The computer has more than 65,000 ports, each of which can be used to interact with the Internet. If some ports on the computer are open - that is, they are used by certain programs - you can try to connect to them from a remote computer.
Instructions
Step 1
You must know the ip address of the computer you want to connect to. If you know the domain name, you can determine the ip on one of the services existing on the Internet. For example, here:
Enter the domain name in the format www.name.ru - that is, the name of the site without "https://", click the "Submit" button. You will receive an ip-address and all additional information about the site.
Step 2
Now you need to determine which ports are open on the computer you are interested in. This is done by scanning using special programs - scanners. The most famous scanners are Nmap and XSpider. It is better for a beginner to choose the second one, on the network you can find both a demo version and a full version of the program.
Step 3
Open XSpider, enter ip-address, start scanning. After completing it, you will receive a list of open ports on the scanned machine. The presence of an open port does not mean that you have gained access to a remote computer and only says that this port is being used by some program. For example, port 21 - ftp, 23 - telnet, 4988 - Radmin, 3389 - Remote Desktop, etc. Type in the search engine "List of ports and their services", and you will receive detailed information.
Step 4
You have received a list of open ports. The next step is to look for an opportunity to penetrate through these ports to the remote machine. There are many options here, the main ones are guessing a password or finding and using a suitable exploit. An exploit is a program code written for a specific vulnerability.
Step 5
If you want to learn how to use exploits, download the Metasploit program. It includes several hundred exploits and is constantly updated. Metasploit also includes an Nmap scanner. Learning the program takes time and patience, but the results are worth it.
Step 6
If you want fast results, download two programs: VNC scanner with Gui interface (vnc_scanner_gui) and Lamescan. The first is a very good and fast scanner, handy for scanning a specific port. For example, port 4899 used by the Radmin remote control program.
Step 7
Launch VNC scanner, specify port 4899, select the required country from the list and click the "Get diap list" button. A list of IP address ranges will appear in the window on the left. Select several ranges (preferably 2-3), delete the rest. Click the "Start scan" button. After the scanning process is over, you will receive a text file IPs.txt with a list of ip-addresses of computers that have port 4899 open. Press the "Start parser" button - the list will be cleared of all unnecessary information, only ip-addresses will remain.
Step 8
Start the Lamescan program. Click on the "Settings - General" menu. Put the port number 4899. Enter the paths to the dictionaries of passwords and logins (find them on the net). Click Finish. Now click the green plus sign and enter your scanned ip-addresses in the window that appears and click the green arrow. The process of guessing the password for the specified addresses will begin. In most cases, the selection is unsuccessful, but out of hundreds of addresses, several will end up with simple passwords.
Step 9
Download and install Radmin. Run it, enter the address of the computer with a guessing password. In the window that appears, enter the password (and login - if you have picked up data for the program with a login and password). A blue connection icon will appear, and a few seconds later you will see the desktop of the remote computer on your screen.
