Description
- Server Message Block (SMB) used to share files and other resources across a network
- Samba was developed for Unix-based operating system and uses Common Internet File Systems (CIFS) network protocol and is an implementation of the SMB protocol
Port
- uses port 139 and 445
Interaction / Commands
connecting to a share
smbcluent -N -L //IP_Address
smbclient //IP_Address/share
use Remote Procedure Call (RPC) client
rpcclient -U "" IP_Address
- use samrdump.py to brute force user RIDs
- use SMBMap and CrackMapExec for enumerating SMB services
| Query | Description |
|---|---|
| srvinfo | server info |
| enumdomains | enumerate domains |
| querydominfo | domain info |
| netshareenumall | enumerate shares |
| netsharegetinfo share | info on specific share |
| enumdomusers | enumerate domain users |
| queryuser RID | info on specific user |
downloading files from SMB
get file.txt
Footprinting
sudo nmap IP_Address -sV -sC -p139, 445