SMB Enumeration (Demo)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
7 hours 6 minutes
Difficulty
Intermediate
CEU/CPE
7
Video Transcription
00:00
Hey, everyone, welcome back to the course. So in this video, we're gonna go over brief example of SMB enumeration. So why do we care about this? Well, SMB facilitates the sharing of files and peripheral, so things like printers over the local area network. This allows us to identify
00:16
potential additional targets. So, for example, we might be able to target that printer,
00:21
and that might be the way that we gain access to the target's network.
00:24
So first things first, we're just gonna run a tool called S and B Client, and you're going to see an air message here once we run this tool. Now, with Kelly Lennox 2020 there's a setting change we need to make in our samba file
00:35
before this will actually work. So you notice we get this status connection disconnected air. So let's go ahead to our samba file and you could do this from the terminal. I just open it already here.
00:45
We wanna go under our global settings and make two entries. So we're gonna add a client men protocol and set that equal to core in all caps.
00:55
And then the second entry, we're gonna make his client Max Protocol. And we're gonna set that equal to SMB three all in caps, as you'll see depicted here on the screen
01:04
and making that minor change again. This is only for Kelly Lennox 2020 older versions of Cali. You could just run the command in his share of work just fine for you. But here in 2020 you gotta add these to your samba file. Now, if you run that same command with S and B client and we do our list
01:21
well, against the I P address is gonna ask us for a password. Doesn't matter what we type in here. Our goal is to get their message.
01:26
So just type in some random characters it enter, and then we should see what kind information we get back in the air message.
01:33
All right, so you see, we get some information about some share names and some additional information about, like, work groups with this air message.
01:40
So another tool we can use for S and B enumeration. It's called S and B map. And again, this is another tool built into Callie Lennox. So we'll start off just by typing S and B map in here. We'll take a look at the help menu for this tool, and you notice there's quite a few flags that when we can use with this tool
01:56
in this video, we're to be using two Flags Dash Capital R and Capital H.
02:01
So let's go ahead and just run SMB map. We'll do the dash R and then the dash Capital H to specify your host, Which again is just gonna be that 1. 92 168 56 102 Which again, is that medicine palatable to target machine?
02:15
And you'll see here we're able to get director information that dash capital are will give us that directory information about the target.
Up Next
Penetration Testing and Ethical Hacking

The Penetration Testing and Ethical Hacking course prepares students for certifications, like CEH. This course walks students through the process of gaining intelligence, scanning and enumerating and hacking the target.

Instructed By