Trong ví dụ này mình sẽ trình bày cho các bạn cách hack một Domain và ví dụ này thực hành với domain http://www.eaglehn.com
1. Kiểm tra Domain mình cần Hack
URL: http://centralops.net/co/DomainCheck.vbs.asp
CL: Nhập vào Domain eaglehn.com
TD: Kiểm tra xem Domain đã được đặt chưa
KQ: Nếu nhận được Taken là OK
CODE
Checking domain availability...
Results
from DNS: Taken.
from Whois: Taken.
conclusion: Taken. The domain has been registered. However, the registrant may offer it for sale.
Web site: http://www.eaglehn.com/
Whois output
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: EAGLEHN.COM
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Name Server: SJC001N.SERVER-DNS-US.COM
Name Server: BNE001N.SERVER-DNS.COM
Name Server: WIC001N.SERVER-DNS.COM.AU
Status: ACTIVE
Updated Date: 19-mar-2004
Creation Date: 19-mar-2004
Expiration Date: 19-mar-2009
>>> Last update of whois database: Mon, 17 May 2004 21:08:13 EDT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
-- end --
2. Tìm thông tin về IP của Domain đó
URL: http://www.hexillion.com/samples/AspLookup.asp
CL(Cách làm): Gõ vào www.eaglehn.com và bấm Go
TD(Tác dụng) Tìm kiếm IP của Domain đó
KQ: 203.147.131.65
CODE
canonical name www.eaglehn.com
aliases
addresses 203.147.131.65
3. Kiểm tra sự tồn tại của IP
URL: http://centralops.net/co/Ping.vbs.asp
CL: Gõ vào IP vừa thu được 203.147.131.65
TD: Kiểm tra xem IP đó có bị chặn bởi firewall không?
KQ: Con này rất ngon dùng làm ví dụ để hack
CODE
Pinging 203.147.131.65 [203.147.131.65] with 32 bytes of data...
Results
count ttl (hops) rtt (ms) from
1 42 220 203.147.131.65
2 42 220 203.147.131.65
3 42 221 203.147.131.65
4 42 220 203.147.131.65
5 42 220 203.147.131.65
Statistics
packets sent 5
received 5 100%
lost 0 0%
times (ms) min 220
avg 220
max 221
-- end --
URL: http://centralops.net/co/Ping.vbs.asp
CL: Gõ vào Domain cần kiểm tra eaglehn.com
TD: Kiểm tra xem xem IP trên có chính xác của Domain này không
KQ: Ok! Con này rất ngon dùng làm ví dụ để hack
CODE
Pinging eaglehn.com [203.147.131.65] with 32 bytes of data...
Results
count ttl (hops) rtt (ms) from
1 42 221 203.147.131.65
2 42 220 203.147.131.65
3 42 220 203.147.131.65
4 42 221 203.147.131.65
5 42 220 203.147.131.65
Statistics
packets sent 5
received 5 100%
lost 0 0%
times (ms) min 220
avg 220
max 221
-- end --
4. Kiểm tra xem máy chủ cung cấp Domain đó
URL: http://www.hexillion.com/samples/AspTcpQuery.asp
CL: Nhập vào Domain eaglehn.com
TD: Kiểm tra xem máy chủ phục vụ là Win, Unix, Mac ..
KQ: Red-Hat/Linux
CODE
Querying eaglehn.com [203.147.131.65]...
[begin response]
HTTP/1.1 302 Found
Date: Tue, 18 May 2004 08:50:54 GMT
Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 mod_perl/1.26
Location: http://eaglehnvn.info.ms/
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>302 Found</TITLE>
</HEAD><BODY>
<H1>Found</H1>
The document has moved <A HREF="http://eaglehnvn.info.ms/">here</A
P>
<HR>
<ADDRESS>Apache/1.3.27 Server at wic001x.server-web.com Port 80</ADDRESS>
</BODY></HTML>
[end response]
5. Dò đường đi từ gói tin
URL: http://centralops.net/co/Traceroute.vbs.asp
CL: Nhập vào IP thu được ở trên 203.147.131.65
TD: Dò đường đi từ gói tin đó từ server của centralops.net đến server cung cấp Domain cho eaglehn.com
Ghi chú: Sẽ dò đường gói tin từ centralops.net [216.46.246.238] đến 203.147.131.65 và bạn sẽ phải mất một bườc nữa để dò gói tin từ loclahost [127.0.0.1] đến centralops.net [216.46.246.238]
KQ:
CODE
Tracing route to 203.147.131.65 [203.147.131.65]...
