# Enumeration

## Users

### Privileges

```bash
sudo -l
```

## Computers

### System info

```bash
uname -a
hostname
```

## Ports & Hosts

### Check specific information of a port

```bash
lsof -i:4433
```

### Discover internal hosts

```bash
#!/bin/bash

for last_octet in $(seq 1 254); do
        IP="172.18.100.$last_octet"
        timeout 1 ping -c 1 "$IP" >/dev/null && echo "IP Activa: $IP" &
done; wait
```

### Discover internal ports related to host

```bash
#!/bin/bash

IP="172.18.100.21"

for port in $(seq 1 65535); do
        (timeout 1 bash -c "</dev/tcp/$IP/$port") >/dev/null 2>&1 && echo "Puerto Abierto: $IP:$port" &
done; wait
```