Hi there, I was wondering if anyone has good material where I can learn how to exploit SMB correctly. It’s popped up once or twice for me now and I’ve tended to avoid it, looking for other ways to exploit machines, however i’d like to change that and make it a strength!
If you could post some good links for material, or even tips on things to look out for then i’d really appreciate it!
Crackmapexec
impacket (GetUserSPNs and a couple other tools are useful to know)
enum4linux
Use what you can to enumerate available shares, see if you can connect to any anonymously. Poke around all available options and see if you can get any useful information, ssh keys, login credentials, etc.
I’m certainly no expert and I’m sure there’s a lot more to know abut this stuff, but I’ve learned a decent amount about this stuff recently and it’s been helpful.
Check out the impacket library, the ntlmrelax and smbrelay examples are very useful in exploits against SMB. Inveigh is a nice PowerShell based tool thats useful for SMB/NTLM based attacks.