hop rtt rtt rtt ip address domain name
1 10 0 0 216.46.228.229 port-216-3073253-es128.devices.datareturn.com
2 0 0 0 64.29.192.145 port-64-1949841-zzt0prespect.devices.datareturn.com
3 0 0 0 64.29.192.226 daa.g921.ispb.datareturn.com
4 0 0 0 209.246.152.201 ge-3-0-101.ipcolo2.dallas1.level3.net
5 0 0 0 4.68.112.185 so-5-1-0.bbr2.dallas1.level3.net
6 40 30 31 64.159.0.246 so-0-2-0.bbr2.losangeles1.level3.net
7 30 40 30 4.68.113.162 so-10-0.ipcolo2.losangeles1.level3.net
8 50 40 50 63.209.82.186 unknown.level3.net
9 40 50 40 203.208.168.217
10 40 50 40 203.208.168.229
11 40 50 40 203.208.168.122
12 191 200 200 203.208.148.102
13 210 211 230 202.139.124.86 ge-wan4-1.14vrc76f06.optus.net.au
14 211 220 210 61.88.151.10 webcentral.14vrc76f06.optus.net.au
15 210 210 211 203.147.255.106 vl5.mls2.wic.server-web.com
16 220 221 220 203.147.131.65 wic001x.server-web.com
Trace complete
-- end --
6. Dò đường đi từ gói tin
URL: http://www.hexillion.com/samples/AspAnalyzePath.asp
CL: Nhập vào IP thu được ở trên 203.147.131.65
TD: Dò đường đi từ gói tin đó từ server của hexgadets đến server cung cấp Domain cho eaglehn.com
GC: Sẽ dò đường gói tin từ www.hexillion.com [216.46.246.238] đến 203.147.131.65 và bạn sẽ phải mất một bườc nữa để dò gói tin từ loclahost [127.0.0.1] đếnwww.hexillion.com [216.46.246.238] sau đó đối chiều với cách dò đường đi của gói tin ở trên ..
KQ:
CODE
Collecting data on path to 203.147.131.65 [203.147.131.65]...
hop 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
rtt (ms) 0 0 0 0 0 30 40 50 40 50 40 201 210 220 210 221
rtt (ms) 0 0 0 0 0 30 30 40 50 40 50 200 211 220 210 221
rtt (ms) 0 0 0 0 0 30 40 40 50 40 50 200 211 210 210 221
rtt (ms) 0 0 50 0 0 40 30 40 50 40 50 200 211 220 210 221
rtt (ms) 0 0 0 0 0 40 30 50 40 50 40 200 220 211 210 220
median 0 0 0 0 0 30 30 40 50 40 50 200 211 220 210 221
delta/2 0 0 0 0 0 15 0 5 5 0 0 75 5 4 0 0
Graphing...
[216.46.246.233] es150
[216.46.228.229] port-216-3073253-es128.devices.datareturn.com
[64.29.192.145] port-64-1949841-zzt0prespect.devices.datareturn.com
[64.29.192.226] daa.g921.ispb.datareturn.com
[209.246.152.201] ge-3-0-101.ipcolo2.dallas1.level3.net
[4.68.112.185] so-5-1-0.bbr2.dallas1.level3.net
15 [64.159.0.246] so-0-2-0.bbr2.losangeles1.level3.net
[4.68.113.162] so-10-0.ipcolo2.losangeles1.level3.net
5 [63.209.82.186] unknown.level3.net
5 [203.208.168.217]
[203.208.168.229]
[203.208.168.122]
75 [203.208.148.102]
5 [202.139.124.86] ge-wan4-1.14vrc76f06.optus.net.au
4 [61.88.151.10] webcentral.14vrc76f06.optus.net.au
[203.147.255.106] vl5.mls2.wic.server-web.com
[203.147.131.65] wic001x.server-web.com
7. Tìm kiếm thông tin của về người sở hữu Domain đó
URL: http://www.hexillion.com/samples/AutoWhois.vbs.asp
CL: nhập vào tên Domain eaglehn.com và bấm Go
TD: Hiển thị thông tin của về người sở hữu Domain đó
KQ:
CODE
Querying whois.crsnic.net [198.41.3.54]...
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: EAGLEHN.COM
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Name Server: SJC001N.SERVER-DNS-US.COM
Name Server: BNE001N.SERVER-DNS.COM
Name Server: WIC001N.SERVER-DNS.COM.AU
Status: ACTIVE
Updated Date: 19-mar-2004
Creation Date: 19-mar-2004
Expiration Date: 19-mar-2009
>>> Last update of whois database: Mon, 17 May 2004 21:08:13 EDT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Querying whois.melbourneit.com [203.27.227.114]...
Domain Name.......... eaglehn.com
Creation Date........ 2004-03-20
Registration Date.... 2004-03-20
Expiry Date.......... 2009-03-20
Organisation Name.... Linda Wright
Organisation Address. 450 NY RT 369 L-7
Organisation Address.
Organisation Address. Port Crane
Organisation Address. 13833
Organisation Address. NY
Organisation Address. UNITED STATES
Admin Name........... Linda Wright
Admin Address........ 450 NY RT 369 L-7
Admin Address........
Admin Address........ Port Crane
Admin Address........ 13833
Admin Address........ NY
Admin Address........ UNITED STATES
Admin Email.......... khongminhtaithe@yahoo.com
Admin Phone.......... +1.6076488782
Admin Fax............
Tech Name............ Linda Wright
Tech Address......... 450 NY RT 369 L-7
Tech Address.........
Tech Address......... Port Crane
Tech Address......... 13833
Tech Address......... NY
Tech Address......... UNITED STATES
Tech Email........... khongminhtaithe@yahoo.com
Tech Phone........... +1.6076488782
Tech Fax.............
Name Server.......... bne001n.server-dns.com
Name Server.......... wic001n.server-dns.com.au
Name Server.......... sjc001n.server-dns-us.com
-- end --
8. Dùng để do thám thông tin của server cung cấp Domain
URL: http://centralops.net/co/NsLookup.vbs.asp
CL: Bạn hãy nhập vào tên Domain và 3 máy chủ cung cấp Domain bằng việc whois ở trên
Name Server: SJC001N.SERVER-DNS-US.COM
Name Server: BNE001N.SERVER-DNS.COM
Name Server: WIC001N.SERVER-DNS.COM.AU
TD: Do thám và đối chiếu các thông tin
KQ:
+ Với máy chủ SJC001N.SERVER-DNS-US.COM
CODE
SJC001N.SERVER-DNS-US.COM [204.176.184.35] returned an authoritative response in 50 ms: Answer records
name class type data time to live
eaglehn.com IN SOA server: localhost.server-dns.com
email: domainadmin@server-dns.com
serial: 2004032202
refresh: 900
retry: 300
expire: 604800
minimum ttl: 1800
1800s (30m)
eaglehn.com IN NS wic001n.server-dns.com.au 1800s (30m)
eaglehn.com IN NS bne001n.server-dns.com 1800s (30m)
eaglehn.com IN NS sjc001n.server-dns-us.com 1800s (30m)
eaglehn.com IN MX preference: 100
exchange: smtp3.bne.server-mail.com
1800s (30m)
eaglehn.com IN MX preference: 10
exchange: mail.eaglehn.com
1800s (30m)
eaglehn.com IN MX preference: 50
exchange: smtp.bne.server-mail.com
1800s (30m)
eaglehn.com IN A 203.147.131.65 1800s (30m)
Authority records
[none]
Additional records
name class type data time to live
bne001n.server-dns.com IN A 203.147.241.3 1800s (30m)
sjc001n.server-dns-us.com IN A 204.176.184.35 1800s (30m)
wic001n.server-dns.com.au IN A 203.147.142.1 1800s (30m)
mail.eaglehn.com IN A 202.139.235.79 1800s (30m)
smtp.bne.server-mail.com IN A 203.147.151.186 60s (1m)
smtp3.bne.server-mail.com IN A 203.147.151.183 60s (1m)
-- end --
+ Với máy chủ BNE001N.SERVER-DNS.COM
CODE
BNE001N.SERVER-DNS.COM [203.147.241.3] returned an authoritative response in 220 ms: Answer records
name class type data time to live
eaglehn.com IN SOA server: localhost.server-dns.com
email: domainadmin@server-dns.com
serial: 2004032202
refresh: 900
retry: 300
expire: 604800
minimum ttl: 1800
1800s (30m)
eaglehn.com IN NS wic001n.server-dns.com.au 1800s (30m)
eaglehn.com IN NS bne001n.server-dns.com 1800s (30m)
eaglehn.com IN NS sjc001n.server-dns-us.com 1800s (30m)
eaglehn.com IN MX preference: 100
exchange: smtp3.bne.server-mail.com
1800s (30m)
eaglehn.com IN MX preference: 10
exchange: mail.eaglehn.com
1800s (30m)
eaglehn.com IN MX preference: 50
exchange: smtp.bne.server-mail.com
1800s (30m)
eaglehn.com IN A 203.147.131.65 1800s (30m)
Authority records
[none]
Additional records
name class type data time to live
bne001n.server-dns.com IN A 203.147.241.3 1800s (30m)
sjc001n.server-dns-us.com IN A 204.176.184.35 1800s (30m)
wic001n.server-dns.com.au IN A 203.147.142.1 1800s (30m)
mail.eaglehn.com IN A 202.139.235.79 1800s (30m)
smtp.bne.server-mail.com IN A 203.147.151.186 60s (1m)
smtp3.bne.server-mail.com IN A 203.147.151.183 60s (1m)
-- end --
+ Với máy chủ WIC001N.SERVER-DNS.COM.AU
CODE
WIC001N.SERVER-DNS.COM.AU [203.147.142.1] returned an authoritative response in 211 ms: Answer records
name class type data time to live
eaglehn.com IN SOA server: localhost.server-dns.com
email: domainadmin@server-dns.com
serial: 2004032202
refresh: 900
retry: 300
expire: 604800
minimum ttl: 1800
1800s (30m)
eaglehn.com IN NS sjc001n.server-dns-us.com 1800s (30m)
eaglehn.com IN NS wic001n.server-dns.com.au 1800s (30m)
eaglehn.com IN NS bne001n.server-dns.com 1800s (30m)
eaglehn.com IN MX preference: 10
exchange: mail.eaglehn.com
1800s (30m)
eaglehn.com IN MX preference: 50
exchange: smtp.bne.server-mail.com
1800s (30m)
eaglehn.com IN MX preference: 100
exchange: smtp3.bne.server-mail.com
1800s (30m)
eaglehn.com IN A 203.147.131.65 1800s (30m)
Authority records
[none]
Additional records
name class type data time to live
bne001n.server-dns.com IN A 203.147.241.3 1800s (30m)
sjc001n.server-dns-us.com IN A 204.176.184.35 1800s (30m)
wic001n.server-dns.com.au IN A 203.147.142.1 1800s (30m)
mail.eaglehn.com IN A 202.139.235.79 1800s (30m)
smtp.bne.server-mail.com IN A 203.147.151.186 60s (1m)
smtp3.bne.server-mail.com IN A 203.147.151.183 60s (1m)
-- end --
9. Do tham thông tin về hòm thư của thằng Admin
URL: http://centralops.net/co/EmailDossier.vbs.asp
CL: khongminhtaithe@yahoo.com
TD: Kiểm tra server phục vụ mail và xem xét hòm thư đó còn hoạt động hay không
KQ:
CODE
Validating khongminhtaithe@yahoo.com...
Validation results
confidence rating: 3 - SMTP
The email address passed this level of validation
without an error. However, it is not guaranteed to be
a good address. more info
canonical address: <khongminhtaithe@yahoo.com>
MX records
preference exchange IP address (if included)
1 mx1.mail.yahoo.com [64.157.4.78]
1 mx2.mail.yahoo.com [67.28.114.32]
5 mx4.mail.yahoo.com [66.218.86.198]
SMTP session
[Contacting mx1.mail.yahoo.com [64.157.4.78]...]
[Connected]
220 YSmtp mta138.mail.sc5.yahoo.com ESMTP service ready
HELO hexillion.com
250 mta138.mail.sc5.yahoo.com
MAIL FROM:<HexValidEmail@hexillion.com>
250 sender <hexvalidemail@hexillion.com> ok
RCPT TO:<khongminhtaithe@yahoo.com>
250 recipient <khongminhtaithe@yahoo.com> ok
QUIT
221 mta138.mail.sc5.yahoo.com
[Connection closed]
-- end --
URL: http://www.hexillion.com/samples/ValidateEmail.asp
CL: khongminhtaithe@yahoo.com
TD: Kiểm tra server phục vụ mail và xem xét hòm thư đó còn hoạt động hay không
KQ:
CODE
Results
confidence rating: 3 - SMTP what this means
error: None
Address parts
local part: khongminhtaithe
domain: yahoo.com
extra text:
MX records
preference exchange IP address (if included)
1 mx1.mail.yahoo.com [64.156.215.8]
1 mx2.mail.yahoo.com [64.156.215.5]
5 mx4.mail.yahoo.com [66.218.86.197]
SMTP session
[Contacting mx1.mail.yahoo.com [64.156.215.8]...]
[Connected]
220 YSmtp mta298.mail.scd.yahoo.com ESMTP service ready
HELO hexillion.com
250 mta298.mail.scd.yahoo.com
MAIL FROM:<HexValidEmail@hexillion.com>
250 sender <hexvalidemail@hexillion.com> ok
RCPT TO:<khongminhtaithe@yahoo.com>
250 recipient <khongminhtaithe@yahoo.com> ok
QUIT
221 mta298.mail.scd.yahoo.com
[Connection closed]
10. Lây username và password của Domain
việc còn lại là tư duy của mỗi người nhận ra trong 9 bước trên để trafix domain lấy user và passworld qua box mail
chúc các bạn thành công
User: xxxxxxxx
Pass: xxxxxxxx
1. Kiểm tra Domain mình cần Hack
URL: http://centralops.net/co/DomainCheck.vbs.asp
CL: Nhập vào Domain eaglehn.com
TD: Kiểm tra xem Domain đã được đặt chưa
KQ: Nếu nhận được Taken là OK
CODE
Checking domain availability...
