# Cannot use nbtstat



## Branks (Jun 11, 2008)

Hello. I am new to these forums so if this in the wrong place, I appologise.

My problem is as follows:
I am trying to view my friends pc via nbstat in cmd which i have been told shows certain propertise of his pc. I can carry out this procedure to computers within my network easily but when I try and go bigger, to even using the loop back ip of 127.0.0.1 i get this

C:\>nbtstat -A 127.0.0.1

Wireless Network Connection:
Node IpAddress: [192.168.1.136] Scope Id: []

Host not found.

I have opened the port 139 on both my windows firewall and my router but it still wont connect. Any help would be much apprechiated.

I have enabled both Messenger and TC/IP sercives.

PS - I AM USING VISTA
PPS - I have his permission


----------



## Branks (Jun 11, 2008)

anyone?


----------



## johnwill (Sep 26, 2002)

Well, I see the same thing, what are you trying to see with that command? The description of the option you're using...

-A (Adapter status) Lists the remote machine's name table given its IP address.



> C:\>nbtstat -A 127.0.0.1
> 
> Local Area Connection 3:
> Node IpAddress: [192.168.0.18] Scope Id: []
> ...


----------



## Branks (Jun 11, 2008)

Yes thats basically what im trying to do, find the remote machines name table. When it says remote machine, does it only mean a PC on your LAN or does it mean any PC in the world?


----------



## Cellus (Aug 31, 2006)

Just out of curiousity, what exactly are you trying to do, and why?


----------



## Branks (Jun 11, 2008)

Basically when run successfully it will display a name table of the computer and will tell you certain information. My friend has asked me to check if a certain row is present, because if it is, it means anyone can connect to his shared files. 
Would you like to offer any help?


----------



## johnwill (Sep 26, 2002)

I don't think NBTSTAT is really the tool for the job. Can you connect to his computer at all.


----------



## redcoke (Feb 18, 2011)

God were was i when when this posted.....
1 dude if your not in his network aint gonna work its not a real good remote tool unless you hijicked in to there wireless with aircrack. what you want to do is download back track 4 or 3 .... or any linux for the most part but if you download any linux you got to download all the tools back track has everything you need to test the security and vulnerabl of any computer for this i would reccomend metasploit in linux windows version is lame.

theres 3 things you can do well theres a **** load of things you can do in msf
but 3 things best for you sense you really dont know much the easist one for you would be is to autopwn unless you really researched and learnd how to use everything

first what you would do is 


download and install back track 4
or even just download and burn it to dvd and run it as a live cd
so you dont have worry about looseing anything or messing up.

2... boot up its gonna come to a screen no GUI and to launch the Gui
gonna type startx

3.. now x is gonna load up when in x look like windows look for the terminal on the task bar and click it

4 go to the k on the left lower corner just like windows. go to internet > wicc manager. connect to what ever network so you have internet connection.

5.now your in the terminal your ready to start. 

6. gonna start the fun now n00b style. type in msfconsole. this will load metasploit

7 now were gonna create a db = database .
type in this once msf is loaded... db_create 
this probly wont work the first time youll know if it work it say connecting and all that good stuff.... if that does not work type this 
db_driver sqlite3 then type this again and you should be in
db_create

ok so now that db is created and lloaded and connected

8. fun time for real this time. n00b style
type
db_nmap -sS -Pn -f -T4 -O -v your friends ip
hit enter not gonna explain everything but this basicly scans really fast trys to detect what os get fragnments and stealth mode so you bypass there firewall.
detect open ports t

9... Now this is the n00b style right her auto pwn what is does it looks at your nmap results and it takes all the open ports and services and what not and it searches a hudge database of exploits. then it auto trys all the exploits it finds and if ti finds a exploit and a session starts you have full controll of there machine.
heres the command

db_autopwn -p -t -e

nothen else need to type. but dont do this if you dont want to earna skiddie title. this just to get you started...

now if you got a session you can type help and see every command you can run against there machine
shell um upload download screenshot total domination but style like

another thing you can do is make a back door with metasploit and have your friend run it its a windows/meterpreter/reverse_tcp exploit
another thing is 
VNK EXPLOIT SEARCH VNK IN MSF 
find the exploit and set the payloads and lhost srvhost and lport 4444

but im not gonna give you those today sir. to much typeing you can probly google it and find it


----------



## redcoke (Feb 18, 2011)

oh yeah, forgot to ADD THIS I SAID IS NOT MENT TO BE MISSED USED.
IF YOU RUN THIS OR ANY EXPLOIT ON ANY MACHINE, MAKE SURE YOU GONE THREW ALL THE SECURITY REGULATIONS. IF ITS A COMPANY , OR IF ITS A FRIEND MAKE SURE YOU HAVE HIM WRITE ON PAPER THAT YOU WONT BE HELD LIABLE, IF HIS COMPUTER GETS MESSED UP ALONG WITH FULL PERMISSION TO PEN TEST HIS COMPUTER


----------



## 2xg (Aug 5, 2009)

This is an Ancient Thread and must be Closed. Thanks for the feedback.


----------

