3. Perform OS Discovery

Identifying the OS used on the target system allows you to assess the system’s vulnerabilities and the exploits that might work on the system to perform additional attacks.

1. Identify OS with TTL in wireshark

Follow TCP stream in wireshark. Check the ICMP reply after pinging. If TTL is around 128, its Windows, if around 64, its Linux

2. Perform OS Discovery using NSE scripting Engine

sudo nmap -O 192.168.18.110
sudo nmap -A 192.168.18.110

Enumerating OS details with nmap script over smb

sudo nmap --script smb-os-discovery.nse 192.168.18.110

3. Unicornscan

unicornscan 192.168.18.100 - Iv

-I is for immediate scan and v is for verbose scan.

Previous2. Port and Service Discovery Next4. Scan beyond Firewalls and IDS

Last updated 1 month ago