weyne/kaliwiki
1
0
Fork 0
mirror of https://github.com/mubix/kaliwiki.git synced 2025-10-29 16:59:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Resolving issue #14

Browse Source 
added two tools, acccheck and nbtscan, and corrected a typo in the link
for zenmap.
This commit is contained in:
Will Pennell 2014-03-30 15:14:53 -04:00
parent 31871362d7
commit 52c04cdec6
3 changed files with 109 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
infogathering/index.md
View File

@ -111,7 +111,7 @@ SMB Analysis
* [acccheck](../tools/acccheck.md) * [acccheck](../tools/acccheck.md)
* [nbtscan](../tools/nbtscan.md) * [nbtscan](../tools/nbtscan.md)
* [nmap](../tools/nmap.md) * [nmap](../tools/nmap.md)
* [zenmap](../tools.zenmap.md) * [zenmap](../tools/zenmap.md)
SMTP Analysis SMTP Analysis
------------ ------------

46
tools/acccheck.md Normal file
View File

@ -0,0 +1,46 @@
# acccheck
Notes
-------
Help Text
-------
```
acccheck.pl v0.2.1 - By Faiz
Description:
Attempts to connect to the IPC$ and ADMIN$ shares depending on which flags have been
chosen, and tries a combination of usernames and passwords in the hope to identify
the password to a given account via a dictionary password guessing attack.
Usage = ./acccheck.pl [optional]
-t [single host IP address]
OR
-T [file containing target ip address(es)]
Optional:
-p [single password]
-P [file containing passwords]
-u [single user]
-U [file containing usernames]
-v [verbose mode]
Examples
Attempt the 'Administrator' account with a [BLANK] password.
acccheck.pl -t 10.10.10.1
Attempt all passwords in 'password.txt' against the 'Administrator' account.
acccheck.pl -t 10.10.10.1 -P password.txt
Attempt all password in 'password.txt' against all users in 'users.txt'.
acccehck.pl -t 10.10.10.1 -U users.txt -P password.txt
Attempt a single password against a single user.
acccheck.pl -t 10.10.10.1 -u administrator -p password
```
Example Usage
-------
Links
-------

62
tools/nbtscan.md Normal file
View File

@ -0,0 +1,62 @@
# nbtscan
Notes
-------
Help Text
-------
```
"Human-readable service names" (-h) option cannot be used without verbose (-v) option.
Usage:
nbtscan [-v] [-d] [-e] [-l] [-t timeout] [-b bandwidth] [-r] [-q] [-s separator] [-m retransmits] (-f filename)|(<scan_range>)
-v verbose output. Print all names received
from each host
-d dump packets. Print whole packet contents.
-e Format output in /etc/hosts format.
-l Format output in lmhosts format.
Cannot be used with -v, -s or -h options.
-t timeout wait timeout milliseconds for response.
Default 1000.
-b bandwidth Output throttling. Slow down output
so that it uses no more that bandwidth bps.
Useful on slow links, so that ougoing queries
don't get dropped.
-r use local port 137 for scans. Win95 boxes
respond to this only.
You need to be root to use this option on Unix.
-q Suppress banners and error messages,
-s separator Script-friendly output. Don't print
column and record headers, separate fields with separator.
-h Print human-readable names for services.
Can only be used with -v option.
-m retransmits Number of retransmits. Default 0.
-f filename Take IP addresses to scan from file filename.
-f - makes nbtscan take IP addresses from stdin.
<scan_range> what to scan. Can either be single IP
like 192.168.1.1 or
range of addresses in one of two forms:
xxx.xxx.xxx.xxx/xx or xxx.xxx.xxx.xxx-xxx.
Examples:
nbtscan -r 192.168.1.0/24
Scans the whole C-class network.
nbtscan 192.168.1.25-137
Scans a range from 192.168.1.25 to 192.168.1.137
nbtscan -v -s : 192.168.1.0/24
Scans C-class network. Prints results in script-friendly
format using colon as field separator.
Produces output like that:
192.168.0.1:NT_SERVER:00U
192.168.0.1:MY_DOMAIN:00G
192.168.0.1:ADMINISTRATOR:03U
192.168.0.2:OTHER_BOX:00U
...
nbtscan -f iplist
Scans IP addresses specified in file iplist.
```
Example Usage
-------
Links
-------