Enumeration occurs after scanning and is the process of gathering and compiling usernames, machine names, network resources, shares, and services. It also refers to actively querying or connecting to a target system to acquire this information.
Hackers need to be methodical in their approach to hacking. The following steps are an example of those a hacker might perform in preparation for hacking a target system:
  1. Extract usernames using enumeration.
  2. Gather information about the host using null sessions.
  3. Perform Windows enumeration using the SuperScan tool.
  4. Acquire the user accounts using the tool GetAcct.
  5. Perform SNMP port scanning.
The object of enumeration is to identify a user account or system account for potential use in hacking the target system. It isn't necessary to find a system administrator account, because most account privileges can be escalated to allow the account more access than was previously granted.
The process of privilege escalation is covered in the next chapter.
Many hacking tools are designed for scanning IP networks to locate NetBIOS name information. For each responding host, the tools list IP address, NetBIOS computer name, logged-in username, and MAC address information.
On a Windows 2000 domain, the built-in tool net view can be used for NetBIOS enumeration. To enumerate NetBIOS names using the net view command, enter the following at the command prompt:
    net view / domain
    nbtstat -A IP address

No comments:

Post a Comment

Popular Posts