Home / IT Security / Black Hat / Using nbtstat to View Who Is Logged into a Computer
Using nbtstat to View Who Is Logged into a Computer

Using nbtstat to View Who Is Logged into a Computer

Using nbtstat to View Who is Logged into a Computer: In this exercise we will use nbtstat to determine who is logged into a remote computer.

  1. At the Windows command prompt enter the command nbtstat –a followed by the name of the computer you want to examine.

 

  1. If the port is open, the service running, and the machine available, you should see results similar to the following.

    In this example we assume a machine with the name “aperture.”

    NetBIOS Remote Machine Name Table
Name Type Status
APERTURE <03> UNIQUE
LCEDROS <03> UNIQUE
APERTURE <00> UNIQUE
WORKPLACE <00> GROUP
APERTURE <20> UNIQUE
  1. Examine the list and note that under the Type heading we have a mixture of <03> records and others.

    The user account will be identified by an <03> label and nothing else.

    Since we know the machine name is APERTURE, it’s not hard to single out the <03> record LCEDROS as a username logged into the system.

 

About Jahanzaib Khan

A Passionate Bloggers from Pakistan, Who Loves to Put Content That Talks About The Reality of Current Situations.

Check Also

UK's Recent Lists of Top Worst & Most Hacked Password Combination

UK’s Recent Lists of Top Worst & Most Hacked Password Combination

You will be amazed of these very easy to guess passwords that are used; some …

Leave a Reply

Your email address will not be published. Required fields are marked *