NetBIOS 137-138

nmblookup

To query NetBIOS over TCP/IP, use nmblookup to resolve a NetBIOS name to an IP address. The -A option attempts to get the NetBIOS name of a host.

nmblookup -A 10.10.10.10

nbtscan

nbtscan is another tool for scanning and enumerating NetBIOS names. You can scan a range or a single host to retrieve NetBIOS information.

nbtscan 10.10.10.10

This will return details about the NetBIOS name, workgroup, and available shares of the target IP.

Nmap (NetBIOS Enumeration)

You can use Nmap to scan for NetBIOS information, particularly using the nbstat.nse script, which will gather NetBIOS information such as names and workgroups.

sudo nmap -sU -sV -T4 --script nbstat.nse -p137 -Pn -n 10.10.10.10

PreviousNNTP 119 NextSMB / Samba 135-139, 445

Last updated 12 months ago