Results 1 to 4 of 4

Thread: [Script][Video] - Using McGrew Security's nbnspoof.py

Threaded View

  1. #1
    Member
    Join Date
    Jan 2010
    Posts
    70

    Default [Script][Video] - Using McGrew Security's nbnspoof.py

    For those who aren't aware, NetBIOS as used in Windows(tm) brand OSes, at least through XP Service Pack 3, have a multi-step name resolution process. If a particular name is not found via DNS lookup, the system will query the local subnet's NetBIOS for a match. As such, if we have access to an interface on the local subnet (via source routing or a GRE tunnel) we can potentially redirect misspelled names to ourselves (or non-existent names, in some cases).

    Note: This type of attack is not exactly unique to windows. Under linux, the nsswitch.conf file can be configured to query all sorts of directory services to locate machines. While the video doesn't demonstrate "poisoning" a linux client, a system with a configuration to query the local subnet for a name could also be created. See the /etc/nsswitch.conf man pages, and google pages.

    First, the script ( which can be downloaded at http://aconole.brad-x.com/nbnspoof.py ) is a simple python + scapy script to watch for netbios name query traffic on an interface; if the name matches the supplied regex, the script simply generates a response.

    EDIT: Re-introducing the video once I clean it up - realized I had some personal stuff on the Desktop.
    Last edited by orgcandman; 08-04-2010 at 06:46 PM.

Similar Threads

  1. [Script][Video] EvilGrade (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 27
    Last Post: 03-06-2011, 12:24 PM
  2. [Script] [Video] metasploit-FakeUpdate (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 30
    Last Post: 12-06-2010, 04:53 PM
  3. [Script] [Video] FakeAP_pwn (v0.2.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 184
    Last Post: 09-02-2010, 11:01 AM
  4. MySQL Security Assesment Script in BT4
    By Archangel-Amael in forum BackTrack Howtos
    Replies: 0
    Last Post: 07-24-2010, 03:16 PM
  5. Video How-To Offensive-Security
    By brigante in forum Tutorial ed HowTo
    Replies: 0
    Last Post: 08-23-2009, 03:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •