Technorati Tag: Hacking Windows
This will explain the "uses" of IPC for hackers. Inter-Process Communication is used for data sharing between applications and computers. We will be looking at Windows NT default IPC$ share use for communication between computers. This share is what we use to start to gain access to the server. What we will look at before we start is the NET commands for the console in NT. (Note I was unable to create a null connection using a 95/98 computer I had to use an NT computer) The net commands that we will be using are net use and net view. Now get in to the console (fake ms-dos) in windows. Pick out your target and make sure that it is an NT system and it has port 139 open. You need port 139 open so that net-bios is on. After checking for that you go to the console and type:

Example 1> C:\>NET USE \\TARGET\IPC$ * /USER:
Example 2> C:\>NET USE \\TARGET\IPC$ * /USER:""
Example 3> C:\>NET USE \\TARGET\IPC$ "" /USER:""

• Note: For some reason the command varies a little bit from NT to NT
• Note: TARGET is the name or IP of the computer, ex. \\211.3.4.11\ipc$ * /user:
• Note: If it works youll get> The command completed successfully.
• Note: To check the connection type NET USE \\TARGET\IPC$

After starting a null connection you could try to access the hidden shares. The default hidden shares are: C$, PRINT$, ADMIN$, IPC$. As you can probably tell shares are hidden by putting a $ at the end of the share name. Sometime shares don't have passwords so you can use them. When you create a null connection you have the least possible rights. Next you could try using net view. To do this open the console and type:

Example:

C:\>net view \\TARGET (Shares)
Or
C:\>net view /workgroup:TARGETWG (Computers in workgroup)
Or
C:\>net view /domain:TARGETD (Computers in domain)