Brute-forcing z/OS JES NJE node names
NJE node communication requires exchanging the client name and the target node name. While the client name can be set arbitrarily, the OHOST value or node name is often unknown. With Nmap, you can attempt to guess a valid node name by performing a brute-force attack.
This recipe introduces the nje-node-brute
script, which allows the brute-force enumeration of z/OS JES NJE.
How to do it...
Open up Terminal and enter the following Nmap command to brute-force the target node name:
$ nmap -sV --script nje-node-brute <target>
The script will return any valid node names found following the output format of the brute
NSE library:
PORT    STATE SERVICE REASON 175/tcp open  nje     syn-ack | nje-node-brute: |   Node Name: |     POTATO:CACTUS - Valid credentials |_  Statistics: Performed 6 guesses in 14 seconds, average tps: 0...