GUIDE TO (MOSTLY) HARMLESS HACKING
 
 ____________________________________________________________ 
GUIDE TO (mostly) HARMLESS HACKING 
Microsoft-only version Number 5 
How to Break into Windows 95 from the Internet, continued. 

____________________________________________________________ 
by keydet89@yahoo.com 
Hacking from Win95 
Accessing shares via the Internet 
Alpha 
Edition:  Oct, 1998 
[Protecting Yourself] 
[What can they do] 
[Getting set up] 

[Connecting to shares] 
[Final Words] 
The purpose of this Guide is to show the reader how to set up 
their Win95 
computer to use sharing via the Internet. 
Readers are encouraged to explore the information provided here, 
but only 
after obtaining permission to do so on the remote 
computer.  Get with 
your friends and try these techniques! 
The information in this Guide is meant for use by Win95 users, 
as the 
steps that are outlined are specifically for Win95.  This 
same subject 
for NT has been dealt with in a previous Guide. 
Before we start, I should point out that I made extensive use of 
a free 
source of information...the Microsoft KnowledgeBase.  I 
searched for a 
lot of information, and found a lot of good 
references, by going to 
http://support.microsoft.com and 
registering my email address.  I will 
be referencing several 
KnowledgeBase throughout this Guide, and you can 
easily go to 
the Support site and print out copies of the articles...just 

choose to search for a particular article, rather than by 
keyword. 
[Protecting yourself] 
First, the method of protecting yourself needs to be made 
perfectly 
clear.  DON'T SHARE!!  I can't stress that enough. 
If you are a 
home user, and you are connecting a Win95 computer 
to the Internet via some 
dial-up method, DISABLE SHARING! 
If you must share, use a strong password...8 characters minimum, 
a mix of 
upper and lower case letters and numbers, change the 
password every now and 
again.  If you need to transmit the 
password to someone, do so over the 
phone or by written letter. 
Another method for exchanging the information is 
to use PGP, or 
'Pretty Good Privacy' (obtaining and installing PGP was 
covered 
in a previous Guide).  Using PGP will not only allow you to 

encrypt the information so that only your friend(s) can 
decrypt it, but 
you can also digitally sign the file so that 
your friends know that only you 
could have sent it. 
To disable sharing, click on My Computer -> Control Panel -> 

Network -> File and Print Sharing.  In the dialogue box that 

appears, uncheck both boxes.  It's that easy.  If you are using 

NT, disable the Server service to disable sharing...click on 
My Computer 
-> Control Panel -> Services, and disable the 
Server service. 
[What can they do] 
If someone can access you hard drive via the Internet, there are 
many 
things they can do...it all depends upon their knowledge and 
their 
intent.  Given correct access permissions, they could 
erase your hard 
drive...or leave a 'hidden bomb' behind so that 
your hard drive is erased 
the next time you boot up.  Or they 
could simply modify your system.ini 
file so that the next time 
your computer boots up, it opens into the old 
Program Manager 
shell from Windows 3.1, instead of the nice friendly 
Explorer 
shell that you are used to.  Or they could just copy your 

email mailboxes, some data, and be merrily on their way. 
Of course, there are all sorts of pathological uses for DOS 
commands like 
deltree and ctty, and toys like BO... 
[Getting set up] 
First of all, you need to make sure that your system is set up 
correctly 
to access another win95 machine via the Internet.  The 
assumptions made 
in the following steps are that: 
(a) you have your win95 disks or CD, and 
(b) you have a modem in your 
computer. 
By assuming that the reader has a modem, we can keep the 
Guide simple, 
but users who are on a LAN should have no trouble 
following the Guide. 
1.  The first thing you need to do is make sure that you have 
the 
latest version of DUN (Dial-Up Networking) for Win95.  The 
current 
version is DUN v1.3, and can be obtained by going to: 
http://www.microsoft.com/msdownload 
Choose "Windows95 Shareware and Utilities" from the "Support 
Drivers, 
Patches and Service Packs" section, and then choose 
the update from the 
"Networking & Communications" section. 
NOTE:  Feel free to gather any other updates that you may be 

interested in, such as TweakUI.  Another useful tool that you 
will 
find here under "Resource Kits" is the Windows95 Resource 
Kit Help File and 
Utilities. 
Once you have obtained and installed the DUN update, you should 
be ready 
to begin. 
************************************************************ 
NEWBIE 
NOTE:  Before you go on, you might want to look at 
or print out the 
following Microsoft KnowledgeBase articles: 
Q178729:  How to configure Win95 to dial into a RAS/RRAS 
server 

http://support.microsoft.com/support/kb/articles/q178/7/29.asp 
Q145843:  How to connect to a remote server 

http://support.microsoft.com/support/kb/articles/q145/8/43.asp 
Q183368:  Requirements to browse network with dial-up 
networking 

http://support.microsoft.com/support/kb/articles/q183/3/68.asp 

************************************************************ 
Let's get started... 
2.  Click on Control Panel -> Network, and open the applet 
to the 
Configuration tab.  You should see the following entries 
at a 
minimum:  Client for Microsoft Networks, DialUp Adapter, 
and TCP/IP. 
If one or more of these entries aren't there, choose Add, and 
select the 
appropriate choice.  Make sure that you have your 
disks or CD-ROM 
available...just in case. 
**If you don't already have it, add NetBEUI to your system by 
choosing 
Control Panel -> Network -> Add, and choose Protocol. 
Select the 
NetBEUI protocol and install it. 
3.  Select TCP/IP, and open the Properties for it.  In the IP 

Address tab, you will most likely have the 'Obtain an IP address 

automatically' choice selected. 
4.  Now double click on My Computer, choose DialUp Networking, 

and  double click on icon for the connection to your ISP.  Under 

the Server Type tab, you should have the following selections: 
Type of Dial-Up Server:  PPP: Windows 95, Windows NT 3.5, Internet 
Advanced Options:  'Log on to network' and 'Enable software 

compression' 
Allowed network protocols:  TCP/IP 
5.  Now, click the 'TCP/IP Settings...' button, and you should see 

the 'Server assigned IP address' and 'Server assigned name server 

addresses' radio buttons selected.  Both 'Use IP header 

compression' and 'Use default gateway on remote network' should 
be 
checked. 
[Connecting to shares] 
6.  Before connecting to shares via the Internet, you need to 
make 
sure that you machine is configured to use the 'lmhosts' 
file on your 
computer to resolve NetBIOS names to IP addresses. 
To do this, click Start 
-> Settings -> Control Panel -> 
Network. 
On the Configuration tab, click 'TCP/IP', and click 'Properties'. 
On the WINS Configuration tab, click 'Disable WINS Resolution'. 
Click Ok, then Ok, again. 
Reboot your machine. 
7.  Now we need to configure lmhosts file entries.  You might 

want to start by opening the lmhosts.sam file: 
*********************************************************** 
NEWBIE 
NOTE:  The lmhosts file is similar to the hosts file 
in that it is used 
to resolve names to IP addresses.  WINS 
and lmhosts files are the 
Microsoft versions of the DNS and 
hosts files systems.  DNS/hosts files 
are used to resolve 
Internet names like "www.example.com" to IP addresses. 

WINS/lmhosts files are used to resolve NetBIOS names of 
machines to 
their IP addresses. 

*********************************************************** 
c:\windows\lmhosts.sam 
..in Notepad and reading through it.  Then from the command 
prompt, 
type: 
c:\windows>edit lmhosts 
or 
c:\windows>notepad lmhosts 
The entries in the file should look like: 
[IP address] [NetBIOS name]  #PRE 
Each entry in the lmhosts file needs to look like this 
if you are going 
to access shares on the machines. 
*********************************************************** 
NEWBIE 
NOTE:  If you don't have the NetBIOS name of your 
friend's computer, 
you can get it using the nbtstat command. 
You have to have the IP 
address...type: 
c:\>nbtstat -A [ip_addr] 
**NOTE:  The letter "A" MUST be 
capitalized! 
You should see something similar to: 
       NetBIOS Remote Machine Name Table 

  
  
   
Name               
Type         Status 
--------------------------------------------- 
Registered Registered Registered Registered Registered 
MAC Address = 00-00-00-00-00-00 
  
95_Box        <00>  UNIQUE 

95_Box        <20>  UNIQUE 

domain        <00>  GROUP 

domain        <1C>  GROUP 

domain        <1E>  GROUP 

95_Box        <03>  UNIQUE 
What you are looking for is the line with "<00> 
UNIQUE"...the name 
at the beginning of the line is 
the NetBIOS name of the computer.  This 
is what gets 
entered in the lmhosts file. 
If you get the error message "Host not found", it may 
mean one of several 
things...your friend is not logged 
on, there is a firewall between the two 
of you, etc. 
*********************************************************** 
8.  Now we need to refresh the NetBIOS cache for your 
machine... 
In the DOS command window, type: 
c:\>nbtstat -R 
This command reloads the cache from the lmhosts file you just 
created. 
Now, click on Start -> Find -> Computer, and type in the NetBIOS 

name of the computer...the same one you added to the lmhosts file. 
If 
your attempt to connect to the machine is successful, you should 
be 
presented with a window containing an icon representing your 
friend's 
machine. 
You may be presented with a password prompt window; your friend 
should 
have given you the password, but if he didn't just try 
guessing it. 
[Final words] 
Please remember that this file is for instructional purposes only 
and is 
meant to educate the sysadmin and user alike.  Accessing 
computers via 
the Internet that you do not have permission to access 
is a violation of 
federal law in the US.  It is best to use the 
information in this Guide 
and others to pursue the one and only 
guaranteed method of gaining root on a 
system...become the sysadmin!! 

________________________________________________________ 
Where are those 
back issues of GTMHHs and Happy Hacker Digests? Check out 
the official Happy 
Hacker Web page at http://www.happyhacker.org. 
We are against computer 
crime. We support good, old-fashioned hacking of the 
kind that led to the 
creation of the Internet and a new era of freedom of 
information. But we 
hate computer crime.  So don't email us about any crimes 
you have 
committed! 
To subscribe to Happy Hacker and receive the Guides to (mostly) 
Harmless 
Hacking, please email hacker@techbroker.com with message "subscribe 

happy-hacker" in the body of your message. 
Copyright 1998 
keydet89.  You may forward, print out or post this 
GUIDE TO (mostly) 
HARMLESS HACKING on your Web site as long as you leave 
this notice at the 
end. 
_________________________________________________________