Enumeration is the next process/steps after scanning and it is the process of gathering and compiling username, machine names, network resources, shares, and services and it also involves in active connections to systems and directed queries.
Why Enumeration is needed – We can get the answer of this question in System Hacking Cycle
So firstly we have to enumerate users ,crack the password and gain access to the system , Escalate to the level of administrator ,execute application like spywares, rootskit etc then hide hacking tools and source code and finally erase your tracks so that you will not be caught.
Technique For Enumeration
- Extract user names using win2k Enumeration
- Extract user names using SNMP
- Extract user names using Email IDs
- Extract information using default passwords
- Brute force Active Directory
Tools Used for Enumeration
SNMP Enumeration – SNMP stand for Simple Network Managemnet Protocol.Managers send request to agents and the agents send back replies, the request and replies refer to a variable accesible to the agent softwares and manager can also sends requests to set values for certain variables.
Trap make the manager aware that something significant is happened at the agent’s end of the things:
- A reboot
- An interface failure
- or something else that is potentially bad happened
Management Information Base provides a standard represenattion of the SNMP agent’s avaliable information and where it is stored.it is the most basic element of network management. It adds new syntax types and add more manageable object of the MIB tree
Solarwinds – IT is a set of network management tools , the tools set of consist of are Discovery , Cisco tools , ping tools , MIB browser etc.
SNScan – Its a window based SNMP scanner that can effectively detect SNMP – devices on the network.
NTP Enumeration – Network Time protocol is designed to synchronized clocks of network computer. NTP uses UDP port 123 as its primary means of communication.
SMTP Enumeration – Simple Mail Transfer Protocol is used to send email messages as opposed to POP3 or IMAP which can be used to both send and receive message. Its generally relies on using Mail Exchange servers to direct the mail via Domain Name Server.
SMTP Scan – it is used to identify which mail server is used on a remote server especially when banner obfuscation is taking place.
Web Enumeration – Hyper Text Transfer Protocol is used to World Wide Web to display and distribute the information.
Hope you are enjoying our Tutorials on Learn ABC of Hacking Keep Visiting !!