# 113 - Pentesting Ident {% hint style="success" %} Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\ Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks * Check the [**subscription plans**](https://github.com/sponsors/carlospolop)! * **Join the** ๐Ÿ’ฌ [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** ๐Ÿฆ [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.** * **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}
Use [**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_content=113-pentesting-ident) to easily build and **automate workflows** powered by the world's **most advanced** community tools.\ Get Access Today: {% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=113-pentesting-ident" %} ## Basic Information **Ident ํ”„๋กœํ† ์ฝœ**์€ **์ธํ„ฐ๋„ท**์„ ํ†ตํ•ด ํŠน์ • ์‚ฌ์šฉ์ž์™€ **TCP ์—ฐ๊ฒฐ**์„ ์—ฐ๊ฒฐํ•˜๋Š” ๋ฐ ์‚ฌ์šฉ๋ฉ๋‹ˆ๋‹ค. ์›๋ž˜๋Š” **๋„คํŠธ์›Œํฌ ๊ด€๋ฆฌ** ๋ฐ **๋ณด์•ˆ**์„ ๋•๊ธฐ ์œ„ํ•ด ์„ค๊ณ„๋˜์—ˆ์œผ๋ฉฐ, ์„œ๋ฒ„๊ฐ€ ํฌํŠธ 113์—์„œ ํด๋ผ์ด์–ธํŠธ์—๊ฒŒ ํŠน์ • TCP ์—ฐ๊ฒฐ์˜ ์‚ฌ์šฉ์ž์— ๋Œ€ํ•œ ์ •๋ณด๋ฅผ ์š”์ฒญํ•˜๋Š” ๋ฐฉ์‹์œผ๋กœ ์ž‘๋™ํ•ฉ๋‹ˆ๋‹ค. ๊ทธ๋Ÿฌ๋‚˜ ํ˜„๋Œ€์˜ ๊ฐœ์ธ ์ •๋ณด ๋ณดํ˜ธ ๋ฌธ์ œ์™€ ์˜ค์šฉ ๊ฐ€๋Šฅ์„ฑ์œผ๋กœ ์ธํ•ด ์‚ฌ์šฉ์ด ๊ฐ์†Œํ•˜์˜€์œผ๋ฉฐ, ์ด๋Š” ๋ฌด๋‹จ ๋‹น์‚ฌ์ž์—๊ฒŒ ์‚ฌ์šฉ์ž ์ •๋ณด๋ฅผ ์šฐ์—ฐํžˆ ๋…ธ์ถœํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ์ด๋Ÿฌํ•œ ์œ„ํ—˜์„ ์™„ํ™”ํ•˜๊ธฐ ์œ„ํ•ด ์•”ํ˜ธํ™”๋œ ์—ฐ๊ฒฐ ๋ฐ ์—„๊ฒฉํ•œ ์ ‘๊ทผ ์ œ์–ด์™€ ๊ฐ™์€ ๊ฐ•ํ™”๋œ ๋ณด์•ˆ ์กฐ์น˜๋ฅผ ๊ถŒ์žฅํ•ฉ๋‹ˆ๋‹ค. **๊ธฐ๋ณธ ํฌํŠธ:** 113 ``` PORT STATE SERVICE 113/tcp open ident ``` ## **์—ด๊ฑฐ** ### **์ˆ˜๋™ - ์‚ฌ์šฉ์ž ๊ฐ€์ ธ์˜ค๊ธฐ/์„œ๋น„์Šค ์‹๋ณ„** ๋งŒ์•ฝ ๋จธ์‹ ์ด ident์™€ samba (445) ์„œ๋น„์Šค๋ฅผ ์‹คํ–‰ ์ค‘์ด๊ณ , ํฌํŠธ 43218์„ ์‚ฌ์šฉํ•˜์—ฌ samba์— ์—ฐ๊ฒฐ๋˜์–ด ์žˆ๋‹ค๋ฉด, ๋‹ค์Œ์„ ํ†ตํ•ด samba ์„œ๋น„์Šค๋ฅผ ์‹คํ–‰ ์ค‘์ธ ์‚ฌ์šฉ์ž๋ฅผ ํ™•์ธํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค: ![](<../.gitbook/assets/image (843).png>) ์„œ๋น„์Šค์— ์—ฐ๊ฒฐํ•  ๋•Œ ๊ทธ๋ƒฅ Enter๋ฅผ ๋ˆ„๋ฅด๋ฉด: ![](<../.gitbook/assets/image (159).png>) ๋‹ค๋ฅธ ์˜ค๋ฅ˜: ![](<../.gitbook/assets/image (359).png>) ### Nmap ๊ธฐ๋ณธ์ ์œผ๋กœ (\`-sC\`\`) nmap์€ ์‹คํ–‰ ์ค‘์ธ ๋ชจ๋“  ํฌํŠธ์˜ ๋ชจ๋“  ์‚ฌ์šฉ์ž๋ฅผ ์‹๋ณ„ํ•ฉ๋‹ˆ๋‹ค: ``` PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 4.3p2 Debian 9 (protocol 2.0) |_auth-owners: root | ssh-hostkey: | 1024 88:23:98:0d:9d:8a:20:59:35:b8:14:12:14:d5:d0:44 (DSA) |_ 2048 6b:5d:04:71:76:78:56:96:56:92:a8:02:30:73:ee:fa (RSA) 113/tcp open ident |_auth-owners: identd 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: LOCAL) |_auth-owners: root 445/tcp open netbios-ssn Samba smbd 3.0.24 (workgroup: LOCAL) |_auth-owners: root ``` ### Ident-user-enum [**Ident-user-enum**](https://github.com/pentestmonkey/ident-user-enum)์€ ๋Œ€์ƒ ์‹œ์Šคํ…œ์˜ ๊ฐ TCP ํฌํŠธ์—์„œ ์ˆ˜์‹  ๋Œ€๊ธฐ ์ค‘์ธ ํ”„๋กœ์„ธ์Šค์˜ ์†Œ์œ ์ž๋ฅผ ํ™•์ธํ•˜๊ธฐ ์œ„ํ•ด ident ์„œ๋น„์Šค(113/TCP)๋ฅผ ์ฟผ๋ฆฌํ•˜๋Š” ๊ฐ„๋‹จํ•œ PERL ์Šคํฌ๋ฆฝํŠธ์ž…๋‹ˆ๋‹ค. ์ˆ˜์ง‘๋œ ์‚ฌ์šฉ์ž ์ด๋ฆ„ ๋ชฉ๋ก์€ ๋‹ค๋ฅธ ๋„คํŠธ์›Œํฌ ์„œ๋น„์Šค์— ๋Œ€ํ•œ ๋น„๋ฐ€๋ฒˆํ˜ธ ์ถ”์ธก ๊ณต๊ฒฉ์— ์‚ฌ์šฉ๋  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. `apt install ident-user-enum`์œผ๋กœ ์„ค์น˜ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ``` root@kali:/opt/local/recon/192.168.1.100# ident-user-enum 192.168.1.100 22 113 139 445 ident-user-enum v1.0 ( http://pentestmonkey.net/tools/ident-user-enum ) 192.168.1.100:22 root 192.168.1.100:113 identd 192.168.1.100:139 root 192.168.1.100:445 root ``` ### Shodan * `oident` ## Files identd.conf
[**Trickest**](https://trickest.com/?utm_source=hacktricks&utm_medium=text&utm_campaign=ppc&utm_content=113-pentesting-ident)๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ ์„ธ๊ณ„์—์„œ **๊ฐ€์žฅ ์ง„๋ณด๋œ** ์ปค๋ฎค๋‹ˆํ‹ฐ ๋„๊ตฌ๋กœ ๊ตฌ๋™๋˜๋Š” **์›Œํฌํ”Œ๋กœ์šฐ**๋ฅผ ์‰ฝ๊ฒŒ ๊ตฌ์ถ•ํ•˜๊ณ  **์ž๋™ํ™”**ํ•˜์„ธ์š”.\ ์˜ค๋Š˜ ๋ฐ”๋กœ ์ ‘๊ทผํ•˜์„ธ์š”: {% embed url="https://trickest.com/?utm_source=hacktricks&utm_medium=banner&utm_campaign=ppc&utm_content=113-pentesting-ident" %} ## HackTricks ์ž๋™ ๋ช…๋ น ``` Protocol_Name: Ident #Protocol Abbreviation if there is one. Port_Number: 113 #Comma separated if there is more than one. Protocol_Description: Identification Protocol #Protocol Abbreviation Spelled out Entry_1: Name: Notes Description: Notes for Ident Note: | The Ident Protocol is used over the Internet to associate a TCP connection with a specific user. Originally designed to aid in network management and security, it operates by allowing a server to query a client on port 113 to request information about the user of a particular TCP connection. https://book.hacktricks.xyz/pentesting/113-pentesting-ident Entry_2: Name: Enum Users Description: Enumerate Users Note: apt install ident-user-enum ident-user-enum {IP} 22 23 139 445 (try all open ports) ``` {% hint style="success" %} AWS ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\ GCP ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
HackTricks ์ง€์›ํ•˜๊ธฐ * [**๊ตฌ๋… ๊ณ„ํš**](https://github.com/sponsors/carlospolop) ํ™•์ธํ•˜๊ธฐ! * **๐Ÿ’ฌ [**Discord ๊ทธ๋ฃน**](https://discord.gg/hRep4RUj7f) ๋˜๋Š” [**ํ…”๋ ˆ๊ทธ๋žจ ๊ทธ๋ฃน**](https://t.me/peass)์— ์ฐธ์—ฌํ•˜๊ฑฐ๋‚˜ **Twitter** ๐Ÿฆ [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**๋ฅผ ํŒ”๋กœ์šฐํ•˜์„ธ์š”.** * **[**HackTricks**](https://github.com/carlospolop/hacktricks) ๋ฐ [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) ๊นƒํ—ˆ๋ธŒ ๋ฆฌํฌ์ง€ํ† ๋ฆฌ์— PR์„ ์ œ์ถœํ•˜์—ฌ ํ•ดํ‚น ํŠธ๋ฆญ์„ ๊ณต์œ ํ•˜์„ธ์š”.**
{% endhint %}