mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-15 09:27:32 +00:00
59 lines
1.4 KiB
Markdown
59 lines
1.4 KiB
Markdown
|
# 113 - Pentesting Ident
|
||
|
|
|
||
|
|
## Basic Information
|
||
|
|
|
||
|
|
Is an [Internet](https://en.wikipedia.org/wiki/Internet) [protocol](https://en.wikipedia.org/wiki/Protocol_%28computing%29) that helps identify the user of a particular [TCP](https://en.wikipedia.org/wiki/Transmission_Control_Protocol) connection.
|
||
|
|
|
||
|
|
**Default port:** 113
|
||
|
|
|
||
|
|
```text
|
||
|
|
PORT STATE SERVICE
|
||
|
|
113/tcp open ident
|
||
|
|
```
|
||
|
|
|
||
|
|
## **Enumeration**
|
||
|
|
|
||
|
|
### **Manual - Get user/Identify the service**
|
||
|
|
|
||
|
|
If a machine is running the service ident and samba \(445\) and you are connected to samba using the port 43218. You can get which user is running the samba service by doing:
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
If you just press enter when you conenct to the service:
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
Other errors:
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
### Nmap
|
||
|
|
|
||
|
|
By default \(-sC\) nmap will identify every user of every running port:
|
||
|
|
|
||
|
|
```text
|
||
|
|
PORT STATE SERVICE VERSION
|
||
|
|
22/tcp open ssh OpenSSH 4.3p2 Debian 9 (protocol 2.0)
|
||
|
|
|_auth-owners: root
|
||
|
|
| ssh-hostkey:
|
||
|
|
| 1024 88:23:98:0d:9d:8a:20:59:35:b8:14:12:14:d5:d0:44 (DSA)
|
||
|
|
|_ 2048 6b:5d:04:71:76:78:56:96:56:92:a8:02:30:73:ee:fa (RSA)
|
||
|
|
113/tcp open ident
|
||
|
|
|_auth-owners: identd
|
||
|
|
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: LOCAL)
|
||
|
|
|_auth-owners: root
|
||
|
|
445/tcp open netbios-ssn Samba smbd 3.0.24 (workgroup: LOCAL)
|
||
|
|
|_auth-owners: root
|
||
|
|
```
|
||
|
|
|
||
|
|
### Shodan
|
||
|
|
|
||
|
|
* `oident`
|
||
|
|
|
||
|
|
## Files
|
||
|
|
|
||
|
|
identd.conf
|
||
|
|
|