Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Getting a Machines Uptime Remotely

From: Steve Friedl <steve () unixwiz net>
Date: Thu, 2 Feb 2006 11:20:46 -0800
On Wed, Feb 01, 2006 at 10:18:06AM -0500, Holstein, Robert - BLS CTR wrote:

I'm trying to figure out how to get the uptime of a Win* machine
remotely using NMAP.  Stealth is not a concern.  I've done it with *nix
based OS'es before using NMAP but never Windows. Can anyone offer some
advice on how to do this using NMAP.  I've tried a couple different
things with no results. 


There are two ways I can think of to get the uptime remotely, though
neither with nmap.

1) via SNMP: the sysUpTime.0 OID is the number of 100ths of a second since
   boot. This has a 497-day limit before the 32-bit counter wraps around,
   but if it's a Windows machine I doubt you'll run into that ;-)

2) I'm sure there's an RPC type query which returns this information, but
   it surely requires a network credential.

Steve

--- 
Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve () unixwiz net

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: