Skip to main content

Ethical Hacking - Enumeration

Enumeration belongs to the first phase of Ethical Hacking, i.e., “Information Gathering”. This is a process where the attacker establishes an active connection with the victim and try to discover as much attack vectors as possible, which can be used to exploit the systems further.
Enumeration can be used to gain information on −
  • Network shares
  • SNMP data, if they are not secured properly
  • IP tables
  • Usernames of different systems
  • Passwords policies lists
Enumerations depend on the services that the systems offer. They can be −
  • DNS enumeration
  • NTP enumeration
  • SNMP enumeration
  • Linux/Windows enumeration
  • SMB enumeration
Let us now discuss some of the tools that are widely used for Enumeration.

NTP Suite

NTP Suite is used for NTP enumeration. This is important because in a network environment, you can find other primary servers that help the hosts to update their times and you can do it without authenticating the system.
Take a look at the following example.
ntpdate 192.168.1.100 01 Sept 12:50:49 ntpdate[627]: 
adjust time server 192.168.1.100 offset 0.005030 sec 

or 
ntpdc [-ilnps] [-c command] [hostname/IP_address] 
  
root@test]# ntpdc -c sysinfo 192.168.1.100 
***Warning changing to older implementation 
***Warning changing the request packet size from 160 to 48 
system peer: 192.168.1.101 

system peer mode: client
leap indicator: 00 
stratum: 5  

precision: -15 
root distance: 0.00107 s 
root dispersion: 0.02306 s 
reference ID: [192.168.1.101] 
reference time: f66s4f45.f633e130, Sept 01 2016 22:06:23.458 
system flags: monitor ntp stats calibrate 
jitter: 0.000000 s 
stability: 4.256 ppm 
broadcastdelay: 0.003875 s 
authdelay: 0.000107 s

enum4linux

enum4linux is used to enumerate Linux systems. Take a look at the following screenshot and observe how we have found the usernames present in a target host.
enum4linux

smtp-user-enum

smtp-user-enum tries to guess usernames by using SMTP service. Take a look at the following screenshot to understand how it does so.
SMTP

Quick Fix

It is recommended to disable all services that you don’t use. It reduces the possibilities of OS enumeration of the services that your systems are running.

Comments

Post a Comment

Popular posts from this blog

IMPORTANCE AND ADVANTAGES OF SIWES

STUDENTS INDUSTRIAL WORK EXPERIENCE SCHEME (SIWES) The Industrial Training/Students Industrial Work Experience Scheme, IT/SIWES is a new Directorate under the Vice-Chancellor’s Office.  It was established on 20th April, 2012 The Students Industrial Work Experience Scheme (SIWES) is a skills training programme designed to expose and prepare students of universities and other tertiary institutions for the Industrial Work situation they are likely to meet after graduation.  It is also a planned and structured programme based on stated and specific career objectives which are geared towards developing the occupational competencies of participants (Mafe, 2009).  Consequently, the SIWES programme is a compulsory graduation requirement for all Nigerian university students offering certain courses. The Students Industrial Work Experience Scheme (SIWES), is the accepted training pro...
1 comment
Read more

Hack Instagram Account with ighack

Ighack is a secure Instagram account hacking application that allows you to hack Instagram password free. The best part of the application is that it does not require any survey or download. It is available free on the internet. I addition to being free to use, this app is compatible with every device. The application has a reputation of being authentic and untraceable. Let us look into the procedure needed to follow for hacking Instagram passwords. Step 1: Visit the website ighack.net and click on ‘Start Hack’ option. Step 2: Enter the user name of the target’s Instagram account when the system asks you to do so and click the ‘Hack’ button. Step 3: Allow the application to do the rest. The ighack server establishes contact with Instagram server and searches for the password in the Instagram database by matching the username ID. Step 4: On extraction of the data, the installed software program automatically decrypts the data. Step 5: The system delivers the password to...
1 comment
Read more

How to Reset HP Elitebook 8460p BIOS/Administrator Password

Have you  forgotten HP Elitebook 8460p password , bios or administrator account password? How to do if both of them lost? It seems hard though there may be lots of ways that can solve it. But if we talk about it separately, such as in two parts,  HP elitebook password reset  would be not so difficult. Part 1: Reset HP Elitebook 8460p BIOS password Part 2: HP Elitebook 8460p Administrator password recovery Part 1: How to Reset Forgotten HP Elitebook BIOS Password? Generally, there are two ways to  reset forgotten BIOS password .  One  is forcing BIOS/CMOS to reset itself to its stored defaults by removing all power from it.  The other  is to use a program to either locate or identify the password, and reveal it to you or erasing the password clearly. And the most easiest and convenient method for erasing dynamic BIOS/CMOS settings is to remove battery directly from the motherboard. However, it applies to most motherboards besides HP...
Post a Comment
Read more