News - Main Page
Whitepapers
Tools and Download
Presentations

download

screenshots

RID cyclingGroup enumerationUser enumeration

related links

change logs

usage

licence

summary

enum4linux

Enum4linux is a tool for enumerating information from Windows and Samba systems. It attempts to offer similar functionality to enum.exe formerly available from www.bindview.com.

It is written in PERL and is basically a wrapper around the Samba tools smbclient, rpclient, net and nmblookup. The samba package is therefore a dependency.

Features include:

  • RID Cycling (When RestrictAnonymous is set to 1 on Windows 2000)
  • User Listing (When RestrictAnonymous is set to 0 on Windows 2000)
  • Listing of Group Membership Information
  • Share Enumeration
  • Detecting if host is in a Workgroup or a Domain
  • Identifying the remote Operating System
  • Password Policy Retrieval (using polenum)

Check out the usage page for a full list of options. There are also lots of examples to get you started.

Last Updated : 16/09/2008 11:29:28


Related Applications

  • Apache UsersEnumerate the usernames on any system that uses Apache and the UserDir module.
  • Attacking Windows DomainsCRESTCon presentation looking at the Windows Domain Authentication model
  • BSQL brute forcer V2Updated version of the Blind SQL Injection Brute Forcer from www.514.es. Works against PostgreSQL, MySQL, MSSQL and Oracle and supports custom SQL Queries.
  • BSQL HackerBSQL (Blind SQL) Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.
  • http-dir-enumA command-line tool for bruteforce-guessing directory and filenames on web servers.
  • ManySSLUse this perl script to enumerate SSL ciphers
  • polenumpolenum is a python script which uses Core's Impacket Library to get the password policy from a windows machine
  • secdumpsecdump is a simple meterpreter module that uploads and runs gsecdump. Nothing fancy, just a time saver.
  • SSHatterPassword brute forcer for SSH