From: Steve Friedl (steve@unixwiz.net)
Date: Thu Feb 02 2006 - 14:20:46 EST
On Wed, Feb 01, 2006 at 10:18:06AM -0500, Holstein, Robert - BLS CTR wrote:
> I'm trying to figure out how to get the uptime of a Win* machine
> remotely using NMAP. Stealth is not a concern. I've done it with *nix
> based OS'es before using NMAP but never Windows. Can anyone offer some
> advice on how to do this using NMAP. I've tried a couple different
> things with no results.
There are two ways I can think of to get the uptime remotely, though
neither with nmap.
1) via SNMP: the sysUpTime.0 OID is the number of 100ths of a second since
boot. This has a 497-day limit before the 32-bit counter wraps around,
but if it's a Windows machine I doubt you'll run into that ;-)
2) I'm sure there's an RPC type query which returns this information, but
it surely requires a network credential.
Steve
---
Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561
www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | steve@unixwiz.net
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:26 EDT