Regional : Asia Pacific : Finally! Free and Fullfledged gprs using Airtel Prepaid(India)
>
New Topic
>
Reply<
Esato Forum Index
>
Regional >
Asia Pacific
> Finally! Free and Fullfledged gprs using Airtel Prepaid(India)
Bookmark topic
day 1 with bsnl and i hacked bsnl
http://thakur.dheeraj.googlepages.com/hackpart2.JPG
http://thakur.dheeraj.googlepages.com/hack.JPG
i took 3 print outs
data one portal server
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL : Input from list of hosts/networks
-iR : Choose random targets
--exclude : Exclude hosts/networks
--excludefile : Exclude list from file
HOST DISCOVERY:
-sL: List Scan - simply list targets to scan
-sP: Ping Scan - go no further than determining if host is online
-P0: Treat all hosts as online -- skip host discovery
-PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery to given ports
-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
-n/-R: Never do DNS resolution/Always resolve [default: sometimes]
--dns-servers : Specify custom DNS servers
--system-dns: Use OS's DNS resolver
SCAN TECHNIQUES:
-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
-sU: UDP Scan
-sN/sF/sX: TCP Null, FIN, and Xmas scans
--scanflags : Customize TCP scan flags
-sI : Idlescan
-sO: IP protocol scan
-b : FTP bounce scan
PORT SPECIFICATION AND SCAN ORDER:
-p : Only scan specified ports
Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080
-F: Fast - Scan only the ports listed in the nmap-services file)
-r: Scan ports consecutively - don't randomize
SERVICE/VERSION DETECTION:
-sV: Probe open ports to determine service/version info
--version-intensity : Set from 0 (light) to 9 (try all probes)
--version-light: Limit to most likely probes (intensity 2)
--version-all: Try every single probe (intensity 9)
--version-trace: Show detailed version scan activity (for debugging)
OS DETECTION:
-O: Enable OS detection (try 2nd generation w/fallback to 1st)
-O2: Only use the new OS detection system (no fallback)
-O1: Only use the old (1st generation) OS detection system
--osscan-limit: Limit OS detection to promising targets
--osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
Options which take are in milliseconds, unless you append 's'
(seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
-T[0-5]: Set timing template (higher is faster)
--min-hostgroup/max-hostgroup : Parallel host scan group sizes
--min-parallelism/max-parallelism : Probe parallelization
--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout : Specifies
probe round trip time.
--max-retries : Caps number of port scan probe retransmissions.
--host-timeout : Give up on target after this long
--scan-delay/--max-scan-delay : Adjust delay between probes
FIREWALL/IDS EVASION AND SPOOFING:
-f; --mtu : fragment packets (optionally w/given MTU)
-D : Cloak a scan with decoys
-S : Spoof source address
-e : Use specified interface
-g/--source-port : Use given port number
--data-length : Append random data to sent packets
--ip-options : Send packets with specified ip options
--ttl : Set IP time-to-live field
--spoof-mac : Spoof your MAC address
--badsum: Send packets with a bogus TCP/UDP checksum
OUTPUT:
-oN/-oX/-oS/-oG : Output scan in normal, XML, s| and Grepable format, respectively, to the given filename.
-oA : Output in the three major formats at once
-v: Increase verbosity level (use twice for more effect)
-d[level]: Set or increase debugging level (Up to 9 is meaningful)
--open: Only show open (or possibly open) ports
--packet-trace: Show all packets sent and received
--iflist: Print host interfaces and routes (for debugging)
--log-errors: Log errors/warnings to the normal-format output file
--append-output: Append to rather than clobber specified output files
--resume : Resume an aborted scan
--stylesheet : XSL stylesheet to transform XML output to HTML
--webxml: Reference stylesheet from Insecure.Org for more portable XML
--no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:
-6: Enable IPv6 scanning
-A: Enables OS detection and Version detection
--datadir : Specify custom Nmap data file location
--send-eth/--send-ip: Send using raw ethernet frames or IP packets
--privileged: Assume that the user is fully privileged
--unprivileged: Assume the user lacks raw socket privileges
-V: Print version number
-h: Print this help summary page.
EXAMPLES:
nmap -v -A scanme.nmap.org
nmap -v -sP 192.168.0.0/16 10.0.0.0/8
nmap -v -iR 10000 -P0 -p 80
SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES
C:\Program Files\Nmap>nmap -sL
Starting Nmap 4.20ALPHA9 (
http://insecure.org ) at 2007-01-03 20:04 India Stand
ard Time
No target machines/networks specified!
QUITTING!
C:\Program Files\Nmap>nmap -sL 10.240.240.195
Starting Nmap 4.20ALPHA9 (
http://insecure.org ) at 2007-01-03 20:05 India Stand
ard Time
Host 10.240.240.195 not scanned
Nmap finished: 1 IP address (0 hosts up) scanned in 1.188 seconds
C:\Program Files\Nmap>nmap -sL 59.95.18.238
Starting Nmap 4.20ALPHA9 (
http://insecure.org ) at 2007-01-03 20:06 India Stand
ard Time
Host 59.95.18.238 not scanned
Nmap finished: 1 IP address (0 hosts up) scanned in 1.266 seconds
C:\Program Files\Nmap>nmap -A -T4 59.95.18.238
Starting Nmap 4.20ALPHA9 (
http://insecure.org ) at 2007-01-03 20:07 India Stand
ard Time
^C
C:\Program Files\Nmap>nmap -A -T4 10.240.240.195
Starting Nmap 4.20ALPHA9 (
http://insecure.org ) at 2007-01-03 20:10 India Stand
ard Time
Warning: Giving up on port early because retransmission cap hit.
Insufficient responses for TCP sequencing (1), OS detection may be less accurate
Insufficient responses for TCP sequencing (3), OS detection may be less accurate
Insufficient responses for TCP sequencing (3), OS detection may be less accurate
Interesting ports on 10.240.240.195:
Not shown: 1638 closed ports
PORT STATE SERVICE VERSION
7/tcp open echo
9/tcp open discard?
13/tcp open daytime Sun Solaris daytime
19/tcp open chargen
21/tcp filtered ftp
23/tcp filtered telnet
25/tcp open smtp Sendmail 8.11.7p1+Sun/8.11.7
37/tcp open time (32 bits)
79/tcp open finger Sun Solaris fingerd
80/tcp open http Apache httpd 1.3.27 ((Unix) Resin/2.1.9 mod_ss
l/2.8.12 OpenSSL/0.9.7)
111/tcp open rpcbind 2-4 (rpc #100000)
121/tcp filtered erpc
179/tcp filtered bgp
248/tcp filtered bhfhs
287/tcp filtered unknown
323/tcp filtered unknown
365/tcp filtered dtk
385/tcp filtered ibm-app
443/tcp open ssl OpenSSL
500/tcp filtered isakmp
512/tcp open exec
513/tcp open rlogin
514/tcp open tcpwrapped
515/tcp open printer Solaris lpd
540/tcp open uucp Solaris uucpd
587/tcp open smtp Sendmail 8.11.7p1+Sun/8.11.7
665/tcp open unknown
805/tcp filtered unknown
850/tcp filtered unknown
898/tcp open http Solaris management console server (Java 1.2.2;
Tomcat 2.1; SunOS 5.8 sparc)
963/tcp filtered unknown
1017/tcp filtered unknown
1020/tcp filtered unknown
1350/tcp filtered editbench
2564/tcp filtered hp-3000-telnet
4045/tcp open nlockmgr 1-4 (rpc #100021)
4987/tcp filtered maybeveritas
5001/tcp open apc-agent APC PowerChute agent
5101/tcp filtered admdog
6112/tcp open dtspc?
7100/tcp open font-service Sun Solaris fs.auto
8888/tcp filtered sun-answerbook
27005/tcp filtered flexlm5
32771/tcp open rusersd 2-3 (rpc #100002)
32772/tcp open ttdbserverd 1 (rpc #100083)
32773/tcp open rpc
32774/tcp open dr_daemon 4 (rpc #300326)
32775/tcp open rpc.unknown
32776/tcp open rpc.unknown
32777/tcp open rpc.metamedd 1 (rpc #100242)
32778/tcp open rpc.metacld 1 (rpc #100281)
32779/tcp open status 1 (rpc #100024)
No OS matches for host (If you know what OS is running on it, see
http://insecur
e.org/nmap/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=4.20ALPHA9%D=1/3%OT=7%CT=1%CU=36839%PV=Y%DS=6%G=Y%TM=459BC11D%P=i
OS:686-pc-windows-windows)SEQ(SP=95%GCD=1%ISR=A3%TI=I%II=I%SS=S%TS=7)SEQ(SP
OS:=95%GCD=1%ISR=A4%TI=I%II=I%SS=S%TS=7)OPS(O1=NNT11%O2=NNT11%O3=NNT11%O4=N
OS:NT11%O5=NNT11%O6=NNT11M548)OPS(O1=NNT11%O2=NNT11%O3=NNT11%O4=NNT11%O5=NN
OS:T11%O6=NNT11)OPS(O1=NNT11%O2=NNT11%O3=NNT11%O4=NNT11NW0M548%O5=NNT11NW0M
OS:548%O6=NNT11M548)OPS(O1=NNT11NW0M548%O2=NNT11NW0M548%O3=NNT11NW0M548%O4=
OS:NNT11NW0M548%O5=NNT11NW0M548%O6=NNT11M548)OPS(O1=NNT11%O2=NNT11%O3=NNT11
OS:%O4=NNT11%O5=NNT11%O6=NNT11)WIN(W1=6374%W2=6374%W3=6220%W4=6034%W5=6034%
OS:W6=60DA)WIN(W1=6374%W2=6374%W3=6220%W4=6034%W5=6034%W6=60DA)ECN(R=Y%DF=Y
OS:%T=3C%W=6458%O=NW0M548%CC=N%Q=)ECN(R=Y%DF=Y%T=3C%W=6458%O=%CC=N%Q=)ECN(R
OS:=Y%DF=Y%T=3C%W=6458%O=NW0M548%CC=N%Q=)ECN(R=Y%DF=Y%T=3C%W=6458%O=NW0M548
OS:%CC=N%Q=)ECN(R=Y%DF=Y%T=3C%W=6458%O=%CC=N%Q=)T1(R=Y%DF=Y%T=3C%S=O%A=O%F=
OS:A%RD=0%Q=)T1(R=Y%DF=Y%T=3C%S=O%A=S+%F=AS%RD=0%Q=)T1(R=Y%DF=Y%T=3C%S=O%A=
OS:O%F=A%RD=0%Q=)T2(R=N)T2(R=N)T3(R=N)T3(R=N)T4(R=N)T4(R=N)T5(R=Y%DF=Y%T=40
OS:%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0
OS:%Q=)T6(R=N)T6(R=N)T7(R=N)T7(R=N)U1(R=Y%DF=Y%T=FF%TOS=0%IPL=70%UN=0%RIPL=
OS:G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)U1(R=Y%DF=Y%T=FF%TOS=0%IPL=70%UN=0%RI
OS:PL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)IE(R=Y%DFI=Y%T=FF%TOSI=Z%CD=S%SI=S
OS:%DLI=S)IE(R=Y%DFI=Y%T=FF%TOSI=Z%CD=S%SI=S%DLI=S)
Uptime: 97.190 days (since Thu Sep 28 15:40:33 2006)
Network Distance: 6 hops
Service Info: Host: portal2.net; OSs: Solaris, Unix, SunOS; Device: power-device
OS and Service detection performed. Please report any incorrect results at http:
//insecure.org/nmap/submit/ .
finished: 1 IP address (1 host up) scanned in 217.750 seconds
--
Posted: 2007-01-03 17:53:58
Edit :
Quote
Quote:
On 2007-01-03 17:32:42, pradeep5556 wrote:
Quote:
On 2007-01-01 14:00:47, freworld4u wrote:
desi-tek nu ki ho gaya????
its saying will be back on 10 jan!! thats too long man!!
abt 20 days r much!!!
But desi-tek will be back on 10 jan 2006. Since 2006 will never come back, so i think the same about the desi-tek.
hi pradeep5556 thaznx for informing i just edited the page:)
desi-tek forum will be back in 3 days
i just started codding portal with ajax function
[ This Message was edited by: dheeraj1 on 2007-01-03 17:04 ]
latest update i got the working data 1 id and password (unlimited plan)
[ This Message was edited by: dheeraj1 on 2007-01-03 19:39 ]
--
Posted: 2007-01-03 17:57:41
Edit :
Quote
@dheeraj1
Plz tell me abt the DATA ONE plan in detail. i m thinkin to get one. and wat r u hackin. is it possible to get unlimited plan from the limited 250 plan.
Plz tell me every thing in detail
--
Posted: 2007-01-04 06:57:15
Edit :
Quote
He Is Doing Nothing Just Showing Nmap Output to U ppl. Plus In the Images He did'nt really hacked into dataone Portal Server But Some Computer on Dataone Network.
As far As ur question U can get unlimted plan but for that U don't really have to mess with bsnl servers. Let me tell U Their portal servers and billing servers are in Pune Plus I don't think U will like to get ur Ip logged in there.
Quote:
On 2007-01-04 06:57:15, fun2sh wrote:
@dheeraj1
Plz tell me abt the DATA ONE plan in detail. i m thinkin to get one. and wat r u hackin. is it possible to get unlimited plan from the limited 250 plan.
Plz tell me every thing in detail
--
Posted: 2007-01-04 07:11:51
Edit :
Quote
Buddy I will suggest please don't mess with bsnl portal and billing servers. U can get Unlimited plans passwords by other means, I have 140 of them I don't Use them. PLus Any complaint can get u in Jail. Because At time of logging Ur Phone number gets port binded temporarily. A BSNL Official told me and Every BSNL Operator can get all the details for any account any time from their operator Portal. U can See the Telephone Number there too.
I was In the exchange once and saw one official doing it and there I was able to see every infornmation in the log including Phone numbers with Area Codes . The only thing they cannot see is Ur password but they have the option to change it when they get a complaint.
Quote:
On 2007-01-03 17:57:41, dheeraj1 wrote:
Quote:
On 2007-01-03 17:32:42, pradeep5556 wrote:
Quote:
On 2007-01-01 14:00:47, freworld4u wrote:
desi-tek nu ki ho gaya????
its saying will be back on 10 jan!! thats too long man!!
abt 20 days r much!!!
But desi-tek will be back on 10 jan 2006. Since 2006 will never come back, so i think the same about the desi-tek.
hi pradeep5556 thaznx for informing i just edited the page:)
desi-tek forum will be back in 3 days
i just started codding portal with ajax function
[ This Message was edited by: dheeraj1 on 2007-01-03 17:04 ]
latest update i got the working data 1 id and password (unlimited plan)
[ This Message was edited by: dheeraj1 on 2007-01-03 19:39 ]
--
Posted: 2007-01-04 07:20:24
Edit :
Quote
i used the exploit available in
http://www.milw0rm.com/
to crack the password of those users from dos go throught that site u will get lots of exploit
--
Posted: 2007-01-04 10:56:17
Edit :
Quote
id zigopi
password zigopi
do not change the password or bsnl ppl may change it from backend
plan 900 unlimited
--
Posted: 2007-01-04 11:00:04
Edit :
Quote
Desi-Tek forum is back
http://www.desi-tek.com/forum/
portal will be available soon
--
Posted: 2007-01-04 13:02:58
Edit :
Quote
and also since ur phone no is logged(i m sure for that),,,
u will in trouble!!!
and another thing is dont try to do this fro ur relatives phone no bcoz they will get u thru them too if they get compliants of excessive downloadin !!!
and another thing is if that person log at same time ,,
he will see double logging in his service records!!!!
--
Posted: 2007-01-04 15:18:36
Edit :
Quote
guys, please make some solutions to Live gprs. its not working good now!.
--
Posted: 2007-01-04 15:42:15
Edit :
Quote
New Topic
Reply
