3 Simple Ways to
Share What You Make

With Instructables you can share what you make with the world — and tap into an ever-growing community of creative experts.

PhotosPhotos

Share one or more photos of a project, recipe, or whatever you've made, quickly and easily.

Get Started

Learn more & Get Tips

Step by StepStep-By-Step

Share your step-by-step photos with text instructions of what you made so others can do it too!

Get Started

Learn more & Get Tips

VideoVideo

Share your how-to video. You'll need your embed code from a video site such as YouTube.

Get Started

Learn more & Get Tips

Print PDF

Favorite

How to hack Telnet

Here is a guide to learn basic hacking techniques. Telnet is the base of most hacking.

This was titled like this to be entered into the Burning Questions Group. I understand it to mean, "How to hack via Telnet," so that's what this instructable is about.

Remove these ads by Signing Up

Step 1Download Stuff

The only thing you will need is a port scanner. nmap is a free and powerful port scanner. You can download it for Windows, Mac OSX, or Linux. If possible make sure you install the GUI with it. It comes with the Windows installer.

« Previous Step

Download PDFView All Steps

Next Step »

183 comments

1-40 of 183

May 19, 2012. 11:44 AMelectronicz says:

Does the nmap port scanner contain a virus??

Apr 23, 2012. 5:14 PMabran5 says:

too bad i can't use the ip address of the computer i'm using

Feb 5, 2012. 8:11 AMredrhinos7 says:

does polyscript work?

Feb 5, 2012. 7:02 AMredrhinos7 says:

where do you download telnet?

Jan 29, 2012. 10:25 AMhooohooo says:

What is port 23 isn't open but others are? How do you go about hacking something then?

Jan 6, 2012. 9:09 PMaccount3r2 says:

I think I purposely left an open, password protected port on my router...

Sep 6, 2011. 2:54 AMhm38 says:

This is a guide to finding a telnet server and connecting to it in the hope that it's not got a username or password set. This is not hacking but it does give people just enough information to get into trouble.

If you go around connecting to random unsecured telnet servers with no idea what you are doing you are not going to gain anything.

The best piece of advice you can give is find your System Admin and tell them they have an open telnet service.

Nov 28, 2011. 2:38 PMEverett_McKinley says:

true.

Jul 4, 2011. 8:31 AMdidgitalpunk says:

dude this is all great stuff but it left me with some questions.
1 can you hack your way into a server?
2 can you control a pc from another one with telnet?

Jun 13, 2011. 4:34 PMnpm says:

nvm i found out how

Jun 11, 2011. 11:01 AMnpm says:

my computer seems not to have a telnet program built in do you know where is can download a good one.

Jun 5, 2011. 5:12 AM8s.cschreur says:

You should try to download the software over again. Also, some Devices aren,t hackable via Telnet.

Jun 5, 2011. 4:50 AM8s.cschreur says:

Thanks! I got it to work fine!

Jun 5, 2011. 4:15 AM8s.cschreur says:

Cool! Thanks for the info.!

Apr 28, 2009. 3:16 PMdan-ball says:

When I try to do the scan, it says "dnet: Failed to open device eth5 QUITTING!" What's going on?

Mar 3, 2011. 1:49 PMdunderwood says:

you have to do "Intense scan, all TCP Ports" for it to work properly.

Aug 30, 2009. 7:20 PMnitendo9 says:

me too

Jan 17, 2010. 8:42 AMDexHunx says:

me too,
has anyone found the reason of this?

Feb 10, 2009. 11:38 AMhq says:

If you remember what the massage said tell me please.

Jun 18, 2009. 7:13 PMMr.Ownage says:

I got it from my school a few weeks ago, that's some serious bullsh*t They said if I dont stop, they'd put me on a list (some sort of black list) and I wouldn't be able to get the programming class next year and I would be banned from any computer lab Frankly, I dont care to be banned, but I gotta take that freaking class if I wanna live later...

Nov 7, 2010. 7:26 AMwirah says:

Oddly enough, my early days of hacking my school's computer network is the exact reason I own a computer consultancy company today.

