Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- SMB/rtc/microsoft-ds
- smbclient -L 192.168.1.111 -U administrator -N
- -make smb fileshare login request as -U parameter without attempting password to try enumerating sharenames, servers and workgroups
- nmap -sV -p 445 --script=smb-enum-domains,smb-enum-groups,smb-enum-processes,smb-enum-sessions,smb-enum-shares,smb-enum-users 192.168.1.128
- -run nmap smb enumeration scripts
- smbclient //192.168.1.111/sharename -U administrator -N
- -try connecting samba session without known password
- smbmount "\\\\samba1\\customers" -U rtg2t -c 'mount /customers -u 500 -g 100'
- mount
- smb: \> commands
- ls -list directory files
- dir -list directory files
- cd dirname -change directory
- get filename -download file
- put filename -upload file
- nbtscan 192.168.1.0/24
- nmblookup -A 10.11.1.10
- -status return <03> is currently logged-in user
- enum4linux -a 127.0.0.1
- smbget -R smb://127.0.0.1/dir
- smbpasswd
- smbmap
- smbcontrol
- smbcacls
- smbmount //198.168.1.1/share /mnt/here -o user=uname,password=pword
- mount -t cifs -o user=uname,password=pword //198.168.1.1/share /mnt/here
- nmap -p 445 --script smb-os-discovery 192.168.1.0/24
- nmap -sV -p 445 --script smb-brute 192.168.1.101
- RPC
- rpcclient 10.11.1.1 -U=username
- getusernameAccount Name: Guest, Authority Name: TEST01
- lsaenumsidfound
- lookupsids S-1-5-21-1004336348-854245398-725345543-501
- rpcinfo -p 192.168.0.50
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement