Posted in: Network Penetration Testing

NetBios Penetration Testing Fundamentals

What is NetBios?

Name service for name registration and resolution (ports: 137/udp and 137/tcp).

Datagram distribution service for connectionless communication (port: 138/udp).

Session service for connection-oriented communication (port: 139/tcp).

Remember always test the default Windows credentials for old systems.
Administrator: <BLANK>
SID 5000 is admin account

Enumerate What?

Enumerating SIDs

Enumerating User Accounts

Administrator ID

Without Authentication

nbstat
nmblookup -A 192.168.1.95
nmblookup
nmap -sV 192.168.1.95 --script nbstat.nse 
Nmap Netbios Scan

With Authentication

Microsoft Tools

  • Dsget
  • PsList
  • psloggedon
  • PsLogList
  • PsPasswd
  • PsShutdown
  • NetBIOS Enumerator

NetBios Exploits

NetBIOS Name Service Spoofer

smb_ms17_010

ms17_010_eternalblue

Leave a Reply Cancel reply

Back to Top
Index