Problem with schools are they don't encourage the sort of activity which allows you to think for yourself, and would rather you follow a set and closed path which in most cases, leads nowhere.

I'd get some old computers, build yourself a network, and learn about networking that way. Oh, and use Linux, Windows is not build for this sort of work, and will serve only to get in your way.

Jul 13, 2009. 10:55 PMthepaul1993 says:

thats why you go in the libary with a laptop, crack their internet, then do it

Jun 19, 2009. 12:50 PMhq says:

So what did the message say?

May 26, 2010. 6:52 PMMicrosoftEmployee says:

hey man great tutorial, just what ive been looking for. i was just wondering how exactly do i get into the nethack.alt.org? ive gotten to the point where it asks for a login and all that stuff, but how do i get into the actuaall server?

Oct 23, 2010. 2:06 PMSaturn V says:

It won't let me enter a password.

Sep 11, 2010. 1:00 AMaryankhurana says:

if you want to create a batch virus goto aryankhurana.t35.com to take a demo of ultimate virus creator. its a very powerfull tool to create virus.

Feb 10, 2010. 5:09 AMGZNG says:

when you say mess around with a router... you have to know the language of the encoding the router was framed around right? you gave the example of a cisco router... what about other routers like linksys, 2wire, and so on.... do they follow the same 'language'?

Jan 30, 2010. 11:19 AMnicker says:

what if they have port other ports open but not port 23!! (hacking through telnet)

Jan 30, 2010. 8:21 AMbadad says:

If you want to learn more about telnet hacking visit my blog www.shiftwithme.tumblr.com

Jan 19, 2010. 9:39 PMsarge1211 says:

how come when i try to connect it gives my "could not open connection to host" why?

Apr 26, 2008. 1:19 AMPrometheus says:

PS. The WRT54G is the easily hackable Linksys router. Not true for outsiders, if you are smart enough to change permissions and WEP keys. Probably one of the more secure routers you can have unless you have the proper permissions. Hackable internally? yes. Hackable externally? not very easily. An example of my password is "_34Ã�Ã±TkG_mXÂº93_". No matter if you saw it, you'd never be able to enter it properly without months of constant attempts, which I'd eventually be made aware of, but I don't even share it with anyone unless I want them to have it. I'll give you a hint: Those are not underscores in the password, even though they show as such. This instructable is as good for hacking your own equipment as it is for keeping others from doing so. Nice work on the project! A + rating for you.

Feb 19, 2009. 5:49 PMKush_Slayer says:

lol wep keys, you can crack them with programs on the internet and i made a program a little while back that can tell you the alt codes for whatever you put into it :;♦♣�

Feb 21, 2009. 1:12 AMPrometheus says:

You sure? Because I use 8 AND 16-bits to make such passwords, making most any such application worthless. You cannot distinguish just what byte level I have used for sure, even if you got past the internal firewalls, and assuming you could find my router with DHT turned off. Besides, if I see activity that I didn't authorize and is not doubly-confirmed by my firewall or modem in tandem, I can just pull the plug and change the password again later. Even a "brute force" attack with mine would take you weeks to find with DHT enabled. Without DHT, you are completely out of luck. I'm protected simply because I'm not worth all the trouble. BTW, a program that will tell you the "alt-codes" as you call them, is called XVI32, as any common hex-editor. No sense writing one if so many are available for free. Nonetheless, post me a link for it on a file-hosting site, I'd love to have a look at it. I might add it as part of my toolbox if it's functionally-literate with what I want to do with it, and can do so in under 1 Mb total size... �VY

Nov 26, 2009. 10:06 PMmacle says:

Um.. Wep was broken the moment it was lauched..

Nov 25, 2009. 12:03 AMbriscuits says:

"We have a "be nice" comment policy. Please be positive and constructive with your comments or risk being banned from our site." Wow, that was a good reminder. Just a FYI, firewalls have absolutely nothing to do with WEP security. Breaking WEP is all about the encryption. I send you a few weak packets, bam. Done. Oh, and if I were to crack your network(which I wouldn't as it is a crime) I would change my MAC to yours, in which case you would never see the difference between my packets and yours. Finding a hotspot with no SSID is incredibly simple with the help of programs like kismet, and it would likely take less than 30 seconds to crack your AP, special characters or not. Check the aircrack-ng main page. Lets all try an upgrade to WPA2 if we want to feel safe, shall we? Just to inform the uninformed world.

Nov 26, 2009. 1:40 PMPrometheus says:

Briscuits, I think you have been watching the movie "Hackers" too long. If you'll take another look, I didn't say anything about firewalls having to do with WEP keys at all. And you could crack it in 30 seconds? Not even Angelina Jolie is that good...

You have 30 seconds to crack my network....GO!

Feb 21, 2009. 1:26 PMKush_Slayer says:

nice security then and i made the program that tells you the alt codes one day when i had nothing else to do, also its somewhere in the 50 GBs of stuff on my harddrive so i probably wont be able to find it any time soon

Feb 22, 2009. 12:36 AMPrometheus says:

No worries...The best security is the kind you yourself can't figure out if you forget your own password. "�VY" is Unicode, and I mix in ascii as well as the typical caps/numbers/punctuation. That's why I try to teach people how to use at least ascii and suggest Firefox add-ons such as "Leet Key" to make tough passwords from easier words and phrases.

"Antidisestablishmentarianism" can be a good password, but if you convert it to ROT-13, then to 1337, then to Dvorak, then to binary, it makes one mean password. The overall length alone increases security by 128-fold every time the password doubles in length over 20 characters. Example that I like to show the progression:

Normal: antidisestablishmentarianism
ROT-13: nagvqvfrfgnoyvfuzragnevnavfz
Binary encoded: 01101110 01100001 01100111 01110110 01110001 01110110 01100110 01110010 01100110 01100111 01101110 01101111 01111001 01110110 01100110 01110101 01111010 01110010 01100001 01100111 01101110 01100101 01110110 01101110 01100001 01110110 01100110 01111010
Base-64 Encoding: MDExMDExMTAgMDExMDAwMDEgMDExMDAxMTEgMDExMTAxMTAgMDExMTAwMDEgMDExMTAxMTAgMDEx
MDAxMTAgMDExMTAwMTAgMDExMDAxMTAgMDExMDAxMTEgMDExMDExMTAgMDExMDExMTEgMDExMTEw
MDEgMDExMTAxMTAgMDExMDAxMTAgMDExMTAxMDEgMDExMTEwMTAgMDExMTAwMTAgMDExMDAwMDEg
MDExMDAxMTEgMDExMDExMTAgMDExMDAxMDEgMDExMTAxMTAgMDExMDExMTAgMDExMDAwMDEgMDEx
MTAxMTAgMDExMDAxMTAgMDExMTEwMTAK

You might have a 1 in 12,000 chance to guess the first, a 1 in 16,000,000 chance to guess the second, a 1 in 250,000,000 chance to guess the third, and I can only estimate about a 1 in 947,000,000,000,000 chance to guess the fourth. Even the DoD doesn't have passwords this complex. That insane password came from just one long word passed through four filters.

|\|0w 1f y0u 7yp3 1n |337, 7h47 0n|y 1n(r34535 y0ur 53(ur17y 3v3n m0r3...
(Now if you type in leet, that only increases your security even more...)

Nov 29, 2008. 9:21 PMArbitror says:

Actually, in the text you entered on instuctables it is technically underscores..

Nov 30, 2008. 12:15 AMPrometheus says:

"Technically", but that is the default display character for "non-display characters". As I said before, you can try this on my router, and it'll just laugh at your attempts. They show as underscores here because the site itself uses them for characters it cannot display, but are still there. Example:

0xFF = _
Shift "-" = _

I entered those both as two different characters, despite the fact that they appear the same. The example you see above in the previous post is exactly as I intended, and was not a flaw or misinterpretation of punctuation or any other. This is how the security works, by using the other 200-or-so characters NOT used for common text, so that even if they can see them, they can't be sure exactly what the real password is.

1-40 of 183