When basics won't work (Spoilers about LAME machine)

Hi,

this post is not about a concrete machine, rather about debugging techniques and time prioritization and strategy decision.

This raised enumerating machine called ‘LAME’. After trying everything what I could imagine, I started reading some walkthroughs and saw that other people had success with commands I already tried (smbclient -L IP).

After seeing it and trying it again, copy paste, update, upgrade, auto-remove, purge, install smbclient again, download 2019.4 kali linux and freshly installed, and failed over and over again, I felt somehow disappointed.

Running kali on a virtualbox vm and vpn from inside kali, I decied to check if my windows 10 host was blocking any “discover new devices stuff” that should/might be related with smb discovery. It wasn’t.

After trying to find any way to debug it, find logs in my machine related to it and dig deeper through internet, i read this comment:

“use kali 2017.1 for smbclient and enum4linux, 2019.4version is broken”

[source: Pentesting for n00bs: Episode 2 - Lame - YouTube ]

After downloading and installing Kali 2017.1 I was able to run a simple “smbclient -L IP” against same machine (‘LAME’).

Does somehow have any recommendations on further troubleshoot or an easiest way to know through logs that smbclient was broken on the version I was running?

Can you run the smbclient command against the “LAME” machine successfully? Please post your Linux version.

I hope this helps someone.

Thanks!

Try this mate, the fix worked for me

If you don’t want any of the additional tools edit the playbook.yml only to contain the install_custom_samba.yml task.

do you do smbclient -L 10.10.10.xxx or smbclient -L //10.10.10.xxx ? You may want to try using -m SMB3, and if all else fails, --debug-level=10

But honestly, there are so many reasons to start with a plain Ubuntu and add tools as you go, and so few for using Kali.

Well i wanted to add one thing i didn’t used smbclient at all rather than that i used smbmap that gave me /tmp

smbmap -R -H 10.10.10.3

then i used distcc exploitation to access user.txt ( which i guess was not intended way and no body did )

i personally find smbmap more useful than smbclient

You are right, I am using kali 2020 and happened the same to me.
I googled a bit and found out a way to make it work. You have to go to the smb.conf and add

client min protocol = NT1
at the end of the global section.

After that, I ran

smbclient -L \\10.10.10.3.
and it worked just fine

For those having issues on Kali 2020 scanning older SMB hosts. This might be handy

TLDR

OPEN /etc/samba/smb.conf
Go the GLOBAL section
ADD client min protocol = NT1

I used the Openvpn GUI on my Windows Desktop OS, and ran the openvpn file in terminal on my Kali VM. No issues, worked perfectly. Be surw to keep the terminal window open when using your VM.