Step 2: Using Zenmap (nmap's GUI)

It's pretty simple. Open the program and in the "Target" box, type the ip address of the computer you want to hack.

If you don't know the ip address, go to the computer you want to access (I will assume you have the legal rights to whatever you are trying to access), open a command line and type ipconfig. You can try to hack devices too sometimes. Routers and switches sometimes have telnet. Try scanning these too.

Say you want to scan a range of IP addresses, then you would type the beginning IP address followed by (no spaces) a dash ( - ) and the end of the last IP address. For example, if you wanted to scan to then you would type .

In the "Profile" menu of Zenmap, select "Intense scan" if it is not already selected. Click scan and watch as the program scans the computer or device for open ports. Watch the nmap output until you see some words in green. These are the open ports on the computer or device. If port 23 is open, your device is hackable.

Many servers and routers have port 23 open.

If you can't find a device with Telnet enabled, use nethack.alt.org .
If you remember what the massage said tell me please.
I got it from my school a few weeks ago, that's some serious bullsh*t They said if I dont stop, they'd put me on a list (some sort of black list) and I wouldn't be able to get the programming class next year and I would be banned from any computer lab Frankly, I dont care to be banned, but I gotta take that freaking class if I wanna live later...
Oddly enough, my early days of hacking my school's computer network is the exact reason I own a computer consultancy company today.<br><br>Problem with schools are they don't encourage the sort of activity which allows you to think for yourself, and would rather you follow a set and closed path which in most cases, leads nowhere.<br><br>I'd get some old computers, build yourself a network, and learn about networking that way. Oh, and use Linux, Windows is not build for this sort of work, and will serve only to get in your way.
<blockquote> <p> <em>Problem with schools are they don't encourage the sort of activity which allows you to think for yourself, and would rather you follow a set and closed path which in most cases, leads nowhere. </em></p> </blockquote> <br> That's a little disingenuous isn't it? They don't encourage the sort of activity that slows the network down for everyone else and that if successful would lead to the exposure of confidential, private student/staff data. They would rather people with just enough knowledge to be dangerous did not engage in potentially harmful behaviour on their network. &nbsp;<br> &nbsp;&nbsp;<br> Mostly, it's probably just annoying them that they have to deal with some idiot kiddy who discovered nmap and has decided to use it on its most agressive settings (WTF?) when they could be...you know...doing the productive parts of their job.
<p>just use tor proxychains ... ;)</p>
thats why you go in the libary with a laptop, crack their internet, then do it
So what did the message say?
<p>can i know how to hack facebook account?</p>
how can i use.. the telnet control the programs on another computer?
When I try to do the scan, it says "dnet: Failed to open device eth5 QUITTING!" What's going on?
me too
you have to do &quot;Intense scan, all TCP Ports&quot; for it to work properly.
me too
me too,<br /> has anyone found the reason of this?<br />
<ol> <li> Don't use telnet, download PuTTY, it's much nicer to use and lets you save connections. It'll also let you connect to SSH.&nbsp;Either that, or download Cygwin to get a Linux-like environment within Windows. <li> DON'T use nmap if you're sitting in a college/school computer lab signed in under your own username.&nbsp; <li> DON'T use nmap on its most agressive settings,&nbsp;especially if you are doing it against a network you don't own or have permission to use it on (in the form of a written contract). &nbsp; </ol> Ignoring 2 and 3 will lead to you getting caught. Fast. As you discovered.<br> <br>
Does the nmap port scanner contain a virus??
too bad i can't use the ip address of the computer i'm using
does polyscript work?
where do you download telnet?
What is port 23 isn't open but others are? How do you go about hacking something then?
I think I purposely left an open, password protected port on my router...
This is a guide to finding a telnet server and connecting to it in the hope that it's not got a username or password set. This is not hacking but it does give people just enough information to get into trouble.<br><br>If you go around connecting to random unsecured telnet servers with no idea what you are doing you are not going to gain anything.<br><br>The best piece of advice you can give is find your System Admin and tell them they have an open telnet service.
dude this is all great stuff but it left me with some questions. <br>1 can you hack your way into a server? <br>2 can you control a pc from another one with telnet?
nvm i found out how
my computer seems not to have a telnet program built in do you know where is can download a good one.
You should try to download the software over again. Also, some Devices aren,t hackable via Telnet.
Thanks! I got it to work fine!
Cool! Thanks for the info.!
hey man great tutorial, just what ive been looking for. i was just wondering how exactly do i get into the nethack.alt.org? ive gotten to the point where it asks for a login and all that stuff, but how do i get into the actuaall server?
It won't let me enter a password.
if you want to create a batch virus goto aryankhurana.t35.com to take a demo of ultimate virus creator. its a very powerfull tool to create virus.
