SMB

SMB service is found in windows by default, and can be configured in linux aswell. Improper implementation provides the access to some contents, commonly used tools are SMBClient, cme and Enum4linux

Enumeration

Listing the shares

smbclient -U '' -N \\\\10.10.10.10\\
cme smb 10.10.10.10 -u 'username' -p 'password' --shares

Accessing the share

smbclient -U 'user' \\\\10.10.10.10\\sharename

Bruteforce

cme smb $ip -u users.txt -p pass.txt --continue-on-success

# hashes bruteforce
cme smb $ip -u users.txt -H "NTLMHASH" --continue-on-success

# enumerate users if the IPC share is readable
cme smb $ip -u user -p password --rid-brute

File Operations

# download a file
get filename
# y/n prompt disable
prompt off
# recurse download
recurse on
prompt OFF
mget *

PreviousPOP3 NextIMAP

Last updated 3 years ago

Was this helpful?