Ident - Port 113
Become VeryLazyTech member! π
Follow us on:
β Twitter @VeryLazyTech.
πΎ Github @VeryLazyTech.
π Medium @VeryLazyTech.
πΊ YouTube @VeryLazyTech.
π© Telegram @VeryLazyTech.
π΅οΈββοΈ My Site @VeryLazyTech.
Visit our shop for e-books and courses. π
Basic Information
The Ident Protocol is used over the Internet to associate a TCP connection with a specific user. Originally designed to aid in network management and security, it operates by allowing a server to query a client on port 113 to request information about the user of a particular TCP connection.
However, due to modern privacy concerns and the potential for misuse, its usage has decreased as it can inadvertently reveal user information to unauthorized parties. Enhanced security measures, such as encrypted connections and strict access controls, are recommended to mitigate these risks.
Default port: 113
PORT STATE SERVICE
113/tcp open ident
Enumeration
nmap -p 113 <target-ip>
Querying the Service To test the Ident service manually:
nc <target-ip> 113
<local-port> , <remote-port>
This will return a response containing the username associated with the TCP connection.
Enumerating Usernames
use auxiliary/scanner/ident/ident
set RHOSTS <target-ip>
run
./ident-user-enum.pl -f targets.txt
When run, the tool might produce output like this:
192.168.1.10:113 -> User: admin
192.168.1.10:113 -> User: www-data
192.168.1.10:113 -> User: root
Files
Default Location of identd.conf
identd.conf
The identd.conf
file is typically found in the following locations, depending on the system and Ident implementation:
/etc/identd.conf
/usr/local/etc/identd.conf
/etc/oidentd.conf
(for oidentd)
If you canβt locate the file, use a search command:
sudo find / -name "identd.conf"
Learn & practice For the OSCP.
Last updated
Was this helpful?