123 - Pentesting ntp

nmap -p 123 -A $IP
nmap -sU -sV --script "ntp* and (discovery or vuln) and not (dos or brute)" -p 123 $IP

ntpq -c readlist $IP
ntpq -c readvar $IP
ntpq -c peers $IP
ntpq -c associations $IP
ntpdc -c monlist $IP
ntpdc -c listpeers $IP
ntpdc -c sysinfo $IP