00 ENUMERATION

nmap -A

nmap -p 1-65535

nmap --script smb-system-info

Samba?

enum4linux

SMB?

smbclient -L=

http or https?

nikto --host

Hydra brute force

hydra -L /root/Desktop/names.txt -P /usr/share/wordlists/rockyou.txt

Supported services: asterisk cisco cisco-enable cvs firebird ftp ftps http[s]-{head|get} http[s]-{get|post}-form http-proxy http-proxy-urlenum icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] mssql mysql nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres rdp redis rexec rlogin rsh s7-300 sip smb smtp[s] smtp-enum snmp socks5 ssh sshkey teamspeak telnet[s] vmauthd vnc xmpp

Previous11 SMB Part 1 Next10 Nmap

Last updated 3 years ago

Was this helpful?