科来MAC地址扫描器 主机名称获取原理初探 NetBIOS

探索原理

Wireshark 针对应用程序抓包
192.168.1.50/255.255.255.255

Python Demo

关于一下 impacket

https://pysmb.readthedocs.io/en/latest/api/nmb_NetBIOS.html

https://github.com/humberry/smb-example/blob/master/smb-test.py

https://gist.github.com/joselitosn/e74dbc2812c6479d3678

# pip install pysmb
from nmb.NetBIOS import NetBIOS


def test():
    # https://pysmb.readthedocs.io/en/latest/api/nmb_NetBIOS.html
    netbios_obj = NetBIOS()
    host_name = netbios_obj.queryIPForName("192.168.1.116")
    print host_name


if __name__ == '__main__':
    test()

参考资料

c# 版本的smb_version
http://www.zcgonvh.com/post/CSharp_smb_version_Detection.html

科来 MAC地址扫描工具
download

使用 NetBios Spoofing 技术渗透内网
http://www.freebuf.com/articles/5238.html

利用 NetBIOS 协议名称解析及 WPAD 进行内网渗透
https://blog.csdn.net/zy_strive_2012/article/details/51829791

禁用 NetBIOS
关闭137/138/139端口的方法：禁用TCP/IP上的NetBIOS
http://www.webkaka.com/blog/archives/how-to-close-the-139-port.html

Windows nblookup
https://support.microsoft.com/zh-cn/help/830578/nblookup-exe-command-line-tool
https://support.microsoft.com/en-us/help/830578/nblookup-exe-command-line-tool

• #Network Engineering
• #Network Security
• #Penetration Testing
• #Red Team
• #内网渗透
• #渗透测试
• #网络工程