Enumeration Flashcards
What is Enumeration?
Enumeration is the process of extracting usernames, machine names, network resources, shares and services from a system or network.
An attacker creates active connections with the system security which help them exploit the target system.
Identify enumeration techniques.
Extract usernames using email IDs
Extract information using default passwords
Brute force active directory
Extract information using DNS Zone Transfer
Extact user groups from Windows
Extract Usernames using SNMP
Extract network resources and topology using SNMP
Explain Extract usernames using emails IDs.
Every email address contains two parts, a username and domain name in the format username@domainname.
Explain Extract information using default passwords.
Many online resources provide a list of default passwords assignned by manufactureres to their products.
Users often ignore recommendations to change the default usernames and passwords probided by the manufacturer or developer of a product.
Explain Brute forces active directory.
Microsoft active directory is susceptible to username enumeration at the time of user-supplied input verification. This is a design error in the Microsfot Active Directory implementation.
If a user enables the “logon hours” feature, then all the attempts at service authentication result in different error messages.
Explain Extract information using DNS Zone Transfer.
A network administrator can use DNS zone transfer to replicate DNS data across several DNS servers or back up DNS files. For this purpose the administrator needs to execure a specific zone-transfer request to the name server.
If network administrators did not configure the dns server properly, the DNS zone transfer can be an effective method to obtain information about the organizations network.
Explain Extract user groups from windows
To extract user groups from windows the attacker should have a registered ID as a user in active Directory. The attacker can then extract information from groups in which the user in a members.
Explain Extract usernames using SNMP.
Attackers can easily guess read-only or read-write community strings by using the snmp application programming interface to extract usernames.
Explain Extract network resources and topology using SNMP.
Attackers can methodically query the SNMP tree to gather detailed infromation about network resources and topology.
What information can you get from NetBIOS enumeration?
The list of computers that belong to a domain.
The list of shares on the individual hosts in a network.
Policies and passwords.
What information can you get from SNMP enumeration?
It is the process of creating a list of the users accounts and devices on a target computer.
Hosts, routersm devices and shares as wellas as network infromation such as ARP tables, routing tables, device specific information and traffic statistics.
What information can you get from LDAP enumeration?
It can provide any organized set of records often in hierarchical and logical structure such as a corporate email directory.
Usernames
addresses
departmental details
server names
What information can you get from NTP and NFS enumeration?
NTP:
List of hsot connected to the HTP server
Clients IP addresses in the network their system names and OSs
Internal IPs if the NTP server is in the demilitarized zone.
NFS:
Identify exported directories
list of clients
IP addresses
What information can you get from SMTP and DNS enumeration?
SMTP:
Due to responding to valid and invalid users therefore valid users on the SMTP server can be determined.
Attackers can directly interact with SMTP via the telnet prompt and collect a lsit of valid users on the smtp server.
DNS:
Attackers attempt to retieve a copy of the entire zone file for a domain from the DNS server.
