smb-netbios-rpc

SMB-NETBIOS-RPC File shares

rpcinfo -s

List Shares

showmount -e

grab the file

mount -t nfs :/backup /tmp/nfs -o nolock

smbclient -N -L \

Install this for better enum4linux usability

apt-get install ldapscripts

list shares

smbclient -L 192.168.99.162

Access Share

smbclient \\192.168.30.53\WorkSharing <--access share

if you see any files of interest you can type the following

get .txt /root/Desktop/.txt

from windows, type

nbtstat -a

Linux Discovery

nbtscan -v <IP Address orr address range IE /24>

if you then see something like ELS-WINXP Unique Registered -- then there is a server or share :)

From windows, type the following this should list the shares, domains, and resources on the target

net view

This will connect to the K drive

net use K: \ net use K: \192.168.31.53\C

From linux type the following this will list the shares, domains, and resources on the target

smbclient -L 192.168.30.53

To mount from linux, type the following

mount.cifs /192.168.99.162/C /media/K_share/ user=,pass=

From windows start a null session

net use \192.168.30.53\IPC$ "" /u: ""

From linux, type the following to enumerate all smb things

enum4linux -A -v

Enumerate null user sessions.

rpcclient -N -U ""

while in RPC client command line, type the following to enumerate

enum <---then use tab completion to autocomplete, and you can choose what you do want to enumerate.

others

RPC Enumeration

/usr/share/set/src/fasttrack/rid_enum.py 192.168.91.129:36234 500 5000 /usr/share/seclists/Usernames/Names

---- Tags

smb #smbclient

Last updated 4 years ago

Was this helpful?