hacktricks/network-services-pentesting/113-pentesting-ident.md

# 113 - Pentesting Ident

<details>

<summary><strong>Aprenda hacking no AWS do zero ao herói com</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Outras formas de apoiar o HackTricks:

* Se você quer ver sua **empresa anunciada no HackTricks** ou **baixar o HackTricks em PDF**, confira os [**PLANOS DE ASSINATURA**](https://github.com/sponsors/carlospolop)!
* Adquira o [**material oficial PEASS & HackTricks**](https://peass.creator-spring.com)
* Descubra [**A Família PEASS**](https://opensea.io/collection/the-peass-family), nossa coleção de [**NFTs**](https://opensea.io/collection/the-peass-family) exclusivos
* **Junte-se ao grupo** 💬 [**Discord**](https://discord.gg/hRep4RUj7f) ou ao grupo [**telegram**](https://t.me/peass) ou **siga-me** no **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Compartilhe suas técnicas de hacking enviando PRs para os repositórios github do** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud).

</details>

<figure><img src="../.gitbook/assets/image (3) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>

Use [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) para construir e **automatizar fluxos de trabalho** com facilidade, utilizando as ferramentas comunitárias **mais avançadas** do mundo.\
Obtenha Acesso Hoje:

{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}

## Informações Básicas

É um [protocolo](https://en.wikipedia.org/wiki/Protocol\_\(computing\)) da [Internet](https://en.wikipedia.org/wiki/Internet) que ajuda a identificar o usuário de uma conexão [TCP](https://en.wikipedia.org/wiki/Transmission\_Control\_Protocol) específica.

**Porta padrão:** 113
```
PORT    STATE SERVICE
113/tcp open  ident
```
## **Enumeração**

### **Manual - Obter usuário/Identificar o serviço**

Se uma máquina estiver executando o serviço ident e samba (445) e você estiver conectado ao samba usando a porta 43218. Você pode descobrir qual usuário está executando o serviço samba fazendo:

![](<../.gitbook/assets/image (15) (1) (1).png>)

Se você apenas pressionar enter quando se conectar ao serviço:

![](<../.gitbook/assets/image (16) (1) (1).png>)

Outros erros:

![](<../.gitbook/assets/image (17) (1).png>)

### Nmap

Por padrão (-sC), o nmap identificará todos os usuários de todas as portas em execução:
```
PORT    STATE SERVICE     VERSION
22/tcp  open  ssh         OpenSSH 4.3p2 Debian 9 (protocol 2.0)
|_auth-owners: root
| ssh-hostkey:
|   1024 88:23:98:0d:9d:8a:20:59:35:b8:14:12:14:d5:d0:44 (DSA)
|_  2048 6b:5d:04:71:76:78:56:96:56:92:a8:02:30:73:ee:fa (RSA)
113/tcp open  ident
|_auth-owners: identd
139/tcp open  netbios-ssn Samba smbd 3.X - 4.X (workgroup: LOCAL)
|_auth-owners: root
445/tcp open  netbios-ssn Samba smbd 3.0.24 (workgroup: LOCAL)
|_auth-owners: root
```
### Ident-user-enum

Ident-user-enum é um script PERL simples para consultar o serviço ident (113/TCP) com o objetivo de determinar o proprietário do processo que está ouvindo em cada porta TCP de um sistema alvo. A lista de nomes de usuário coletada pode ser usada para ataques de adivinhação de senha em outros serviços de rede. Pode ser instalado com `apt install ident-user-enum`.
```
root@kali:/opt/local/recon/192.168.1.100# ident-user-enum 192.168.1.100 22 113 139 445
ident-user-enum v1.0 ( http://pentestmonkey.net/tools/ident-user-enum )

192.168.1.100:22  root
192.168.1.100:113 identd
192.168.1.100:139 root
192.168.1.100:445 root
```
### Shodan

* `oident`

## Arquivos

identd.conf

<figure><img src="../.gitbook/assets/image (3) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>

Use [**Trickest**](https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks) para construir e **automatizar fluxos de trabalho** com o suporte das ferramentas comunitárias **mais avançadas** do mundo.\
Obtenha Acesso Hoje:

{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}

## Comandos Automáticos HackTricks
```
Protocol_Name: Ident    #Protocol Abbreviation if there is one.
Port_Number:  113     #Comma separated if there is more than one.
Protocol_Description: Identification Protocol         #Protocol Abbreviation Spelled out

Entry_1:
Name: Notes
Description: Notes for Ident
Note: |
Is an Internet protocol that helps identify the user of a particular TCP connection.

https://book.hacktricks.xyz/pentesting/113-pentesting-ident

Entry_2:
Name: Enum Users
Description: Enumerate Users
Note: apt install ident-user-enum    ident-user-enum {IP} 22 23 139 445 (try all open ports)
```
<details>

<summary><strong>Aprenda hacking no AWS do zero ao herói com</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Outras formas de apoiar o HackTricks:

* Se você quer ver sua **empresa anunciada no HackTricks** ou **baixar o HackTricks em PDF**, confira os [**PLANOS DE ASSINATURA**](https://github.com/sponsors/carlospolop)!
* Adquira o [**material oficial PEASS & HackTricks**](https://peass.creator-spring.com)
* Descubra [**A Família PEASS**](https://opensea.io/collection/the-peass-family), nossa coleção de [**NFTs**](https://opensea.io/collection/the-peass-family) exclusivos
* **Junte-se ao grupo** 💬 [**Discord**](https://discord.gg/hRep4RUj7f) ou ao grupo [**telegram**](https://t.me/peass) ou **siga-me** no **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Compartilhe suas técnicas de hacking enviando PRs para os repositórios github do** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud).

</details>
GitBook: [#3195] No subject 2022-05-08 23:13:03 +00:00			`# 113 - Pentesting Ident`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`<details>`

Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`<summary><strong>Aprenda hacking no AWS do zero ao herói com</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`Outras formas de apoiar o HackTricks:`

			`* Se você quer ver sua empresa anunciada no HackTricks ou baixar o HackTricks em PDF, confira os [PLANOS DE ASSINATURA](https://github.com/sponsors/carlospolop)!`
			`* Adquira o [material oficial PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Descubra [A Família PEASS](https://opensea.io/collection/the-peass-family), nossa coleção de [NFTs](https://opensea.io/collection/the-peass-family) exclusivos`
			`* Junte-se ao grupo 💬 [Discord](https://discord.gg/hRep4RUj7f) ou ao grupo [telegram](https://t.me/peass) ou siga-me no Twitter 🐦 [@carlospolopm](https://twitter.com/carlospolopm).`
			`* Compartilhe suas técnicas de hacking enviando PRs para os repositórios github do [HackTricks](https://github.com/carlospolop/hacktricks) e [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud).`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`

Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`<figure><img src="../.gitbook/assets/image (3) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>`
GitBook: [#3633] No subject 2022-10-27 23:22:18 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`Use [Trickest](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) para construir e automatizar fluxos de trabalho com facilidade, utilizando as ferramentas comunitárias mais avançadas do mundo.\`
			`Obtenha Acesso Hoje:`
GitBook: [#3633] No subject 2022-10-27 23:22:18 +00:00
			`{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}`

Translated to Portuguese 2023-06-06 18:56:34 +00:00			`## Informações Básicas`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['README.md', 'cryptography/certificates.md', 'forensics/basi 2023-09-03 18:16:00 +00:00			`É um [protocolo](https://en.wikipedia.org/wiki/Protocol\_\(computing\)) da [Internet](https://en.wikipedia.org/wiki/Internet) que ajuda a identificar o usuário de uma conexão [TCP](https://en.wikipedia.org/wiki/Transmission\_Control\_Protocol) específica.`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Porta padrão: 113`
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`PORT STATE SERVICE`
			`113/tcp open ident`
			```
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`## Enumeração`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`### Manual - Obter usuário/Identificar o serviço`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`Se uma máquina estiver executando o serviço ident e samba (445) e você estiver conectado ao samba usando a porta 43218. Você pode descobrir qual usuário está executando o serviço samba fazendo:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#3707] No subject 2022-12-24 19:34:46 +00:00			`![](<../.gitbook/assets/image (15) (1) (1).png>)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`Se você apenas pressionar enter quando se conectar ao serviço:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#3707] No subject 2022-12-24 19:34:46 +00:00			`![](<../.gitbook/assets/image (16) (1) (1).png>)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Outros erros:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#3523] No subject 2022-09-30 10:43:59 +00:00			`![](<../.gitbook/assets/image (17) (1).png>)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#3195] No subject 2022-05-08 23:13:03 +00:00			`### Nmap`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Por padrão (-sC), o nmap identificará todos os usuários de todas as portas em execução:`
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`PORT STATE SERVICE VERSION`
			`22/tcp open ssh OpenSSH 4.3p2 Debian 9 (protocol 2.0)`
			`\|_auth-owners: root`
Translated ['README.md', 'cryptography/certificates.md', 'forensics/basi 2023-09-03 18:16:00 +00:00			`\| ssh-hostkey:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`\| 1024 88:23:98:0d:9d:8a:20:59:35:b8:14:12:14:d5:d0:44 (DSA)`
			`\|_ 2048 6b:5d:04:71:76:78:56:96:56:92:a8:02:30:73:ee:fa (RSA)`
			`113/tcp open ident`
			`\|_auth-owners: identd`
			`139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: LOCAL)`
			`\|_auth-owners: root`
			`445/tcp open netbios-ssn Samba smbd 3.0.24 (workgroup: LOCAL)`
			`\|_auth-owners: root`
			```
GitBook: [#3195] No subject 2022-05-08 23:13:03 +00:00			`### Ident-user-enum`
Update 113-pentesting-ident.md Ident-user-enum tool 2020-11-15 21:33:46 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			Ident-user-enum é um script PERL simples para consultar o serviço ident (113/TCP) com o objetivo de determinar o proprietário do processo que está ouvindo em cada porta TCP de um sistema alvo. A lista de nomes de usuário coletada pode ser usada para ataques de adivinhação de senha em outros serviços de rede. Pode ser instalado com `apt install ident-user-enum`.
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
Update 113-pentesting-ident.md Ident-user-enum tool 2020-11-15 21:33:46 +00:00			`root@kali:/opt/local/recon/192.168.1.100# ident-user-enum 192.168.1.100 22 113 139 445`
			`ident-user-enum v1.0 ( http://pentestmonkey.net/tools/ident-user-enum )`

			`192.168.1.100:22 root`
			`192.168.1.100:113 identd`
			`192.168.1.100:139 root`
			`192.168.1.100:445 root`
			```
GitBook: [#3195] No subject 2022-05-08 23:13:03 +00:00			`### Shodan`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
			* `oident`

Translated to Portuguese 2023-06-06 18:56:34 +00:00			`## Arquivos`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
			`identd.conf`

Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`<figure><img src="../.gitbook/assets/image (3) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>`
GitBook: [#3633] No subject 2022-10-27 23:22:18 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`Use [Trickest](https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks) para construir e automatizar fluxos de trabalho com o suporte das ferramentas comunitárias mais avançadas do mundo.\`
			`Obtenha Acesso Hoje:`
GitBook: [#3633] No subject 2022-10-27 23:22:18 +00:00
			`{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}`

Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`## Comandos Automáticos HackTricks`
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
HAC 113 2021-08-12 12:39:37 +00:00			`Protocol_Name: Ident #Protocol Abbreviation if there is one.`
			`Port_Number: 113 #Comma separated if there is more than one.`
			`Protocol_Description: Identification Protocol #Protocol Abbreviation Spelled out`

113 Yaml 2021-08-15 17:59:11 +00:00			`Entry_1:`
Translated ['README.md', 'cryptography/certificates.md', 'forensics/basi 2023-09-03 18:16:00 +00:00			`Name: Notes`
			`Description: Notes for Ident`
			`Note: \|`
			`Is an Internet protocol that helps identify the user of a particular TCP connection.`
113 Yaml 2021-08-15 17:59:11 +00:00
Translated ['README.md', 'cryptography/certificates.md', 'forensics/basi 2023-09-03 18:16:00 +00:00			`https://book.hacktricks.xyz/pentesting/113-pentesting-ident`
113 Yaml 2021-08-15 17:59:11 +00:00
			`Entry_2:`
Translated ['README.md', 'cryptography/certificates.md', 'forensics/basi 2023-09-03 18:16:00 +00:00			`Name: Enum Users`
			`Description: Enumerate Users`
			`Note: apt install ident-user-enum ident-user-enum {IP} 22 23 139 445 (try all open ports)`
HAC 113 2021-08-12 12:39:37 +00:00			```
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00			`<details>`

Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`<summary><strong>Aprenda hacking no AWS do zero ao herói com</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`

			`Outras formas de apoiar o HackTricks:`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-01-10 07:09:16 +00:00			`* Se você quer ver sua empresa anunciada no HackTricks ou baixar o HackTricks em PDF, confira os [PLANOS DE ASSINATURA](https://github.com/sponsors/carlospolop)!`
			`* Adquira o [material oficial PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Descubra [A Família PEASS](https://opensea.io/collection/the-peass-family), nossa coleção de [NFTs](https://opensea.io/collection/the-peass-family) exclusivos`
			`* Junte-se ao grupo 💬 [Discord](https://discord.gg/hRep4RUj7f) ou ao grupo [telegram](https://t.me/peass) ou siga-me no Twitter 🐦 [@carlospolopm](https://twitter.com/carlospolopm).`
			`* Compartilhe suas técnicas de hacking enviando PRs para os repositórios github do [HackTricks](https://github.com/carlospolop/hacktricks) e [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud).`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`