LAME SMB version enum problem

edited February 2020 in Machines

Hi,
I have read many walkthrough on this machine and their nmap scan shows the samba version but for me it just shows samba 3.x-4.x . How can i actually find the version of smb. COuld someone please help me out finding the smb version.
Thank you

Tagged:

Comments


  • !/bin/sh
    if [ -z $1 ]; then echo "Usage: ./smbver.sh RHOST {RPORT}" && exit; else rhost=$1; fi
    if [ ! -z $2 ]; then rport=$2; else rport=139; fi
    tcpdump -s0 -n -i tap0 src $rhost and port $rport -A -c 7 2>/dev/null | grep -i "samba|s.a.m" | $
    echo "exit" | smbclient -L $rhost 1>/dev/null 2>/dev/null
    sleep 0.5 && echo ""

    peek

  • Haha, yes also noticed the same thing, I think this is something in later versions of nmap. Because it wasn't specific on the version detection I enumerated other services and got in via distcc rce, which also has an msf module. You only get a low-priv user though, but I got privesc via nmap (thanks to gtfobins). If distcc wasn't exposed I probably would've gone back to smb and digged deeper.

    OrangeHat

  • Type your comment> @d3kum1d0r1y4 said:

    Hi,
    I have read many walkthrough on this machine and their nmap scan shows the samba version but for me it just shows samba 3.x-4.x . How can i actually find the version of smb. COuld someone please help me out finding the smb version.
    Thank you

    A little late but the reason this is happening is because the script that ships with nmap on Kali needs to be updated. You need to grab that contents of the file smb.lua from the nmap repo and use it to replace the script that ships with Kali. Then your smb enumeration will work properly.

    This happened to me as well on the box Lame and once I updated the nmap script, all was fine. I've since filed a bug in the Kali bugtracker and they're supposed to release a fix in the next version of Kali.

  • @privesc
    Thank you! your hint solve the problem for me.

    what I did are:
    1. Update the the kali with 'apt-get update'
    2. Re-install nmap 'apt-get install nmap'

Sign In to comment.