Tuesday , August 21 2018
Home / IT Security / Black Hat / Using nbtstat to View Who Is Logged into a Computer
Using nbtstat to View Who Is Logged into a Computer

Using nbtstat to View Who Is Logged into a Computer

Using nbtstat to View Who is Logged into a Computer: In this exercise we will use nbtstat to determine who is logged into a remote computer.

  1. At the Windows command prompt enter the command nbtstat –a followed by the name of the computer you want to examine.

 

  1. If the port is open, the service running, and the machine available, you should see results similar to the following.

    In this example we assume a machine with the name “aperture.”

    NetBIOS Remote Machine Name Table
Name Type Status
APERTURE <03> UNIQUE
LCEDROS <03> UNIQUE
APERTURE <00> UNIQUE
WORKPLACE <00> GROUP
APERTURE <20> UNIQUE
  1. Examine the list and note that under the Type heading we have a mixture of <03> records and others.

    The user account will be identified by an <03> label and nothing else.

    Since we know the machine name is APERTURE, it’s not hard to single out the <03> record LCEDROS as a username logged into the system.

 

About Jahanzaib Khan

Jahanzaib Khan is Web Designer & Ethical Hacker. He Who has been working since 2014, and is managing several successful websites on the internet for about 3 years. Jahanzaib-khan.com

Check Also

Understanding Denial of Service

Understanding Denial of Service

Understanding DoS: Denial of Service is an attack that aims at preventing normal communication with …

Leave a Reply

Your email address will not be published. Required fields are marked *