Posts: 50 Location: A node too far Joined: 11.09.06 Rank: Apprentice
Posted on 19-12-11 13:33
I am testing the nmap ncp-enum-users script, to my knowledge this output would result in something similar to a dumpsec user list output, am I doing something incorrect? or is this a standard output when nmap cannot retreive the enumerated information?
nmap -sV --script=ncp-enum-users 10.0.0.1
Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-12-19 08:06 EST
Nmap scan report for 10.0.0.1
Host is up (0.0019s latency).
Not shown: 985 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http Microsoft IIS httpd 7.0
88/tcp open kerberos-sec Microsoft Windows kerberos-sec
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn
389/tcp open ldap
445/tcp open microsoft-ds Microsoft Windows 2003 or 2008 microsoft-ds
464/tcp open kpasswd5?
593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0
636/tcp open tcpwrapped
3268/tcp open ldap
3269/tcp open tcpwrapped
49153/tcp open msrpc Microsoft Windows RPC
49155/tcp open msrpc Microsoft Windows RPC
49157/tcp open msrpc Microsoft Windows RPC
49158/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0
MAC Address: 08:00:27:72:6A:B8 (Cadmus Computer Systems)
Service Info: OS: Windows
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 70.12 seconds
In the words of DR-K
"When people asked me why I hacked, I had a standard response: Because its there.Because I can.Because its fun."
RE: NMAP Scripts
Posts: Location: Joined: 01.01.70 Rank: Guest
Posted on 19-12-11 19:41
That Nmap script is for the Novell NetWare Core Protocol and it does not look like it is running on that server. Take a look at this http://nmap.org/nsedoc/scripts/ncp-enum-users.html
Edited by on 19-12-11 19:43
Hellbound Hackers is the collective work of the staff and the community and is therefore licensed under the CC BY-NC-SA license.