Pentesting SMB

09/11/2022

Hacking

https://book.hacktricks.xyz/network-services-pentesting/pentesting-smb
https://github.com/ShawnDEvans/smbmap

Para realizar un listado recursivo -R, y con -p en lugar de la contraseña se puede usar el hash “NT:LM”

$ python smbmap.py -H 172.16.0.24 -u Administrator -p 'changeMe' -R 'C$\Users'
[+] Finding open SMB ports....
[+] User SMB session established...
[+] IP: 172.16.0.24:445 Name: 172.16.0.24
    Disk                                                    Permissions
    ----                                                    -----------
    C$                                                      READ, WRITE
    .Users
    dw--w--w--                0 Wed Apr 29 13:15:25 2015    .
    dw--w--w--                0 Wed Apr 29 13:15:25 2015    ..
    dr--r--r--                0 Wed Apr 22 14:50:36 2015    Administrator
    dr--r--r--                0 Thu Apr  9 14:46:57 2015    All Users
    dw--w--w--                0 Thu Apr  9 14:46:49 2015    Default
    dr--r--r--                0 Thu Apr  9 14:46:57 2015    Default User
    fr--r--r--              174 Thu Apr  9 14:44:01 2015    desktop.ini
    dw--w--w--                0 Thu Apr  9 14:46:49 2015    Public
    dr--r--r--                0 Wed Apr 22 13:33:01 2015    wingus

Comments are closed.

HOME

@ Dennis Edson

Pentesting SMB