[Help] Hacking into Windows 2000 SP4

[Optovisc]

Hi guys, first of all I would like to say that I'm new to Linux and would appreciate any help you can offer me.

Currently I'm involved in a school project which requires me to remotely hack a Windows 2000 SP4 server on the same LAN to acquire an account with administrative rights. I have tried both Backtrack and Cain & Abel but so far I've only managed to figure out the local IP of the server and ports that are open on the server (25 80 135 139 443 445 1000 1026 1027 1028 6129). How should I proceed from there? Please help me. Thank you.

[lupin]

Well theres lots of things you could do, theres a veritable smorgasbord of attacky goodness on those ports you mentioned, but if you're new to this then the next thing Id suggest would be to run a vulnerability scanner against the system. OpenVAS, Nessus, Nexpose, etc. Run a nmap scan of the system and do service enumeration and run the scripts as well.

[Mr-Protocol]

Well you can always look into using Sysinternals suite for things. For example psexec suite. I use that to run my batch files remotely for forensic data gathering. With that I can get everything from Netstat information to a full memory image of the system sent to a LAN location.

[Archangel-Amael]

Hi guys, first of all I would like to say that I'm new to Linux and would appreciate any help you can offer me.

Currently I'm involved in a school project which requires me to remotely hack a Windows 2000 SP4 server on the same LAN to acquire an account with administrative rights. I have tried both Backtrack and Cain & Abel but so far I've only managed to figure out the local IP of the server and ports that are open on the server (25 80 135 139 443 445 1000 1026 1027 1028 6129). How should I proceed from there? Please help me. Thank you.

I think your school is setting you up for failure. Not that I believe any of this story but, I mean some teacher said "here is a win2k sp4 box. hack it" Without teaching or giving methods, tools, techniques or procedures to do so.
Horrible. I hope that you ask for your money back, and or transfer because at this rate you are wasting your time.

[thorin]

You should attempt version/service identification on all open ports. Then check secunia, mitre, etc to see what vulnerabilities affect those services.

[clutch]

I'm gonna have to agree with Amael and call big giant BS on this thread. If you needed to hack your school's box for a class, you would be asking your teacher for help, not these people.

I suggest finding yourself some seedy blackhat forum somewhere instead. Or just not fuxxing with your school's network. That's a good way to get expelled. Education is more important than you know.

[shamwave]

I agree with AA. If you really want to learn, Google MSFU. Your post is really sketchy, which could result in bannination by the admins/mods.

[skinnypuppy]

I too must agree with Archangel.Amael, clutch and shamwave (and to the rest who respond to this thread) . I am currently in school pursuing my degree in Network Security and haven't been asked to hack into anything nor would I look upon the class as anything worthwhile if I was told to do so without at least a solid understanding of operating systems, basic networking topology, study on the tools used for network penetration, etc. I would almost find it downright dangerous as a matter of fact.

Furthermore, I would expect help in doing a penetration test from my teacher and/or other peers around me. Granted, every school teaches in a different way, but I can honestly say that I don't know anybody that has gone to school and was told "Here's X machine on a lan, go attack it" If you were in a Network Security (or similar class) you should have already received the knowledge on what to look for and how to go about testing systems. If this is what you are learning in school, I seriously don't expect you to advance very far.