i am running this in wine... and when ever i try to start it. where ever there should be words there is a big black mark... any help please?
Why would you use wine to do this? nmap and telnet are originally native UNIX apps and come with any decent LINUX distro....
is ubuntu a decent distro?
yes, open the command line and type telnet (stuff)
&nbsp;hello sir i am abbas i am doing b.E final year my project is network security if you free plz teach me
Many people hate it, many people follow it as if it were a religion. You can download nmap/zenmap from Ubuntu's repositories, or at least Debian's.
PS. The WRT54G is the easily hackable Linksys router. Not true for outsiders, if you are smart enough to change permissions and WEP keys. Probably one of the more secure routers you can have unless you have the proper permissions. Hackable internally? yes. Hackable externally? not very easily. An example of my password is "_34ÉñTkG_mXº93_". No matter if you saw it, you'd never be able to enter it properly without months of constant attempts, which I'd eventually be made aware of, but I don't even share it with anyone unless I want them to have it. I'll give you a hint: Those are not underscores in the password, even though they show as such. This instructable is as good for hacking your own equipment as it is for keeping others from doing so. Nice work on the project! A + rating for you.
Actually, in the text you entered on instuctables it is technically underscores..
&quot;Technically&quot;, but that is the default display character for &quot;non-display characters&quot;. As I said before, you can try this on my router, and it'll just laugh at your attempts. They show as underscores here because the site itself uses them for characters it cannot display, but are still there. Example:<br/><br/>0xFF = _<br/>Shift &quot;-&quot; = _<br/><br/>I entered those both as two different characters, despite the fact that they appear the same. The example you see above in the previous post is exactly as I intended, and was not a flaw or misinterpretation of punctuation or any other. This is how the security works, by using the other 200-or-so characters NOT used for common text, so that even if they can see them, they can't be sure exactly what the real password is.<br/>
where do you get the en/decoders from?<br />
I totally know what your saying, I use the same system for my passwords too. But the underscores that are actually <strong>on</strong> this website are underscores, and not special symbols. They could be 0xFF, or in another text 0x<strong>5</strong>F. But on instructables, the physical text on the screen is really an underscore. Try copying and pasting it.<br/>
That's pretty much what I said, so we agree to agree....Maybe I should have said, "This site -uses- underscores for characters it cannot display".
lol wep keys, you can crack them with programs on the internet and i made a program a little while back that can tell you the alt codes for whatever you put into it ☺☻♦♣○
You sure? Because I use 8 AND 16-bits to make such passwords, making most any such application worthless. You cannot distinguish just what byte level I have used for sure, even if you got past the internal firewalls, and assuming you could find my router with DHT turned off. Besides, if I see activity that I didn't authorize and is not doubly-confirmed by my firewall or modem in tandem, I can just pull the plug and change the password again later. Even a "brute force" attack with mine would take you weeks to find with DHT enabled. Without DHT, you are completely out of luck. I'm protected simply because I'm not worth all the trouble. BTW, a program that will tell you the "alt-codes" as you call them, is called XVI32, as any common hex-editor. No sense writing one if so many are available for free. Nonetheless, post me a link for it on a file-hosting site, I'd love to have a look at it. I might add it as part of my toolbox if it's functionally-literate with what I want to do with it, and can do so in under 1 Mb total size... ƠŖĐĖř
&nbsp;Um.. Wep was broken the moment it was lauched..
&quot;<strong>We have a &quot;be nice&quot; comment policy.</strong> Please be positive and constructive with your comments or risk being banned from our site.&quot; Wow, that was a good reminder. Just a FYI, firewalls have absolutely nothing to do with WEP security. Breaking WEP is all about the encryption. I send you a few weak packets, bam. Done. Oh, and if I were to crack your network(which I wouldn't as it is a crime) I would change my MAC to yours, in which case you would never see the difference between my packets and yours. Finding a hotspot with no SSID is incredibly simple with the help of programs like kismet, and it would likely take less than 30 seconds to crack your AP, special characters or not. Check the aircrack-ng main page. Lets all try an upgrade to WPA2 if we want to feel safe, shall we? Just to inform the uninformed world.<br />
Briscuits, I&nbsp;think you have been watching the movie &quot;Hackers&quot; too long. If you'll take another look, I&nbsp;didn't say anything about firewalls having to do with WEP keys at all. And you could crack it in 30 seconds? Not even Angelina Jolie is that good...<br /> <br /> You have 30 seconds to crack my network....GO!<br /> <br />
nice security then and i made the program that tells you the alt codes one day when i had nothing else to do, also its somewhere in the 50 GBs of stuff on my harddrive so i probably wont be able to find it any time soon

About This Instructable




Bio: A current student at the University of Advancing Technology. Currently studying Robotics and Embedded Systems.
More by bmlbytes:Installing Subwoofers in a Car Create a PDF Make your own websites - HTML basics (Part 1) 
Add instructable to: