Telnet: the Number One Hacker Tool

In this Guide you will learn: What is telnet? How to telnet How to get telnet accounts <begin11c.shtml> Why you might not want to telnet <begin11c.shtml> How to install a telnet server on your home Windows computer <begin11c.shtml> How to turn o a telnet server on your home !inu" computer <begin11d.shtml> How to e"plore computers using telnet <begin11d.shtml> Why not use a portscanner instead? <begin11 .shtml> How to brea# into web sites using telnet <begin11 .shtml>

$Where do I type that command?$ %eople as# that all the time when they read my early Guides to &mostly' Harmless Hac#ing. I wrote those guides bac# when the Internet was in its in ancy and almost everyone in cyberspace used telnet. However( nowadays you might never even hear about telnet( much less use it( unless you are a hac#er. )o i you are still wondering about telnet( today is your luc#y day.

What Is Telnet?
*elnet is a protocol that is most commonly used to log into a remote computer. It also is the single most power ul hac#ing tool on the planet. With +ust a telnet client program( you can: send email download source code rom web sites send une"pected input to webservers that can give you ama,ing and sometimes illegal results give arbitrary input to many other services on Internet host computers probe the services o ered by servers( routers and even people-s home computers.

How to Telnet
.on-t #now how to telnet? /lic# the easy telnet lin#s at happyhac#er.com and land in the middle o a real hac#er wargame0 *his should wor# regardless o your computer operating system 11 i you have an up to date browser( i your online service provider gives you a true Internet connection( and i your computer is able to telnet at all. .id those lin#s get you into a telnet session? Were you able to login to a remote computer? I yes( congratulations. I not( how can you i" the problem? I no telnet program appeared on your monitor when

you clic#ed these lin#s( perhaps your browser is too ancient to allow telnet. *ry installing the latest 2etscape browser &<http:33www.netscape.com3>'. 4r( perhaps your operating system does not include a telnet program. In that case( install or reinstall Windows 56 or 57. I you own a 8ac( get the superb 8ac 4) 9 or !inu" %%/ &<http:33www.linu"ppc.com3>'. I a telnet program came up and ailed to connect( possibly the computer you were trying to telnet into was down or +ust plain no longer in e"istence. 4r( you may be using :merica 4nline &or a similar e"tremely poor online service'. I so( your simplest solution may be to get a better online service provider. .etermined to hac# using :4!? )ee http:33happyhac#er.org3aol.shtml <..3aol.shtml> or some ways to ma#e :4! give you a true Internet connection. 4;( so you-ve managed to telnet or the irst time. %resumably you don-t want to limit yoursel to telnet lin#s on web sites. How do you telnet anywhere you want to go? I you have !inu" or any other type o <ni" &=).( )/4( )olaris( )un 4)( Iri"( <ltri"( etc.' telneting is easy. >ust bring up $console$ or $shell$ &or whatever your G<I calls the command line inter ace'. :t the prompt type: telnet <hostname or I% address>

More on Telnet: the Number One Hacker Tool

Windows ?@@@ wor#s pretty much li#e <ni". )ee Aigure 1 or an e"ample o a Win ?@@@ telnet login. 2ot shown on the screen was the command $telnet 1@.@[email protected]@$( which I gave at the /ommand &8)1.4)' prompt. Aigure 1: *elnet using Windows ?@@@ I you have Windows 56( 57 or 2*( to telnet( bring up the 8)1.4) prompt &)tart 11> %rograms 11> 8)1.4)'. /lic# $connect$ then $remote systemB$. In the host name bo" place the host name or I% address o the computer to which you wish to telnet. !eave the %ort and *erm *ype bo"es alone or now. Here is a really important point. Cvery day people email me complaining that some computer won-t let them telnet into it. *hey as# what they are doing wrong. *hey aren-t doing anything wrong: 8aybe the computer they are trying to reach no longer e"ists. 8aybe the computer they are trying to reach doesn-t allow telnet logins. Aor e"ample( whois.internic.net no longer allows telnet logins on port ?D &the de ault port'. /lic# here to learn how to telnet into whois.internic.net on the right port or that particular server. <..3whois.shtml> 8aybe a irewall is bloc#ing them. 4r maybe they ma#e a telnet connection and the remote computer as#s or a user name and password they don-t have. *hen they email me as#ing or how to get a login name and password that will wor#.

2ewbie note: *he owners or administrators o any Internet host computer decide who gets user names and passwords. =elieve it or not( about once a wee# someone emails me as#ing what user name and password their own online service provider has assigned them or a telnet login. *hat-s why I-m telling people the obvious 11 i you want to telnet into any computer( and you don-t have a user name and password( you must as# the owner( administrator o tech support or that system or a user name and password. I they won-t give that to you( they don-t want you to have it0 You can go to jail warning: If you guess the user name and password, or use a computer breakin technique to get or create them, or if someone other than an owner or administrator or a legitimate user on that system gives you a user name and password, it is against the law to use them. Many computer criminals give out user names and passwords that they obtained illegally.

More on Telnet: the Number One Hacker Tool How to Get Telnet Accounts
4;( so you want to get legal user names and passwords so you can telnet into other computers. Here are some o the best ways: )ee http:33happyhac#er.org3lin#s?.shtmlEshells <..3lin#s?.shtml> or organi,ations that will give you ree shell accounts. Fou can telnet into these. :s# Internet )ervice %roviders or shell accounts. )ome o er them( although most don-t. )et up a telnet server on your own computer &see instructions below'. Fes( once you are running a telnet server( you can telnet rom your computer bac# into your computer. )imply give the command $telnet 1?G.@[email protected]$. 8a#e riends with people who run Internet computers with telnet servers.

Why you May Not Want to Telnet

I you love your shell account server( don-t ever( ever telnet or tp into it. I recommend )sh or 4penssh or logging into remote computers? *he telnet &and tp' protocol is a $clear te"t$ transmission. *hat means that computer on the same !:2 as either Fou or your destination computer( or any computer on any !:2 or networ# path through which your connection passes can steal your login name( password or anything else that goes across your connection. )sh and 4pen)sh encrypt all communications so no one can snoop on you.

How to Install a Telnet Server on your Windows Computer

<sually you can-t telnet into a Windows home computer. *he reason is( they aren-t running telnet servers. Here-s how to get a telnet server on your home Windows computers so your riends and you can telnet in and play. Aor Windows 2*( the 4ptions %ac# includes a primitive telnet server. Aor Windows 5635732* and ?@@@( you also can install shareware or commercial telnet servers. /hec# out http:33www.win iles.com( or do a web search. 4 course installing a telnet server ma#es your computer vulnerable to all sorts o trouble

rom hac#ers. It-s your uneral( don-t come crying top me i a telnet visitor destroys your computer

More on Telnet: the Number One Hacker Tool How to Turn off a Telnet Server on your ni!"type Computer
I you go online with !inu" or other <ni"1type computer( a telnet server is the easiest way to ensure you get destroyed by a malicious hac#er. Here-s how to prevent this. 4n most o these( the ile 3etc3inetd.con launches most o your servers. Cdit the ile to put a $E$ in ront o the line that has telnet in it and either reboot your computer or #ill and restart inetd. I your computer doesn-t use inetd to launch services( you should be able to ind telnetd under 3etc3init.d. Install ssh instead and only use that to log into your shell account.

How to #!plore Computers sin$ Telnet

Cven i a computer doesn-t have a telnet server( there are lots o un and even legal things to do to it using telnet. *he easiest thing to do is e"tract $banners$ rom a victim computer. : banner is a message a computer will o ten give when you telnet to a port that is running an Internet server o some sort. Aor e"ample( most mail sending servers use port ?6. *o telnet to port ?6 rom Win ?@@@ or a <ni" shell( simply type: telnet <hostname or I% address> ?6 Windows 56( 57 and 2* ma#e it a tiny bit harder.

More on Telnet: the Number One Hacker Tool

I the victim computer is running a mail server( you will see something that loo#s li#e this: Whoa( loo# at that0 *he victim computer told us what operating system &Windows 2*' and mail server &8ercur' it runs0 : Huic# search o the =ugtraH archives at <http:33www.security ocus.com3> revealed horrid things a criminal could do to that 8ercur mail server. )ince I thin# it is more un to be nice( I told someone at the company using this mail server about the problems. He invited me to vacation at his beauti ul )wiss home( where he and his wi e #eep horses and ta#e long trail rides in the :lps. Golly( that is much more un than brea#ing into a computer0 Iight about now some elite ueberha"or, are probably reading this and saying $What a lamer 8einel is0 We can do the same thing by running nmap.$ *hey are right( you can learn the same things by running a port scanning program such as nmap &available at <http:33www.insecure.org3>'. However( I am Huite care ul about under what circumstances I run any port scanner. In order to get in ormation on what programs are running on what ports( you must run a port scanner in a mode that will probably convince the owner o the victim computer that you are a criminal. He or she may

persuade your online service provider to cancel your account. *he other reason to analy,e computers using telnet is that you learn more. It-s the di erence between eating at 8c.onalds and learning how to coo#.

More on Telnet: the Number One Hacker Tool

: Huic# search o the =ugtraH archives at <http:33www.security ocus.com3> revealed horrid things a criminal could do to that 8ercur mail server. )ince I thin# it is more un to be nice( I told someone at the company using this mail server about the problems. He invited me to vacation at his beauti ul )wiss home( where he and his wi e #eep horses and ta#e long trail rides in the :lps. Golly( that is much more un than brea#ing into a computer0 Iight about now some elite ueberha"or, are probably reading this and saying $What a lamer 8einel is0 We can do the same thing by running nmap.$ *hey are right( you can learn the same things by running a port scanning program such as nmap &available at <http:33www.insecure.org3>'. However( I am Huite care ul about under what circumstances I run any port scanner. In order to get in ormation on what programs are running on what ports( you must run a port scanner in a mode that will probably convince the owner o the victim computer that you are a criminal. He or she may persuade your online service provider to cancel your account. *he other reason to analy,e computers using telnet is that you learn more. It-s the di erence between eating at 8c.onalds and learning how to coo#.

How to %rea& into We' Sites sin$ Telnet

Fou don-t have to use a web browser to access iles on a web site. :ll you need to do is: telnet <victimcomputer> 7@ 4r speci y port 7@ in a Windows telnet. I you are using Windows 5635732*( whenever you are 24* logging into a telnet account( you should enable local echo. 4therwise whatever you type in &unless you are in a telnet account' will not show on the screen. *o enable local echo( clic# *erminal 11> %re erences 11> !ocal Ccho. )o how do you send stu bac# to the webserver? *ry this: GC* 3 H**%31.@ <your command here> What #inds o commands can you send? *he boo# Hac#proo ing Four 2etwor# <..3boo#store3general.shtml> &by Iyan Iussell o )ecurity ocus.com and )tance /unningham' suggests a un and harmless hac#. /reate and store a bogus coo#ie in the location on your web browser that stores coo#ies. &Aind it by searching or the ile $coo#ies.t"t$.' 2ame your bogus coo#ie something li#e $8y=ogus/oo#ie.$ *hen telnet to the victim webserver and give something li#e this command: GC* 3 H**%31.@ <ser1:gent: Have:=ogus/oo#ie*hisIs:>o#e 1?D.J

/oo#ie: 3K 8y=ogus/oo#ie *he Lberhac#er0 11 How to =rea# into /omputers <..3uberhac#er3inde".shtml> boo# details a number o serious attac#s you can per orm through sending unny input to a webserver. =asically( you need to learn how to write shell programs( and then ind ways to get them to be run by the webserver. I-m not going to e"plain them here( however. *hese attac#s( when carried out against a vulnerable webserver( are so easy that little #ids could do them( and I don-t want to be responsible or their behavior. It-s much harder or little #ids to get a hold o Iussell-s and my boo#s than it is or them to read this G*8HH on the Happy Hac#er website. )o are you dying to #now what to send a webserver in order to brea# into it( without having to buy a boo#? Here are some hints. How to do this will depend on what webserver it is( what operating system it runs on( whether its security wea#nesses have been i"ed( and whether the web designer has used things such as /ommon Gateway Inter ace &/GI' or )erver )ide Includes &))Is' that have wea#nesses in them. Fou will have to research these issues at Web sites that archive vulnerabilities and e"ploits such as <http:33www.security ocus.com3> and <http:33pac#estorm.securi y.com3>. Fou will need to study web site programming &H*8! 11 hyperte"t mar#up language( /GI and ))Is' and shell programming. Fou will need to learn webserver commands &documented at <http:33www.wD.org3hyperte"t3WWW3mar#up38ar#up.html>'. Fou will have to use your brain and be persistent. =ut at least i you come across a telnet e"ploit( now you #now the answer to the Huestion $where do I type that command?$