Finger.exe LOLBin, (Sun, Dec 4th)

This post was originally published on this site

Guy's diary entry "Linux LOLBins Applications Available in Windows" reminded me of another Linux tool that is available on Windows: the ancient finger command.

Here is an example with weather info for the North Pole:

Communication takes place over TCP. Destination port is 79.

The finger.exe command sends the string before the @ sign to the host specified after the @ sign.

finger.exe is not proxy aware, and port 79 is hardcoded inside the finger.exe executable. Not as a number, but as a protocol name (finger) that is defined in the services list (%SystemRoot%system32driversetcservices);

 

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.