1. Netbios Enumeration (Port 137)

used for file and printer sharing. port 137. Netbios name 16 characters. 15 chars define name and 16th character type of service. Port 137 is utilized by the NetBIOS Name service.

NetBIOS stands for Network Basic Input Output System. Windows uses NetBIOS for file and printer sharing. A NetBIOS name is a unique computer name assigned to Windows systems, comprising a 16-character ASCII string that identifies the network device over TCP/IP. The first 15 characters are used for the device name, and the 16th is reserved for the service or name record type.

nbtstatMicrosoftLearn

Port 139 is used by SMB dialects that communicate over NetBIOS.

Port 137 is utilized by the NetBIOS Name service.

1. Perform Netbios enumeration with windows command line

check the name

nbtstat -a 192.168.18.110

check the contents of Netbios cache

nbtstat -c

enumerate shares without creating share

net use

2. Netbios enumerator

Windows application

NetBIOS Enumeratornbtenum.sourceforge.net

3. Netbios enumeration with NSE scripts

nmap -sV -v --script nbstat.nse 192.168.18.110

nmap -sU -p 137 --script nbstat.nse 192.168.18.110

Exam Prep & Training for CEH Practical (Unofficial Course)Udemy

PreviousModule 4. Enumeration Next2. SNMP Enumeration (Port 161,162)

Last updated 1 year ago

Was this helpful?