Se puede conseguir usando los siguientes comandos:
- nmap -sU -sS --script smb-os-discovery.nse -p U:137,T:139 <IP HOST>
- nmap --script smb-os-discovery.nse -p445 <IP HOST>
Observaciones
- Revisar si tenemos el script smb-os-discovery.nse en el directorio de plugins de nmap, usualmente en el path "/usr/share/nmap/scripts/"
- Ejecute con privilegios root o usando sudo
[user@host ~]$ sudo nmap -sU -sS --script smb-os-discovery.nse -p U:137,T:139 192.168.1.130
Starting Nmap 6.01 ( http://nmap.org ) at 2012-12-13 13:03 CST
Nmap scan report for 192.168.1.130
Host is up (0.00057s latency).
PORT STATE SERVICE
139/tcp open netbios-ssn
137/udp open netbios-ns
MAC Address: 08:00:27:ED:F6:BD (Cadmus Computer Systems)
Host script results:
| smb-os-discovery:
| OS: Windows XP (Windows 2000 LAN Manager)
| Computer name: lalala-b45630c3
| NetBIOS computer name: LALALA-B45630C3
| Workgroup: GRUPO_TRABAJO
|_ System time: 2012-12-13 13:03:25 UTC+1
Nmap done: 1 IP address (1 host up) scanned in 0.39 seconds
[user@host ~]$ sudo nmap --script smb-os-discovery.nse -p445 192.168.1.130
Starting Nmap 6.01 ( http://nmap.org ) at 2012-12-13 13:08 CST
Nmap scan report for 192.168.1.130
Host is up (0.00056s latency).
PORT STATE SERVICE
445/tcp open microsoft-ds
MAC Address: 08:00:27:ED:F6:BD (Cadmus Computer Systems)
Host script results:
| smb-os-discovery:
| OS: Windows XP (Windows 2000 LAN Manager)
| Computer name: lalala-b45630c3
| NetBIOS computer name: LALALA-B45630C3
| Workgroup: GRUPO_TRABAJO
|_ System time: 2012-12-13 13:08:54 UTC+1
Nmap done: 1 IP address (1 host up) scanned in 0.34 seconds
No hay comentarios.:
Publicar un comentario