impacket-getarch

Detect the architecture of a remote Windows system

$ impacket-getarch -target [192.168.1.100]

$ impacket-getarch -targets [targets.txt]

$ impacket-getarch -target [192.168.1.100] -port [445]

impacket-getarch [-h] [-target IP] [-targets FILE] [-port PORT]

impacket-getarch is a reconnaissance tool that determines whether a remote Windows system is running a 32-bit or 64-bit operating system. It works by connecting to the target's SMB service and analyzing the response to identify the system architecture.
This information is valuable during penetration testing when preparing architecture-specific payloads or exploits. The tool requires no authentication and works against systems with SMB exposed.

-target IP

IP address of the target system to probe

File containing a list of target IP addresses (one per line)

Port to connect to (default: 445)

Requires network access to the target's SMB port (typically 445). Results depend on SMB being accessible and not blocked by firewalls. Does not work against non-Windows systems.

Part of the Impacket library by SecureAuth. The tool exploits differences in how 32-bit and 64-bit Windows systems respond to certain SMB requests to fingerprint the architecture without authentication.

impacket-getadusers(1), nmap(1), smbclient(1)