Windows XP ToolBox

Keep on Guard!


This a very old article based on my tiny document “WinDOS tools” which was for a short while on Blackcode, before it was shutdown… It was an article to impres my friends, but found some usefull stuff two when writing it… so let’s take a look at some “hidden” Windows XP programs…

MAC Address (getmac)
It seems that Windows has a miny tool usefull in finding out our mac address… So type getmac and your MAC(‘s) address(es) will appear in the console.

Net BIOS Status (Nbtstat)
Another information tool, probably you have heard about it when reading some old documentation about Windows hacking… For it to work there should be installed the NetBeUI protocol, type nbtstat to get the full cmd line parameters.

CAB Packer (makecab, extrac32)
Theres a small packing tool available under Windows, by the help of which you can compress any files, giving more often a better compresion… here is an example how to use this functionality:

makecab file.exe
extrac32 file.ex_

Finger
Not much to say about this program, because many of you have heard about it, just type it in the console and get all available options.

FTP
Windows has a simple file transfer protocol client, for those of you who don’t have installed Windows Commander, or work remotely on a computer and can not use your browser to download the file on the specific host.

Message (msg)
It does what is supposed to do, it sends messages to the specific host on your network, but there could be some configurations on your network which wouldn’t allow you to do it… anyway here is an example of use:

msg username-of-targeted-host /SERVER:hostname and here your message

Shares
If you are in a local network on which you often copy files from other shared folders on your network, than this will prove for you to be a big relief, because this way you could shortcut all the shares for faster access…

C:\>net view \\hostname

Shared resources at \\hostname

Share name Type Used as Comment
--------------------------------------------------------
DOWNLOAD Disk

C:\>net use Z: \\hostname\DOWNLOAD

--if no error then from this point you can access the share the following way:

C:\>Z:
Z:\>

Network status (netstat)
If you don’t have a firewall, or you just want to see all your network connections currently in use of listening, then you the command netstat (-a) and will print you all the info mentioned above.

Path Ping (pathping)
This little program is a hybrid between traceroute and ping, so as you might have guessed it not only pings the specific host, but also shows the route the data packet uses to reach it’s destination.

Remote TaskKill (tskill)
Yes you can kill processes on your network, only if the network is not well configured (seen it a couple of times). By this you could shutdown an antivirus program, a firewall, the explorer process (this sometimes may crash Windows), or any other program run by the specific hostname. The command is tskill, for example you could do something like this (which would close Internet Explorer):

tskill iexplore /server:target-hostname /a /v

Telnet
I mention this one because you do not have always to download PuTTY, just for a telnet/irc/smtp/etc. connection, you could use the Windows incorpored telnet program; of course is not as good as PuTTY, but it will do…

Conclusion
There is no conclusion, this was a time passing article (I was bored at my Informatix class, so I wrote this one)… maybe some of you will apreciate it, while other will not…

Posted in: Hacking Tools, Networking Hacking, Windows Hacking

, ,


Latest Posts:


BootStomp - Find Bootloader Vulnerabilities BootStomp – Find Android Bootloader Vulnerabilities
BootStomp is a Python-based tool, with Docker support that helps you find two different classes of bootloader vulnerabilities and bugs.
Google Chrome Marking ALL Non-HTTPS Sites Insecure July 2018 Google Chrome Marking ALL Non-HTTPS Sites Insecure July 2018
Google is ramping up its campaign against HTTP only sites and is going to mark ALL Non-HTTPS sites insecure in July 2018 with the release of Chrome 68.
altdns - Subdomain Recon Tool With Permutation Generation altdns – Subdomain Recon Tool With Permutation Generation
Altdns is a subdomain recon tool in Python that allows for the discovery of subdomains that conform to patterns. The tool takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdomains that you know of.
0-Day Flash Vulnerability Exploited In The Wild 0-Day Flash Vulnerability Exploited In The Wild
So another 0-Day Flash Vulnerability is being exploited in the Wild, a previously unknown flaw which has been labelled CVE-2018-4878 and it affects 28.0.0.137 and earlier versions
dorkbot - Command-Line Tool For Google Dorking dorkbot – Command-Line Tool For Google Dorking
dorkbot is a modular command-line tool for Google dorking, which is performing vulnerability scans against a set of web pages returned by Google search queries in a given Google Custom Search Engine.
USBPcap - USB Packet Capture For Windows USBPcap – USB Packet Capture For Windows
USBPcap is an open-source USB Packet Capture tool for Windows that can be used together with Wireshark in order to analyse USB traffic without using a Virtual Machine.


3 Responses to Windows XP ToolBox

  1. Darknet November 15, 2006 at 11:22 am #

    I don’t believe getmac is standard part of windows friend, or maybe only for XP Pro.

    C:\WINDOWS\system32>getmac
    ‘getmac’ is not recognized as an internal or external command,
    operable program or batch file.

    Nice article tho.

  2. Luke November 15, 2006 at 4:18 pm #

    Getmac is avaliable only in XP Pro. In fact there are quite a few very useful command line utilities that were stripped out of XP Home such as tasklist, taskkill and etc…

  3. backbone November 16, 2006 at 12:21 pm #

    sorry for the mistake, that meaning that all windows XP’s I touched were Pro…