Enum4Linux

What is Enum4Linux?

A Linux alternative to enum.exe for enumerating data from Windows and Samba hosts.

Enum4linux is a tool that is preinstalled on Kali Linux, or you can download it from their repo. Its used for enumerating information from Windows and Samba systems. It attempts to offer similar functionality to enum.exe formerly available from www.bindview.com. It is written in Perl and is basically a wrapper around the Samba tools smbclient, rpclient, net and
nmblookup.

Key features:

  • RID cycling (When RestrictAnonymous is set to 1 on Windows 2000)
  • User listing (When RestrictAnonymous is set to 0 on Windows 2000)
  • Listing of group membership information
  • Share enumeration
  • Detecting if host is in a workgroup or a domain
  • Identifying the remote operating system
  • Password policy retrieval (using polenum)

This tool comes preinstalled on Kali Linux however, the source and preconfigured binaries are
available on github.

Syntax:
enum4linux -U 10.10.10.161


Below shows some of the important information we get back.

forest-002.png