Beginner’s Guide to Telnet [Basics]

– What is Telnet?
Telnet is a Network Protocol and the tool which uses that protocol (i.e Telnet) is also known as Telnet.

– What is its usage?
Well Telnet is used to connect to an External or a Remote Computer via Port 23. You’ll need to enter the Login and Password in order to connect to that remote PC. After connecting to your remote PC you can carry out commands to preform your task on your Remote PC for example you want to create a text file or you want to check how your system is working or you want to check the directory of your remote PC.

– What’s in it for Hackers?
Using Telnet we can preform Banner Grabbing,, it’s infact a method to get a hint or some information about the Host computer like What’s it actually running. Telnet can be used to preform banner grabbing on insecure PC and Servers but we are going to discuss it after discussing it’s usage.

– Telnet Commands
Telnet offers a bunch of commands, here are some:

close ---- close current connection

logout ---- forcibly logout remote user and close the connection

display ---- display operating parameters

mode ---- try to enter line or character mode ('mode ?' for more)

open ---- connect to a site

quit ---- exit telnet

send ---- transmit special characters ('send ?' for more)

set ---- set operating parameters ('set ?' for more)

unset ---- unset operating parameters ('unset ?' for more)

status ---- print status information

toggle ---- toggle operating parameters ('toggle ?' for more)

slc ---- set treatment of special characters

z ---- suspend telnet

– Connecting using Telnet
There are two ways to connect using telnet, one is the direct way and the other is using Telnet commands.

Direct Way:

telnet 192.168.1.1 23

Telnet Way:
First type telnet in console then you’ll enter the Telnet session, type

open 192.168.1.1

The first way is rather easier and I recommend using it, The syntax for Telnet usage is:

telnet IP_ADDRESS PORT

Note: The commands mentioned at the top of this topic are to be used only when using the Telnet way!

– Banner Grabbing
To get the banner of a Server or a Remote PC, we will use telnet to connect to it, so the syntax is same as before:

telnet IP_ADDRESS PORT

Now lets create a sample scenario, I want to get a banner of a site I’m trying to exploit but First I want to know something about it, either it uses Apache, NGINX or a FTP etc which might be weak towards my exploit so we’ll try some ports.

– Test for Server Banner

telnet HOST 80

I get

Connection closed by foreign host

so it’s a fail

Second is I test for FTP

telnet HOST 21

And my luck just kicked in, I get this:

But this is not success because still we didn’t get to know the version of that FTP that we can know the exploit about, lets try another host to see if we get a good and clear banner:

Now we try the second host, Lets do the same thing again but I want to check for SSH too this time.

Test For Server:

telnet HOST 80

-> Failed

Test For FTP:

telnet HOST 21

-> Got the same result as before

Test For SSH:

telnet HOST 22

And We got:

We’ve successfully got the Banner and we know the SSH version of that site/server is using

SSH-2.0-OpenSSH_4.3

We shall add this to our Information Gathering list about that host Smile as banner grabbing is a part of Information Gathering

Security on Linux and Windows:

Most users recommend disabling Telnet on Linux and Windows to avoid hackers skipping in to your system or getting information. Disabling Telnet can be a bonus to security. This is where your programming skills come in, Learn Network Programming, and make a tool alternative to Telnet to do the stuff you want.

This is my last tutorial for Linux as I’ve migrated to Windows again due to certain problems regarding Linux including Incompatibilities. I’ll be posting windows and Linux stuff again soon

Regards,
Ex094

Advertisements

5 thoughts on “Beginner’s Guide to Telnet [Basics]

  1. I have to say, I love your site and contents. I get factual knowledge and learn easily and quickly through your tutorials. Keep up the fantastic work πŸ™‚

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s