Enumeration Flashcards
What port does BGP use?
179
What port does NetBIOS use for accessing resources?
139
What port does IPSEC IKE use?
500
Which of the following port numbers is used by the Windows NetBIOS session service for both null-session establishment as well as file and printer sharing
TCP 139
What port does LDAP use by default?
389
What does PsList do?
PsList displays the CPU and memory information or thread statistics.
Which NetBIOS service code is used to obtain information related to the master browser name (aka domain name) for the subnet?
<1D>
Which NetBIOS service code is used to obtain information related to the username of the logged in user, or the host name?
<03>
Which NetBIOS service code is used to obtain the host name?
<20>
Which flag do you pass to nbtstat to display the count of all names resolved by a broadcast or WINS server?
-r
Which command allows an SNMP agent to inform the pre-configured SNMP manager of a certain event
Trap
Which MIB (management information base) contains WINS (Windows Internet Name Service) object types?
WINS.MIB
Which MIB (management information base) contains host resources object types?
HOSTMIB.MIB
Which MIB (management information base) contains TCP/IP-based object types?
MIB_II.MIB
Which MIB (management information base) contains Workstation and Server Services object types?
LNMIB2.MIB
Which command is used by an SNMP agent to meet a request made by the SNMP manager?
GetResponse
Which protocol enables an attacker to enumerate user accounts and devices on a target system
SNMP
What is JXplorer?
JXplorer is an LDAP enumeration tool
What do you pass to ntpdate to force the time to always be skewed?
-B
What do you pass to ntpdate to force the time to always be stepped?
-b
What do you pass to ntpdate to enable debugging mode?
-d
What do you pass to ntpdate to query an ntp server without updating the clock?
-q
What is RPCScan?
An NFS enumeration tool
What is ntpdc?
A command used by the attackers to query the ntpd daemon about its current state
What does the -h flag do when passed to smtp-user-enum?
-h specifies the hostname of the SMTP server
What does the -u flag do when passed to smtp-user-enum?
-u username specifies a user whose existence you’d like to check on a given SMTP server.
What does the -U flag do when passed to smtp-user-enum?
Check usernames listed in given file to see if they exist on given SMTP server
What does the -u flag do when passed to smtp-user-enum?
Use the hostnames given in the file to enumerate SMTP servers.
What is the VRFY SMTP command?
VRFY validates users
What is the EXPN SMTP command?
EXPN tells the actual delivery addresses of aliases and mailing lists
What is the RCPT TO SMTP command?
Defines the recipients of the message
What is the default SMB port?
445
What is Enyx?
Enyx is an enumeration tool that fetches the IPv6 address of a machine through SNMP
What is Svmap?
Svmap is an open-source scanner that identifies SIP devices and PBX servers on a target network. It can be helpful for system administrators when used as a network inventory tool
What is ike-scan?
ike-scan discovers IKE hosts and can fingerprint them using the retransmission backoff pattern
Which flag do you pass to finger to prevent the matching of usernames?
-m
Which flag do you pass to finger to display the user’s login name, real name, terminal name, idle time, login time, office location and office phone number?
-s
Which flag do you pass to finger to output a detailed multi-line output?
-l
Which flag do you pass to finger to prevent the -l flag from displaying the contents of the .plan, .project, and .pgpkey files?
-p
What’s SNMP’s default port?
161
