Git Product home page Git Product logo

smbclient_cheatsheet's Introduction

This is a list of useful commands/tricks using smbclient, enum4linux and nmap smb scripts - very useful on a pentesting https://sharingsec.blogspot.com

List shares on a machine using NULL Session

smbclient -L

List shares on a machine using a valid username + password

smbclient -L <target-IP> -U username%password

Connect to a valid share with username + password

smbclient //<target>/<share$> -U username%password

List files on a specific share

smbclient //<target>/<share$> -c 'ls' password -U username

List files on a specific share folder inside the share

smbclient //<target>/<share$> -c 'cd folder; ls' password -U username

Download a file from a specific share folder

smbclient //<target>/<share$> -c 'cd folder;get desired_file_name' password -U username

Copy a file to a specific share folder

smbclient //<target>/<share$> -c 'put /var/www/my_local_file.txt .\target_folder\target_file.txt' password -U username

Create a folder in a specific share folder

smbclient //<target>/<share$> -c 'mkdir .\target_folder\new_folder' password -U username

Rename a file in a specific share folder

smbclient //<target>/<share$> -c 'rename current_file.txt new_file.txt' password -U username

enum4linux - General enumeration - anonymous session

enum4linux -a <target>

enum4linux - General enumeration - authenticated session

enum4linux -a <target> -u <user> -p <pass>

enum4linux - Users enumeration

enum4linux -u <user> -p <pass> -U <target>

enum4linux - Group and members enumeration

enum4linux -u <user> -p <pass> -G <target>

enum4linux - Password policy

enum4linux -u <user> -p <pass> -P <target>

nmap - Enum Users

nmap -p 445 --script smb-enum-users <target> --script-args smbuser=username,smbpass=password,smbdomain=domain nmap -p 445 --script smb-enum-users <target> --script-args smbuser=username,smbhash=LM:NTLM,smbdomain=domain

nmap --script smb-enum-users.nse --script-args smbusername=User1,smbpass=Pass@1234,smbdomain=workstation -p445 192.168.1.10

nmap --script smb-enum-users.nse --script-args smbusername=User1,smbhash=aad3b435b51404eeaad3b435b51404ee:C318D62C8B3CA508DD753DDA8CC74028,smbdomain=mydomain -p445 192.168.1.10

nmap - Enum Groups

nmap -p 445 --script smb-enum-groups <target> --script-args smbuser=username,smbpass=password,smbdomain=domain nmap -p 445 --script smb-enum-groups <target> --script-args smbuser=username,smbhash=LM:NTLM,smbdomain=domain

nmap - Enum Shares

nmap -p 445 --script smb-enum-shares <target> --script-args smbuser=username,smbpass=password,smbdomain=domain nmap -p 445 --script smb-enum-shares <target> --script-args smbuser=username,smbpass=LM:NTLM,smbdomain=domain

nmap - OS Discovery

nmap -p 445 --script smb-os-discovery <target>

nmap - SMB Vulnerabilities on Windows

nmap -p 445 --script smb-vuln-ms06-025 target-IP
nmap -p 445 --script smb-vuln-ms07-029 target-IP
nmap -p 445 --script smb-vuln-ms08-067 target-IP
nmap -p 445 --script smb-vuln-ms10-054 target-IP
nmap -p 445 --script smb-vuln-ms10-061 target-IP
nmap -p 445 --script smb-vuln-ms17-010 target-IP
nmap -p 445 --script smb-vuln-cve-2017-7494 target-IP

-- Always check for updated list on https://nmap.org/nsedoc/scripts/

map - Brute Force Accounts (be aware of account lockout!)

nmap –p 445 --script smb-brute –script-args userdb=user-list.txt,passdb=pass-list.txt target-IP

smbclient_cheatsheet's People

Contributors

irgoncalves avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.