0% found this document useful (0 votes)
26 views4 pages

Enum Host

The document summarizes the results of running the enum4linux tool on the target IP address 172.168.1.127. It identified the target as a Samba server on the WORKGROUP workgroup, enumerated shares, users, groups and other information. Password policies were retrieved showing a minimum password length of 5 characters and complexity was disabled. Various services, usernames, and other details were discovered about the target system.

Uploaded by

yixobap953
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
26 views4 pages

Enum Host

The document summarizes the results of running the enum4linux tool on the target IP address 172.168.1.127. It identified the target as a Samba server on the WORKGROUP workgroup, enumerated shares, users, groups and other information. Password policies were retrieved showing a minimum password length of 5 characters and complexity was disabled. Various services, usernames, and other details were discovered about the target system.

Uploaded by

yixobap953
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

Starting enum4linux v0.9.1 ( http://labs.portcullis.co.

uk/application/enum4linux/ )
on Mon Feb 12 11:00:57 2024

#[34m =========================================( #[0m#[32mTarget


Information#[0m#[34m )=========================================

#[0mTarget ........... 172.168.1.127


RID Range ........ 500-550,1000-1050
Username ......... ''
Password ......... ''
Known Usernames .. administrator, guest, krbtgt, domain admins, root, bin, none

#[34m ===========================( #[0m#[32mEnumerating Workgroup/Domain on


172.168.1.127#[0m#[34m )===========================

#[0m#[33m
[+] #[0m#[32mGot domain/workgroup name: WORKGROUP

#[0m
#[34m ===============================( #[0m#[32mNbtstat Information for
172.168.1.127#[0m#[34m )===============================

#[0mLooking up status of 172.168.1.127


BASIC2 <00> - B <ACTIVE> Workstation Service
BASIC2 <03> - B <ACTIVE> Messenger Service
BASIC2 <20> - B <ACTIVE> File Server Service
..__MSBROWSE__. <01> - <GROUP> B <ACTIVE> Master Browser
WORKGROUP <00> - <GROUP> B <ACTIVE> Domain/Workgroup Name
WORKGROUP <1d> - B <ACTIVE> Master Browser
WORKGROUP <1e> - <GROUP> B <ACTIVE> Browser Service Elections

MAC Address = 00-00-00-00-00-00

#[34m ===================================( #[0m#[32mSession Check on


172.168.1.127#[0m#[34m )===================================

#[0m#[33m
[+] #[0m#[32mServer 172.168.1.127 allows sessions using username '', password ''

#[0m
#[34m ================================( #[0m#[32mGetting domain SID for
172.168.1.127#[0m#[34m )================================

#[0mDomain Name: WORKGROUP


Domain Sid: (NULL SID)
#[33m
[+] #[0m#[32mCan't determine if host is part of domain or part of a workgroup

#[0m
#[34m ==================================( #[0m#[32mOS information on
172.168.1.127#[0m#[34m )==================================

#[0m#[33m
[E] #[0m#[31mCan't get OS info with smbclient

#[0m#[33m
[+] #[0m#[32mGot OS info for 172.168.1.127 from srvinfo:
#[0m BASIC2 Wk Sv PrQ Unx NT SNT Samba Server 4.3.11-Ubuntu
platform_id : 500
os version : 6.1
server type : 0x809a03

#[34m =======================================( #[0m#[32mUsers on


172.168.1.127#[0m#[34m )=======================================

#[0m

#[34m =================================( #[0m#[32mShare Enumeration on


172.168.1.127#[0m#[34m )=================================

#[0m
Sharename Type Comment
--------- ---- -------
Anonymous Disk
IPC$ IPC IPC Service (Samba Server 4.3.11-Ubuntu)
Reconnecting with SMB1 for workgroup listing.

Server Comment
--------- -------

Workgroup Master
--------- -------
WORKGROUP BASIC2
#[33m
[+] #[0m#[32mAttempting to map shares on 172.168.1.127

#[0m//172.168.1.127/Anonymous #[35mMapping: #[0mOK#[35m Listing: #[0mOK#[35m


Writing: #[0mN/A
#[33m
[E] #[0m#[31mCan't understand response:

#[0mNT_STATUS_OBJECT_NAME_NOT_FOUND listing \*
//172.168.1.127/IPC$ #[35mMapping: #[0mN/A#[35m Listing: #[0mN/A#[35m Writing:
#[0mN/A

#[34m ===========================( #[0m#[32mPassword Policy Information for


172.168.1.127#[0m#[34m )===========================

#[0m

[+] Attaching to 172.168.1.127 using a NULL share

[+] Trying protocol 139/SMB...

[+] Found domain(s):

[+] BASIC2
[+] Builtin

[+] Password Info for Domain: BASIC2

[+] Minimum password length: 5


[+] Password history length: None
[+] Maximum password age: 37 days 6 hours 21 minutes
[+] Password Complexity Flags: 000000
[+] Domain Refuse Password Change: 0
[+] Domain Password Store Cleartext: 0
[+] Domain Password Lockout Admins: 0
[+] Domain Password No Clear Change: 0
[+] Domain Password No Anon Change: 0
[+] Domain Password Complex: 0

[+] Minimum password age: None


[+] Reset Account Lockout Counter: 30 minutes
[+] Locked Account Duration: 30 minutes
[+] Account Lockout Threshold: None
[+] Forced Log off Time: 37 days 6 hours 21 minutes

#[33m
[+] #[0m#[32mRetieved partial password policy with rpcclient:

#[0mPassword Complexity: Disabled


Minimum Password Length: 5

#[34m ======================================( #[0m#[32mGroups on


172.168.1.127#[0m#[34m )======================================

#[0m#[33m
[+] #[0m#[32mGetting builtin groups:

#[0m#[33m
[+] #[0m#[32m Getting builtin group memberships:

#[0m#[33m
[+] #[0m#[32m Getting local groups:

#[0m#[33m
[+] #[0m#[32m Getting local group memberships:

#[0m#[33m
[+] #[0m#[32m Getting domain groups:

#[0m#[33m
[+] #[0m#[32m Getting domain group memberships:

#[0m
#[34m ==================( #[0m#[32mUsers on 172.168.1.127 via RID cycling (RIDS:
500-550,1000-1050)#[0m#[34m )==================

#[0m#[33m
[I] #[0m#[36mFound new SID:
#[0mS-1-22-1
#[33m
[I] #[0m#[36mFound new SID:
#[0mS-1-5-32
#[33m
[I] #[0m#[36mFound new SID:
#[0mS-1-5-32
#[33m
[I] #[0m#[36mFound new SID:
#[0mS-1-5-32
#[33m
[I] #[0m#[36mFound new SID:
#[0mS-1-5-32
#[33m
[+] #[0m#[32mEnumerating users using SID S-1-5-32 and logon username '', password
''

#[0mS-1-5-32-544 BUILTIN\Administrators (Local Group)


S-1-5-32-545 BUILTIN\Users (Local Group)
S-1-5-32-546 BUILTIN\Guests (Local Group)
S-1-5-32-547 BUILTIN\Power Users (Local Group)
S-1-5-32-548 BUILTIN\Account Operators (Local Group)
S-1-5-32-549 BUILTIN\Server Operators (Local Group)
S-1-5-32-550 BUILTIN\Print Operators (Local Group)
#[33m
[+] #[0m#[32mEnumerating users using SID S-1-5-21-2853212168-2008227510-3551253869
and logon username '', password ''

#[0mS-1-5-21-2853212168-2008227510-3551253869-501 BASIC2\nobody (Local User)


S-1-5-21-2853212168-2008227510-3551253869-513 BASIC2\None (Domain Group)
#[33m
[+] #[0m#[32mEnumerating users using SID S-1-22-1 and logon username '', password
''

#[0mS-1-22-1-1000 Unix User\kay (Local User)


S-1-22-1-1001 Unix User\jan (Local User)

#[34m ===============================( #[0m#[32mGetting printer info for


172.168.1.127#[0m#[34m )===============================

#[0mNo printers returned.

enum4linux complete on Mon Feb 12 11:02:03 2024

You might also like