diciembre 13, 2012

Obtener nombre NetBIOS con NMAP

Se puede conseguir usando los siguientes comandos:
  • nmap -sU -sS --script smb-os-discovery.nse -p U:137,T:139 <IP HOST>
  • nmap --script smb-os-discovery.nse -p445 <IP HOST>
 Observaciones
  1. Revisar si tenemos el script smb-os-discovery.nse en el directorio de plugins de nmap, usualmente en el path "/usr/share/nmap/scripts/"
  2. Ejecute con privilegios root o usando sudo

 
[user@host ~]$ sudo nmap -sU -sS --script smb-os-discovery.nse -p U:137,T:139 192.168.1.130

Starting Nmap 6.01 ( http://nmap.org ) at 2012-12-13 13:03 CST
Nmap scan report for 192.168.1.130
Host is up (0.00057s latency).
PORT    STATE SERVICE
139/tcp open  netbios-ssn
137/udp open  netbios-ns
MAC Address: 08:00:27:ED:F6:BD (Cadmus Computer Systems)

Host script results:
| smb-os-discovery: 
|   OS: Windows XP (Windows 2000 LAN Manager)
|   Computer name: lalala-b45630c3
|   NetBIOS computer name: LALALA-B45630C3
|   Workgroup: GRUPO_TRABAJO
|_  System time: 2012-12-13 13:03:25 UTC+1

Nmap done: 1 IP address (1 host up) scanned in 0.39 seconds

 
[user@host ~]$ sudo nmap --script smb-os-discovery.nse -p445 192.168.1.130

Starting Nmap 6.01 ( http://nmap.org ) at 2012-12-13 13:08 CST
Nmap scan report for 192.168.1.130
Host is up (0.00056s latency).
PORT    STATE SERVICE
445/tcp open  microsoft-ds
MAC Address: 08:00:27:ED:F6:BD (Cadmus Computer Systems)

Host script results:
| smb-os-discovery: 
|   OS: Windows XP (Windows 2000 LAN Manager)
|   Computer name: lalala-b45630c3
|   NetBIOS computer name: LALALA-B45630C3
|   Workgroup: GRUPO_TRABAJO
|_  System time: 2012-12-13 13:08:54 UTC+1

Nmap done: 1 IP address (1 host up) scanned in 0.34 seconds
Etiquetas:

No hay comentarios.:

Publicar un comentario

Suscribirse a: Comentarios de la entrada (Atom)