SMB services
SMB Services can lead into multiple exploit, always take a look at it
Detecting version
Use nmap
Use the metasploit module : auxiliary/scanner/smb/smb_version
Null and guest access
enum4linux -a -u "" -p "" <DC IP> && enum4linux -a -u "guest" -p "" <DC IP>
smbmap -u "" -p "" -P 445 -H <DC IP> && smbmap -u "guest" -p "" -P 445 -H <DC IP>
smbclient -U '%' -L //<DC IP> && smbclient -U 'guest%' -L //<DC_IP>
Last updated
Was this helpful?