Telnet is a network protocol used to virtually access a computer and to provide a two-way, collaborative and text-based communication channel between two machines.
It follows a user command Transmission Control Protocol/Internet Protocol (TCP/IP) networking protocol for creating remote sessions. On the web, Hypertext Transfer Protocol (HTTP) and File Transfer Protocol (FTP) simply enable users to request specific files from remote computers, while, through Telnet, users can log on as a regular user with the privileges they are granted to the specific applications and data on that computer.
telnet works on port number 23
📌 telnet-ntlm-info
📌 telnet-brute
📌 telnet-encryption
Nmap –script telnet-brute ip address:
Performs brute-force password auditing against telnet servers.
Nmap –script telnet-encrpytion ip address:
Determines whether the encryption option is supported on a remote telnet server. Some systems (including FreeBSD and the krb5 telnetd available in many Linux distributions) implement this option incorrectly, leading to a remote root vulnerability. This script currently only tests whether encryption is supported, not for that particular vulnerability.
Nmap –script telnet-ntlm-info ip address:
This script enumerates information from remote Microsoft Telnet services with NTLM authentication enabled. Sending a MS-TNAP NTLM authentication request with null credentials will cause the remote service to respond with a NTLMSSP message disclosing information to include NetBIOS, DNS, and OS build version.
