Nmap nbstat NSE Script

This page contains detailed information about how to use the nbstat NSE script. For list of all NSE scripts, visit the Nmap NSE Library.

Script Overview

Script source code: https://github.com/nmap/nmap/tree/master/scripts/nbstat.nse
Script categories: default, discovery, safe
Target service / protocol: netbios, smb, tcp, udp
Target network port(s): 135, 137, 139, 445
List of CVEs: -

Script Description

The nbstat.nse script attempts to retrieve the target's NetBIOS names and MAC address.

By default, the script displays the name of the computer and the logged-in user; if the verbosity is turned up, it displays all names the system thinks it owns.

Nbstat NSE Script Arguments

The nbstat.nse script does not have any arguments.

Nbstat NSE Script Example Usage

Here's an example of how to use the nbstat.nse script:

sudo nmap -sU --script nbstat.nse -p137 <host>

Nbstat NSE Script Example Output

Here's a sample output from the nbstat.nse script:

Host script results:
|_ nbstat: NetBIOS name: WINDOWS2003, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:c6:da:f5 (VMware)

Host script results:
|  nbstat: NetBIOS name: WINDOWS2003, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:c6:da:f5 (VMware)
|  Names:
|    WINDOWS2003<00>      Flags: <unique><active>
|    WINDOWS2003<20>      Flags: <unique><active>
|    SKULLSECURITY<00>    Flags: <group><active>
|    SKULLSECURITY<1e>    Flags: <group><active>
|    SKULLSECURITY<1d>    Flags: <unique><active>
|_   \x01\x02__MSBROWSE__\x02<01>  Flags: <group><active>

Nbstat NSE Script Example XML Output

Here's a sample XML output from the nbstat.nse script produced by providing the -oX <file> Nmap option:

 <elem key="server_name">WINDOWS2003</elem>
 <elem key="workstation_name">WINDOWS2003</elem>
 <elem key="user">&lt;unknown&gt;</elem>
 <table key="mac">
   <elem key="manuf">VMware</elem>
   <elem key="address">00:0c:29:c6:da:f5</elem>
 </table>
 <table key="Names">
   <table>
     <elem key="name">WINDOWS2003</elem>
     <elem key="suffix">0</elem>
     <elem key="flags">1024</elem>
   </table>
   <table>
     <elem key="name">SKULLSECURITY</elem>
     <elem key="suffix">0</elem>
     <elem key="flags">33792</elem>
   </table>
   <table>
     <elem key="name">WINDOWS2003</elem>
     <elem key="suffix">32</elem>
     <elem key="flags">1024</elem>
   </table>
   <table>
     <elem key="name">SKULLSECURITY</elem>
     <elem key="suffix">30</elem>
     <elem key="flags">33792</elem>
   </table>
   <table>
     <elem key="name">SKULLSECURITY</elem>
     <elem key="suffix">29</elem>
     <elem key="flags">1024</elem>
   </table>
   <table>
     <elem key="name">\x01\x02__MSBROWSE__\x02</elem>
     <elem key="suffix">1</elem>
     <elem key="flags">33792</elem>
   </table>
 </table>
 <table key="Statistics">
   <elem>00 0c 29 c6 da f5 00 00 00 00 00 00 00 00 00 00 00</elem>
   <elem>00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00</elem>
   <elem>00 00 00 00 00 00 00 00 00 00 00 00 00 00</elem>
 </table>

Nmap nbstat NSE Script

Script Overview

Script Description

Nbstat NSE Script Arguments

Nbstat NSE Script Example Usage

Nbstat NSE Script Example Output

Nbstat NSE Script Example XML Output

Authors

References

See Also

Version

Nessus Plugin Library

Solving Problems with Office 365 Email from GoDaddy

Empire Module Library

CrackMapExec Module Library

Metasploit Android Modules

Top 16 Active Directory Vulnerabilities

Top 10 Vulnerabilities: Internal Infrastructure Pentest

Terminal Escape Injection

Cisco Password Cracking and Decrypting Guide

Capture Passwords using Wireshark

SSH Brute Force Attack Tool using PuTTY / Plink (ssh-putty-brute.ps1)

SMB Brute Force Attack Tool in PowerShell (SMBLogin.ps1)

Port Scanner in PowerShell (TCP/UDP)

Nessus CSV Parser and Extractor

Default Password Scanner (default-http-login-hunter.sh)