Posted on

NetBIOS enumeration for beginners

Hello, aspiring Ethical Hackers. In our previous blogpost, you learnt what is Enumeration, what are its uses, why it is used and types of enumeration. In this blogpost, you will learn about NetBIOS enumeration.

What is NetBIOS service?

NetBIOS stands for Network Basic Input/Output System. It is used to allow applications and programs on separate computers to communicate with each other and establish sessions. This can be used to access shared resources.

NetBIOS can be used to provide three distinct services. They are NetBIOS Name Service, (NetBIOS-NS), NetBIOS Datagram distribution services (NetBIOS-DGM) and NetBIOS Session service (NetBIOS-SSN). These services run on ports 137,138 and 139 respectively.

What information does NetBIOS enumeration reveal?

It can provide information such as list of computers belonging to a particular domain, list of shares on target systems and sometimes even policies and passwords etc.

How to perform NetBIOS enumeration?

There are many tools that can be used to perform NetBIOS enumeration. Let’s see some of them.

1. nmblookup

The nmblookup command in Linux allows users to query NetBIOS names and maps them to IP addresses in a network using NetBIOS over TCP/IP queries.


2. NBTscan

NBTscan is a program that is used to scan IP networks for NetBIOS name information. It works by sending a NetBIOS status query to target system and lists received information in human readable form.