Originally Posted by jumanji21
i am new to hacking.. and i want to hack my friend's computer for fun....
i know his ip, also i am able to connect through remote desktop but after connecting it ask for username and password....how can i bypass this? or how can i log into his system remotely??
First, get his permission. Second, before you get too deep into hacking, you should familiarize yourself with cyber-crime laws. You need to make sure you know where your boundaries are.
I would do a few different things if I were auditing a computer in this situation. The first thing I would want to know is if he pays attention to what's going on with his system. Does he view the logs frequently? If not, some rdp brute forcing might be in order. Tsgrinder or a similar tool would do the trick, assuming he doesn't use a strong password. If he does view the logs, then the last thing I'd try is brute-forcing because it leaves a huge footprint. So I would probably find out what OS he is using and try the default usernames and passwords. (Most versions of windows have default users created by microsoft like HelpAssistant and Administrator that the average user doesn't even notice or do anything about.) If that failed, I'd consider something like writing a small batch script that runs the netusers hack when he executes it. I'd also see if there were any other services with unpatched vulnerabilities that I could exploit. Then there's social engineering via email spoofing, the traditional malware attacks, etc. As a last resort, I might try binding an obfuscated sub7 server to an mp3 or some such file and sending it to him.
There's an infinite number of ways to hack into computers, and if I were to see the computer myself, I would probably remove half of the things I mentioned above and add dozens of other approaches. But for this situation, within the ethical hacking
realm, these are the first few approaches that come to mind.
But remember, before you go experimenting with this kind of stuff, you need to know your boundaries. If you're in the US, cornell university has a website with all the laws related to cyber-crime on it. If you're outside the US, I'm sure there's a government website with the information you need. One reason I'm stressing this so much is because you're new to hacking, and since you're just starting out, you're vulnerable to doing something you don't realize the consequences of, as well as being more likely to experience those consequences because until you really know what you're doing, you're more likely to attract attention/get caught if you're doing something illegal (even without knowing that it's illegal).