79 - Pentesting finger

The Finger protocol is a simple network protocol used to retrieve information about a user on a remote system. It was widely used in the early days of the Internet, and was typically used to retrieve information such as a user's full name, phone number, and login status. The protocol was implemented on Unix-based systems and used the simple text-based "finger" command to retrieve information from remote systems.

nmap

sudo nmap -n -sV -Pn -p 79 $IP

finger

finger @<IP>

finger root@192.168.0.102
finger szalek@192.168.0.102
finger user@192.168.0.102

finger-user-enum

./finger-user-enum.pl -U /usr/share/wordlists/seclists/Usernames/Names/names.txt -t 10.10.10.76

metasploit

use auxiliary/scanner/finger/finger_users