Results
from DNS: Taken.
from Whois: Taken.
conclusion: Taken. The domain has been registered. However, the registrant may offer it for sale.
Web site: http://www.eaglehn.com/
Whois output
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: EAGLEHN.COM
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Name Server: SJC001N.SERVER-DNS-US.COM
Name Server: BNE001N.SERVER-DNS.COM
Name Server: WIC001N.SERVER-DNS.COM.AU
Status: ACTIVE
Updated Date: 19-mar-2004
Creation Date: 19-mar-2004
Expiration Date: 19-mar-2009
>>> Last update of whois database: Mon, 17 May 2004 21:08:13 EDT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
-- end --
2. Tìm thông tin về IP của Domain đó
URL: http://www.hexillion.com/samples/AspLookup.asp
CL(Cách làm): Gõ vào www.eaglehn.com và bấm Go
TD(Tác dụng) Tìm kiếm IP của Domain đó
KQ: 203.147.131.65
CODE
canonical name www.eaglehn.com
aliases
addresses 203.147.131.65
3. Kiểm tra sự tồn tại của IP
URL: http://centralops.net/co/Ping.vbs.asp
CL: Gõ vào IP vừa thu được 203.147.131.65
TD: Kiểm tra xem IP đó có bị chặn bởi firewall không?
KQ: Con này rất ngon dùng làm ví dụ để hack
CODE
Pinging 203.147.131.65 [203.147.131.65] with 32 bytes of data...
Results
count ttl (hops) rtt (ms) from
1 42 220 203.147.131.65
2 42 220 203.147.131.65
3 42 221 203.147.131.65
4 42 220 203.147.131.65
5 42 220 203.147.131.65
Statistics
packets sent 5
received 5 100%
lost 0 0%
times (ms) min 220
avg 220
max 221
-- end --
URL: http://centralops.net/co/Ping.vbs.asp
CL: Gõ vào Domain cần kiểm tra eaglehn.com
TD: Kiểm tra xem xem IP trên có chính xác của Domain này không
KQ: Ok! Con này rất ngon dùng làm ví dụ để hack
CODE
Pinging eaglehn.com [203.147.131.65] with 32 bytes of data...
Results
count ttl (hops) rtt (ms) from
1 42 221 203.147.131.65
2 42 220 203.147.131.65
3 42 220 203.147.131.65
4 42 221 203.147.131.65
5 42 220 203.147.131.65
Statistics
packets sent 5
received 5 100%
lost 0 0%
times (ms) min 220
avg 220
max 221
-- end --
4. Kiểm tra xem máy chủ cung cấp Domain đó
URL: http://www.hexillion.com/samples/AspTcpQuery.asp
CL: Nhập vào Domain eaglehn.com
TD: Kiểm tra xem máy chủ phục vụ là Win, Unix, Mac ..
KQ: Red-Hat/Linux
CODE
Querying eaglehn.com [203.147.131.65]...
[begin response]
HTTP/1.1 302 Found
Date: Tue, 18 May 2004 08:50:54 GMT
Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 mod_perl/1.26
Location: http://eaglehnvn.info.ms/
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>302 Found</TITLE>
</HEAD><BODY>
<H1>Found</H1>
The document has moved <A HREF="http://eaglehnvn.info.ms/">here</A
P><HR>
<ADDRESS>Apache/1.3.27 Server at wic001x.server-web.com Port 80</ADDRESS>
</BODY></HTML>
[end response]
5. Dò đường đi từ gói tin
URL: http://centralops.net/co/Traceroute.vbs.asp
CL: Nhập vào IP thu được ở trên 203.147.131.65
TD: Dò đường đi từ gói tin đó từ server của centralops.net đến server cung cấp Domain cho eaglehn.com
Ghi chú: Sẽ dò đường gói tin từ centralops.net [216.46.246.238] đến 203.147.131.65 và bạn sẽ phải mất một bườc nữa để dò gói tin từ loclahost [127.0.0.1] đến centralops.net [216.46.246.238]
KQ:
CODE
Tracing route to 203.147.131.65 [203.147.131.65]...
hop rtt rtt rtt ip address domain name
1 10 0 0 216.46.228.229 port-216-3073253-es128.devices.datareturn.com
2 0 0 0 64.29.192.145 port-64-1949841-zzt0prespect.devices.datareturn.com
3 0 0 0 64.29.192.226 daa.g921.ispb.datareturn.com
4 0 0 0 209.246.152.201 ge-3-0-101.ipcolo2.dallas1.level3.net
5 0 0 0 4.68.112.185 so-5-1-0.bbr2.dallas1.level3.net
6 40 30 31 64.159.0.246 so-0-2-0.bbr2.losangeles1.level3.net
7 30 40 30 4.68.113.162 so-10-0.ipcolo2.losangeles1.level3.net
8 50 40 50 63.209.82.186 unknown.level3.net
9 40 50 40 203.208.168.217
10 40 50 40 203.208.168.229
11 40 50 40 203.208.168.122
12 191 200 200 203.208.148.102
13 210 211 230 202.139.124.86 ge-wan4-1.14vrc76f06.optus.net.au
14 211 220 210 61.88.151.10 webcentral.14vrc76f06.optus.net.au
15 210 210 211 203.147.255.106 vl5.mls2.wic.server-web.com
16 220 221 220 203.147.131.65 wic001x.server-web.com
Trace complete
-- end --
6. Dò đường đi từ gói tin
URL: http://www.hexillion.com/samples/AspAnalyzePath.asp
CL: Nhập vào IP thu được ở trên 203.147.131.65
TD: Dò đường đi từ gói tin đó từ server của hexgadets đến server cung cấp Domain cho eaglehn.com
GC: Sẽ dò đường gói tin từ www.hexillion.com [216.46.246.238] đến 203.147.131.65 và bạn sẽ phải mất một bườc nữa để dò gói tin từ loclahost [127.0.0.1] đếnwww.hexillion.com [216.46.246.238] sau đó đối chiều với cách dò đường đi của gói tin ở trên ..
KQ:
CODE
Collecting data on path to 203.147.131.65 [203.147.131.65]...
hop 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
rtt (ms) 0 0 0 0 0 30 40 50 40 50 40 201 210 220 210 221
rtt (ms) 0 0 0 0 0 30 30 40 50 40 50 200 211 220 210 221
rtt (ms) 0 0 0 0 0 30 40 40 50 40 50 200 211 210 210 221
rtt (ms) 0 0 50 0 0 40 30 40 50 40 50 200 211 220 210 221
rtt (ms) 0 0 0 0 0 40 30 50 40 50 40 200 220 211 210 220
median 0 0 0 0 0 30 30 40 50 40 50 200 211 220 210 221
delta/2 0 0 0 0 0 15 0 5 5 0 0 75 5 4 0 0
Graphing...
[216.46.246.233] es150
[216.46.228.229] port-216-3073253-es128.devices.datareturn.com
[64.29.192.145] port-64-1949841-zzt0prespect.devices.datareturn.com
[64.29.192.226] daa.g921.ispb.datareturn.com
[209.246.152.201] ge-3-0-101.ipcolo2.dallas1.level3.net
[4.68.112.185] so-5-1-0.bbr2.dallas1.level3.net
15 [64.159.0.246] so-0-2-0.bbr2.losangeles1.level3.net
[4.68.113.162] so-10-0.ipcolo2.losangeles1.level3.net
5 [63.209.82.186] unknown.level3.net
5 [203.208.168.217]
[203.208.168.229]
[203.208.168.122]
75 [203.208.148.102]
5 [202.139.124.86] ge-wan4-1.14vrc76f06.optus.net.au
4 [61.88.151.10] webcentral.14vrc76f06.optus.net.au
[203.147.255.106] vl5.mls2.wic.server-web.com
[203.147.131.65] wic001x.server-web.com
7. Tìm kiếm thông tin của về người sở hữu Domain đó
URL: http://www.hexillion.com/samples/AutoWhois.vbs.asp
CL: nhập vào tên Domain eaglehn.com và bấm Go
TD: Hiển thị thông tin của về người sở hữu Domain đó
KQ:
CODE
Querying whois.crsnic.net [198.41.3.54]...
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: EAGLEHN.COM
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Name Server: SJC001N.SERVER-DNS-US.COM
Name Server: BNE001N.SERVER-DNS.COM
Name Server: WIC001N.SERVER-DNS.COM.AU
Status: ACTIVE
Updated Date: 19-mar-2004
Creation Date: 19-mar-2004
Expiration Date: 19-mar-2009
>>> Last update of whois database: Mon, 17 May 2004 21:08:13 EDT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Querying whois.melbourneit.com [203.27.227.114]...
Domain Name.......... eaglehn.com
Creation Date........ 2004-03-20
Registration Date.... 2004-03-20
Expiry Date.......... 2009-03-20
Organisation Name.... Linda Wright
Organisation Address. 450 NY RT 369 L-7
Organisation Address.
Organisation Address. Port Crane
Organisation Address. 13833
Organisation Address. NY
Organisation Address. UNITED STATES
Admin Name........... Linda Wright
Admin Address........ 450 NY RT 369 L-7
Admin Address........
Admin Address........ Port Crane
Admin Address........ 13833
Admin Address........ NY
Admin Address........ UNITED STATES
Admin Email.......... khongminhtaithe@yahoo.com
Admin Phone.......... +1.6076488782
Admin Fax............
Tech Name............ Linda Wright
Tech Address......... 450 NY RT 369 L-7
Tech Address.........
Tech Address......... Port Crane
Tech Address......... 13833
Tech Address......... NY
Tech Address......... UNITED STATES
Tech Email........... khongminhtaithe@yahoo.com
Tech Phone........... +1.6076488782
Tech Fax.............
Name Server.......... bne001n.server-dns.com
Name Server.......... wic001n.server-dns.com.au
Name Server.......... sjc001n.server-dns-us.com
-- end --
8. Dùng để do thám thông tin của server cung cấp Domain
URL: http://centralops.net/co/NsLookup.vbs.asp
CL: Bạn hãy nhập vào tên Domain và 3 máy chủ cung cấp Domain bằng việc whois ở trên
Name Server: SJC001N.SERVER-DNS-US.COM
Name Server: BNE001N.SERVER-DNS.COM
Name Server: WIC001N.SERVER-DNS.COM.AU
TD: Do thám và đối chiếu các thông tin
KQ:
+ Với máy chủ SJC001N.SERVER-DNS-US.COM
CODE
SJC001N.SERVER-DNS-US.COM [204.176.184.35] returned an authoritative response in 50 ms: Answer records
name class type data time to live
eaglehn.com IN SOA server: localhost.server-dns.com
email: domainadmin@server-dns.com
serial: 2004032202
refresh: 900
retry: 300
expire: 604800
minimum ttl: 1800
1800s (30m)
eaglehn.com IN NS wic001n.server-dns.com.au 1800s (30m)
eaglehn.com IN NS bne001n.server-dns.com 1800s (30m)
eaglehn.com IN NS sjc001n.server-dns-us.com 1800s (30m)
eaglehn.com IN MX preference: 100
exchange: smtp3.bne.server-mail.com
1800s (30m)
eaglehn.com IN MX preference: 10
exchange: mail.eaglehn.com
1800s (30m)
eaglehn.com IN MX preference: 50
exchange: smtp.bne.server-mail.com
1800s (30m)
eaglehn.com IN A 203.147.131.65 1800s (30m)
Authority records
[none]
Additional records
name class type data time to live
bne001n.server-dns.com IN A 203.147.241.3 1800s (30m)
sjc001n.server-dns-us.com IN A 204.176.184.35 1800s (30m)
wic001n.server-dns.com.au IN A 203.147.142.1 1800s (30m)
mail.eaglehn.com IN A 202.139.235.79 1800s (30m)
smtp.bne.server-mail.com IN A 203.147.151.186 60s (1m)
smtp3.bne.server-mail.com IN A 203.147.151.183 60s (1m)
-- end --
+ Với máy chủ BNE001N.SERVER-DNS.COM
CODE
BNE001N.SERVER-DNS.COM [203.147.241.3] returned an authoritative response in 220 ms: Answer records
name class type data time to live
eaglehn.com IN SOA server: localhost.server-dns.com
email: domainadmin@server-dns.com
serial: 2004032202
refresh: 900
retry: 300
expire: 604800
minimum ttl: 1800
1800s (30m)
eaglehn.com IN NS wic001n.server-dns.com.au 1800s (30m)
eaglehn.com IN NS bne001n.server-dns.com 1800s (30m)
eaglehn.com IN NS sjc001n.server-dns-us.com 1800s (30m)
eaglehn.com IN MX preference: 100
exchange: smtp3.bne.server-mail.com
1800s (30m)
eaglehn.com IN MX preference: 10
exchange: mail.eaglehn.com
1800s (30m)
eaglehn.com IN MX preference: 50
exchange: smtp.bne.server-mail.com
1800s (30m)
eaglehn.com IN A 203.147.131.65 1800s (30m)
Authority records
[none]
Additional records
name class type data time to live
bne001n.server-dns.com IN A 203.147.241.3 1800s (30m)
sjc001n.server-dns-us.com IN A 204.176.184.35 1800s (30m)
wic001n.server-dns.com.au IN A 203.147.142.1 1800s (30m)
mail.eaglehn.com IN A 202.139.235.79 1800s (30m)
smtp.bne.server-mail.com IN A 203.147.151.186 60s (1m)
smtp3.bne.server-mail.com IN A 203.147.151.183 60s (1m)
-- end --
+ Với máy chủ WIC001N.SERVER-DNS.COM.AU
CODE
WIC001N.SERVER-DNS.COM.AU [203.147.142.1] returned an authoritative response in 211 ms: Answer records
name class type data time to live
eaglehn.com IN SOA server: localhost.server-dns.com
email: domainadmin@server-dns.com
serial: 2004032202
refresh: 900
retry: 300
expire: 604800
minimum ttl: 1800
1800s (30m)
eaglehn.com IN NS sjc001n.server-dns-us.com 1800s (30m)
eaglehn.com IN NS wic001n.server-dns.com.au 1800s (30m)
eaglehn.com IN NS bne001n.server-dns.com 1800s (30m)
eaglehn.com IN MX preference: 10
exchange: mail.eaglehn.com
1800s (30m)
eaglehn.com IN MX preference: 50
exchange: smtp.bne.server-mail.com
1800s (30m)
eaglehn.com IN MX preference: 100
exchange: smtp3.bne.server-mail.com
1800s (30m)
eaglehn.com IN A 203.147.131.65 1800s (30m)
Authority records
[none]
Additional records
name class type data time to live
bne001n.server-dns.com IN A 203.147.241.3 1800s (30m)
sjc001n.server-dns-us.com IN A 204.176.184.35 1800s (30m)
wic001n.server-dns.com.au IN A 203.147.142.1 1800s (30m)
mail.eaglehn.com IN A 202.139.235.79 1800s (30m)
smtp.bne.server-mail.com IN A 203.147.151.186 60s (1m)
smtp3.bne.server-mail.com IN A 203.147.151.183 60s (1m)
-- end --
9. Do tham thông tin về hòm thư của thằng Admin
URL: http://centralops.net/co/EmailDossier.vbs.asp
CL: khongminhtaithe@yahoo.com
TD: Kiểm tra server phục vụ mail và xem xét hòm thư đó còn hoạt động hay không
KQ:
CODE
Validating khongminhtaithe@yahoo.com...
Validation results
confidence rating: 3 - SMTP
The email address passed this level of validation
without an error. However, it is not guaranteed to be
a good address. more info
canonical address: <khongminhtaithe@yahoo.com>
MX records
preference exchange IP address (if included)
1 mx1.mail.yahoo.com [64.157.4.78]
1 mx2.mail.yahoo.com [67.28.114.32]
5 mx4.mail.yahoo.com [66.218.86.198]
SMTP session
[Contacting mx1.mail.yahoo.com [64.157.4.78]...]
[Connected]
220 YSmtp mta138.mail.sc5.yahoo.com ESMTP service ready
HELO hexillion.com
250 mta138.mail.sc5.yahoo.com
MAIL FROM:<HexValidEmail@hexillion.com>
250 sender <hexvalidemail@hexillion.com> ok
RCPT TO:<khongminhtaithe@yahoo.com>
250 recipient <khongminhtaithe@yahoo.com> ok
QUIT
221 mta138.mail.sc5.yahoo.com
[Connection closed]
-- end --
URL: http://www.hexillion.com/samples/ValidateEmail.asp
CL: khongminhtaithe@yahoo.com
TD: Kiểm tra server phục vụ mail và xem xét hòm thư đó còn hoạt động hay không
KQ:
CODE
Results
confidence rating: 3 - SMTP what this means
error: None
Address parts
local part: khongminhtaithe
domain: yahoo.com
extra text:
MX records
preference exchange IP address (if included)
1 mx1.mail.yahoo.com [64.156.215.8]
1 mx2.mail.yahoo.com [64.156.215.5]
5 mx4.mail.yahoo.com [66.218.86.197]
SMTP session
[Contacting mx1.mail.yahoo.com [64.156.215.8]...]
[Connected]
220 YSmtp mta298.mail.scd.yahoo.com ESMTP service ready
HELO hexillion.com
250 mta298.mail.scd.yahoo.com
MAIL FROM:<HexValidEmail@hexillion.com>
250 sender <hexvalidemail@hexillion.com> ok
RCPT TO:<khongminhtaithe@yahoo.com>
250 recipient <khongminhtaithe@yahoo.com> ok
QUIT
221 mta298.mail.scd.yahoo.com
[Connection closed]
10. Lây username và password của Domain
việc còn lại là tư duy của mỗi người nhận ra trong 9 bước trên để trafix domain lấy user và passworld qua box mail
chúc các bạn thành công
User: xxxxxxxx
Pass: xxxxxxxx
Không có nhận xét nào:
Đăng nhận xét