Script nbstat

Script types: hostrule
Categories: default, discovery, safe
Download: https://svn.nmap.org/nmap/scripts/nbstat.nse

Script Summary

Attempts to retrieve the target's NetBIOS names and MAC address.

By default, the script displays the name of the computer and the logged-in user; if the verbosity is turned up, it displays all names the system thinks it owns.

Example Usage

sudo nmap -sU --script nbstat.nse -p137 <host>

Script Output

Host script results:
|_ nbstat: NetBIOS name: WINDOWS2003, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:c6:da:f5 (VMware)

Host script results:
|  nbstat: NetBIOS name: WINDOWS2003, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:c6:da:f5 (VMware)
|  Names:
|    WINDOWS2003<00>      Flags: <unique><active>
|    WINDOWS2003<20>      Flags: <unique><active>
|    SKULLSECURITY<00>    Flags: <group><active>
|    SKULLSECURITY<1e>    Flags: <group><active>
|    SKULLSECURITY<1d>    Flags: <unique><active>
|_   \x01\x02__MSBROWSE__\x02<01>  Flags: <group><active>

Requires


Authors:

  • Brandon Enright
  • Ron Bowes

License: Same as Nmap--See https://nmap.org/book/man-legal.html