How do I use Metasploit to perform NetBIOS enumeration on a target

0 votes
I’d like to use Metasploit to perform NetBIOS enumeration on a target machine and gather information on shares and other network resources. Can anyone walk me through the process of setting up and using Metasploit modules for this purpose?

I’m familiar with the basics of Metasploit, but I’d like specific steps or command examples that can help me carry out effective enumeration.
Nov 6 in Cyber Security & Ethical Hacking by Anupam
• 5,390 points
49 views

1 answer to this question.

0 votes

It's common practice to use Metasploit for NetBIOS enumeration in order to collect data on shared files, network resources, and system information.

Using Metasploit for NetBIOS Enumeration

1. Set Up Metasploit Framework

• Launch the Metasploit Console:

msfconsole

2. Use the nbname Auxiliary Module

The nbname module scans hosts and retrieves their NetBIOS names, workgroup details, and other information.

• Load the Module:

use auxiliary/scanner/netbios/nbname

• View Module Options:

show options

• Key Parameters:

  • RHOSTS: Target IP range or CIDR (e.g., 192.168.1.0/24).
  • THREADS: Number of concurrent threads (default: 10).
  • RPORT: NetBIOS port (default: 137).

• Set Target Hosts:

set RHOSTS 192.168.1.200-210

• Adjust Threads (Optional):

set THREADS 11

• Run the Module:

run

• Output Example:

[*] 192.168.1.200 [METASPLOITABLE] OS:Unix Names:(METASPLOITABLE, WORKGROUP) Addresses:(192.168.1.208) Mac:00:00:00:00:00:00
[*] 192.168.1.201 [XEN-XP-SPLOIT] OS:Windows Names:(XEN-XP-SPLOIT, WORKGROUP) Addresses:(192.168.1.201) Mac:8a:e9:17:42:35:b0

3. Using the nbname_probe Auxiliary Module

This module sequentially probes NetBIOS services for similar information.

• Load the Module:

use auxiliary/scanner/netbios/nbname_probe

• View Module Options:

show options

• Set Target Hosts:

set RHOSTS 192.168.1.200-210

• Adjust Threads (Optional):

set THREADS 11

• Run the Module:

run

• Output Example:

[*] 192.168.1.205 [XEN-2K3-64] OS:Windows Names:(XEN-2K3-64, WORKGROUP, __MSBROWSE__) Addresses:(192.168.1.205) Mac:3a:f1:47:f6:a3:ab

Interpreting Results

  • NetBIOS Names: Machine names and workgroups are useful for identifying systems on the network.
  • OS Information: Operating system details (e.g., Windows, Unix) can help plan further enumeration or exploitation.
  • MAC Addresses: Can be used to identify hardware or vendors.
answered Nov 18 by CaLLmeDaDDY
• 6,540 points

Related Questions In Cyber Security & Ethical Hacking

0 votes
0 answers

How do I write a simple PERL script to scan for open ports on a target machine?

I’m learning about network security and I ...READ MORE

Oct 17 in Cyber Security & Ethical Hacking by Anupam
• 5,390 points
113 views
0 votes
0 answers
0 votes
0 answers

I do not have a real result about encryption file use AES mode CFB in pycrptodome on python

I'm using Ubuntu win. on python I ...READ MORE

Aug 23, 2019 in Cyber Security & Ethical Hacking by Ahmed
• 310 points

closed Aug 23, 2019 by Ahmed 895 views
+1 vote
1 answer

How do you decrypt a ROT13 encryption on the terminal itself?

Yes, it's possible to decrypt a ROT13 ...READ MORE

answered Oct 17 in Cyber Security & Ethical Hacking by CaLLmeDaDDY
• 6,540 points
114 views
+1 vote
1 answer
+1 vote
1 answer
+1 vote
1 answer
+1 vote
1 answer
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP