
Last seen: 10 years, 7 months
|
|
I'm not sure. But Alan, I can't do that because my lack of back up CDs and drivers.
Whats an easier way?
-------------------- "May the long-time sun shine upon you And all love surround you And the clear light within you Guide your way home." "Its never too late to start beefing up your obituary"- The Most Interesting Man in the World
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,392
Last seen: 2 days, 21 hours
|
|
Unplug the ethernet cable or if you have wireless, destroy the access point.
|
Agent MadHatter
Mad as a Hatter



Registered: 07/23/09
Posts: 944
Last seen: 10 years, 7 months
|
|
Dude, no disrespect but your really not fucking helping.
I NEED TO GET RID OF THE VIRUS. But I cannot lose the data on my harddrive and don't have the spare cash to buy a windows CD.
All I really want to know, is how to close a port, or how to re-send an attack through the port he is listening on/connected on, or just block him from attacking....
As long as my computer isn't fucked up really.
-------------------- "May the long-time sun shine upon you And all love surround you And the clear light within you Guide your way home." "Its never too late to start beefing up your obituary"- The Most Interesting Man in the World
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,392
Last seen: 2 days, 21 hours
|
|
1) Back up all your data to an external hard drive 2) Install Linux on your PC 3) Mount the external hard drive and use your data
Or
Snip your ethernet cable, install a large optical mirror to reflect attacks back to the source, wait until the little bastard attacks you again and watch the surprised look on his face when his data comes flying back at him at light speed.
|
Agent MadHatter
Mad as a Hatter



Registered: 07/23/09
Posts: 944
Last seen: 10 years, 7 months
|
|
Thank you
-------------------- "May the long-time sun shine upon you And all love surround you And the clear light within you Guide your way home." "Its never too late to start beefing up your obituary"- The Most Interesting Man in the World
|
AJ4U
Cloud N9ne



Registered: 09/06/06
Posts: 5,609
Loc: Dirty Jersey
Last seen: 13 years, 8 months
|
|
Quote:
Alan Rockefeller said: 1) Back up all your data to an external hard drive 2) Install Linux on your PC 3) Mount the external hard drive and use your data
Or
Snip your ethernet cable, install a large optical mirror to reflect attacks back to the source, wait until the little bastard attacks you again and watch the surprised look on his face when his data comes flying back at him at light speed.
--------------------
|
Prof. Astro
acirebma

Registered: 04/15/08
Posts: 4,084
Last seen: 6 months, 24 days
|
|
I hate hearing things like this. Simply go to your localhost on the router (192.168.1.1) go to port services and disable service on all ports that aren't needed for operation (ie 80 for internet 22 for ssh or is that 23 I can't remember).
Or do as he said and reformat with linux although you'll probably post in the tech forum about how hard linux is to use so just take it to a professional and stop CAPS LOCKING at people trying to help you.
--------------------
|
Agent MadHatter
Mad as a Hatter


Registered: 07/23/09
Posts: 944
Last seen: 10 years, 7 months
|
|
Prof. You don't think I tried closing my ports? After I saw the port he was on I closed them. But before I can even typing my routers page, my computer restarts.
-------------------- "May the long-time sun shine upon you And all love surround you And the clear light within you Guide your way home." "Its never too late to start beefing up your obituary"- The Most Interesting Man in the World
|
Prof. Astro
acirebma

Registered: 04/15/08
Posts: 4,084
Last seen: 6 months, 24 days
|
|
Reformat; use a live-cd and get whatever you need on a network. You have angered some bored nerd.
--------------------
|
tak
geo's henchman




Registered: 11/20/00
Posts: 3,776
Loc: nowhereland
|
|
Port 135 is windows RPC. If you think this is the source of the problem (very easily could be), then I recommend disconnecting from the internet before doing anything.
Go to start->run and type: services.msc. Find in the list: Remote Procedure Call, and stop the service.
As far as re-installing windows if you needed to, there are ways to extract your windows key from registry and then you could download a copy of a windows disc to burn. Drivers are all publicly available via manufacturers websites.
Are you the only computer attached to the router? Do you have your IP set up as the DMZ, because default settings should not allow someone from the internet access to your private ports.
As far as sending him data, etc. I do not exactly see how this is possible, unless you know exactly what he is doing and have access to the source code of his exploit...I wouldn't worry about that as much as keeping people out of your shit.
Let us know how it goes.
-------------------- The DJ's took pills to stay awake and play for seven days.
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,392
Last seen: 2 days, 21 hours
|
|
Quote:
Simply go to your localhost on the router (192.168.1.1) go to port services and disable service on all ports that aren't needed for operation (ie 80 for internet 22 for ssh or is that 23 I can't remember).
That is only half way effective because in order to use the internet, you need to let port 80 and 443 out. So the hackers / viruses often take their control commands via outbound port 80 and 443 requests, bypassing any filtering which may be in place.
Quote:
As far as sending him data, etc. I do not exactly see how this is possible, unless you know exactly what he is doing and have access to the source code of his exploit...
1) Install Wireshark and use it to find attackers source IP 2) Nmap attackers source IP, research vulnerabilities on each port that is open. 3) Compile and run exploits for each vulnerability to compromise the hackers source IP. Chances are that its an owned box, so it probably has multiple security holes. Metasploit will probably give you full access. 4) Run Wireshark on the source machine to find out the hackers real IP. 5) repeat steps 2 through 5 until you have complete control over the machine where the hacker is sitting. 6) Do whatever comes naturally at this point.
|
pacotaco
Stranger

Registered: 09/09/09
Posts: 9
Loc: Middle
Last seen: 10 years, 8 months
|
|
A few companies release anti virus boot cd images that you can download and boot to, for free.
I know of at least Kaspersky: http://devbuilds.kaspersky-labs.com/devbuilds/RescueDisk/
And Avira: http://www.avira.com/en/support/support_downloads.html
You just boot to the disc, so the virus on your system never even gets a chance to load.
|
johnnyblaze2316


Registered: 11/05/08
Posts: 3,138
Loc: West coast
|
|
Quote:
Alan Rockefeller said:
Snip your ethernet cable, install a large optical mirror to reflect attacks back to the source, wait until the little bastard attacks you again and watch the surprised look on his face when his data comes flying back at him at light speed.
|
Tripp420
What?



Registered: 06/17/08
Posts: 614
Loc: Northern Nevada
Last seen: 11 years, 3 months
|
|
DUDE... JUST REIMAGE... A WINDOWS CD COSTS NOTHING AS LONG AS YOUR COMPUTER CAME WITH ONE.... BUY AN EXTERNAL HARD DRVIE.... DECRYPT YOUR SHIT AND TRANSFER IT.... WIPE ALL DISK DATA... REINSTALL OS FROM SCRATCH....... TRANSFER DATA BACK..... WIPE ALL DATA ON EXTERNAL HARD DRIVE...... MAY TAKE SOME TIME....... BUT ITS WORTH IT.........
--------------------
|
fastfred
Old Hand



Registered: 05/17/04
Posts: 6,899
Loc: Dark side of the moon
|
Re: Hacking Help.. [Re: Tripp420]
#11047826 - 09/12/09 06:34 PM (14 years, 8 months ago) |
|
|
Stop typing in all caps retard.
|
|