Difference between revisions of "Enumeration Techniques"

From wikieduonline
Jump to navigation Jump to search
Tags: Mobile web edit, Mobile edit
 
(8 intermediate revisions by one other user not shown)
Line 1: Line 1:
 
'''Enumeration''' is defined as the process of extracting user names, machine names, network resources, shares and services from a system. In this phase, the attacker creates an active connection to the system and performs directed queries to gain more information about the target. The gathered information is used to identify the vulnerabilities or weak points in system security and tries to exploit in the System gaining phase.
 
'''Enumeration''' is defined as the process of extracting user names, machine names, network resources, shares and services from a system. In this phase, the attacker creates an active connection to the system and performs directed queries to gain more information about the target. The gathered information is used to identify the vulnerabilities or weak points in system security and tries to exploit in the System gaining phase.
  
===Banner Grabbing===
+
===Types of information:===
*[[Banner Grabbing]]is a technique used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network.
+
 
 +
*Network Resource and shares
 +
 
 +
*Users and Groups
 +
 
 +
*Routing tables
 +
 
 +
*Auditing and Service settings
 +
 
 +
*Machine names
 +
 
 +
*Applications and banners
 +
 
 +
*SNMP and DNS details
 +
 
 +
===Techniques for Enumeration===
 +
 
 +
*Extracting user names using email ID's
 +
 
 +
*Extract information using the default password
 +
 
 +
*Brute Force Active Directory
 +
 
 +
*Extract user names using SNMP
 +
 
 +
*Extract user groups from Windows
 +
 
 +
*Extract information using DNS Zone transfer
 +
 
 +
===Services and Port to Enumerate===
 +
 
 +
*TCP 53: DNS Zone transfer
 +
 
 +
*TCP 135: Microsoft RPC Endpoint Mapper
 +
 
 +
*TCP 137: NetBIOS Name Service
 +
 
 +
*TCP 139: NetBIOS session Service (SMB over NetBIOS)
 +
 
 +
*TCP 445: SMB over TCP (Direct Host)
 +
 
 +
*UDP 161: SNMP
 +
 
 +
*TCP/UDP 389: [[LDAP]]
 +
 
 +
*TCP/UDP 3368: Global Catalog Service
 +
 
 +
*TCP 25: Simple Mail Transfer Protocol (SMTP)
 +
 
 +
==Banner Grabbing==
 +
*[[Banner Grabbing]] is a technique used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network.
 +
 
 +
==NetBIOS Enumeration==
 +
*[[NetBios]] provides communication services on local networks. It uses a software protocol called NetBIOS Frames (NBF) that allows applications and computers on a local area network (LAN) to communicate with network hardware and to transmit data across the network
 +
 
 +
==SNMP Enumeration==
 +
*Simple Network Management Protocol [[SNMP]] is an application-layer protocol used to manage and monitor network devices and their functions. SNMP provides a common language for network devices to relay management information in a local area network ([[LAN]]) or wide area network ([[WAN]]).
  
===NetBIOS Enumeration===
 
*[[NetBios]]
 
===SNMP Enumeration===
 
*[[SNMP]]
 
 
==See also==
 
==See also==
 
*{{Security}}
 
*{{Security}}
 
*{{Linux}}
 
*{{Linux}}
 
*[[Certified Ethical Hacker (CEH) Contents]]
 
*[[Certified Ethical Hacker (CEH) Contents]]

Latest revision as of 07:32, 17 July 2020

Enumeration is defined as the process of extracting user names, machine names, network resources, shares and services from a system. In this phase, the attacker creates an active connection to the system and performs directed queries to gain more information about the target. The gathered information is used to identify the vulnerabilities or weak points in system security and tries to exploit in the System gaining phase.

Types of information:[edit]

  • Network Resource and shares
  • Users and Groups
  • Routing tables
  • Auditing and Service settings
  • Machine names
  • Applications and banners
  • SNMP and DNS details

Techniques for Enumeration[edit]

  • Extracting user names using email ID's
  • Extract information using the default password
  • Brute Force Active Directory
  • Extract user names using SNMP
  • Extract user groups from Windows
  • Extract information using DNS Zone transfer

Services and Port to Enumerate[edit]

  • TCP 53: DNS Zone transfer
  • TCP 135: Microsoft RPC Endpoint Mapper
  • TCP 137: NetBIOS Name Service
  • TCP 139: NetBIOS session Service (SMB over NetBIOS)
  • TCP 445: SMB over TCP (Direct Host)
  • UDP 161: SNMP
  • TCP/UDP 3368: Global Catalog Service
  • TCP 25: Simple Mail Transfer Protocol (SMTP)

[edit]

  • Banner Grabbing is a technique used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network.

NetBIOS Enumeration[edit]

  • NetBios provides communication services on local networks. It uses a software protocol called NetBIOS Frames (NBF) that allows applications and computers on a local area network (LAN) to communicate with network hardware and to transmit data across the network

SNMP Enumeration[edit]

  • Simple Network Management Protocol SNMP is an application-layer protocol used to manage and monitor network devices and their functions. SNMP provides a common language for network devices to relay management information in a local area network (LAN) or wide area network (WAN).

See also[edit]

Advertising: