Hi there, I was wondering if anyone has good material where I can learn how to exploit SMB correctly. It's popped up once or twice for me now and I've tended to avoid it, looking for other ways to exploit machines, however i'd like to change that and make it a strength!
If you could post some good links for material, or even tips on things to look out for then i'd really appreciate it!
-Cob
Comments
Some good tools to check out:
Crackmapexec
impacket (GetUserSPNs and a couple other tools are useful to know)
enum4linux
Use what you can to enumerate available shares, see if you can connect to any anonymously. Poke around all available options and see if you can get any useful information, ssh keys, login credentials, etc.
I'm certainly no expert and I'm sure there's a lot more to know abut this stuff, but I've learned a decent amount about this stuff recently and it's been helpful.
--Skunkfoot
nullinux is another good SMB enum tool
@Skunkfoot Thanks for the info, I played around with enum4linux yesterday, and i'll definitely give those other tools a look! Thanks!
@jamesa Cheers for the link, I'll have a play with that this evening!
@wshepherd thanks! I'll have a look!