Listing VTAM application screens
VTAM screens are used by many mainframes to access applications such as CICS, IMS, TSO, and more. Since the application IDs are limited to only 8 bytes, it is possible to brute-force them to find VTAM screens.
The following recipe will show you how to use Nmap to brute-force and list valid VTAM application IDs.
How to do it...
To enumerate VTAM application IDs, use the following Nmap command:
$ nmap -sV --script vtam-enum <target>
All VTAM application IDs found will be listed underneath the output of the vtam-enum
script:
PORT STATE SERVICE VERSION 23/tcp open tn3270 IBM Telnet TN3270 | vtam-enum: | VTAM Application ID: | applid:TSO - Valid credentials | applid:CICSTS51 - Valid credentials |_ Statistics: Performed 14 guesses in 5 seconds, average tps: 2
Additionally, to avoid depending on any external...