Tools
… that can be used to perform SMB enumeration.
- rpcclient
- srvinfo
- enumdomusers
- getdompwinfo
- nbtscan
- nmblookup
- enum4linux
- smbclient
- rpcclient
- samrdump.py
- ridenum.py
- nbtscan-unixwiz
- nmap
- smb-enum-domains.nse
- smb-enum-groups.nse
- smb-enum-processes.nse
- smb-enum-sessions.nse
- smb-enum-shares.nse
- smb-enum-users.nse
- smb-ls.nse
- smb-mbenum.nse
- smb-os-discovery.nse
- smb-security-mode.nse
- smbv2-enabled.nse
- Metasploit
- scanner/smb/pipe_auditor
- scanner/smb/pipe_dcerpc_auditor
- scanner/smb/smb2
- scanner/smb/smb_enum_gpp
- scanner/smb/smb_enumshares
- scanner/smb/smb_lookupsid
- Nessus (Plugins)
- Microsoft Windows SMB Service Detection
- Microsoft Windows SMB Log In Possible
- Microsoft Windows SMB NativeLanManager Remote System Information Disclosure
- Windows NetBIOS / SMB Remote Host Information Disclosure
Examples
smbclient //MOUNT/share -I target -N
smbclient -L //target |
smbclient //MOUNT/share -I target -N
smbclient -L //target
nmap -T4 -v -oA shares --script smb-enum-shares --script-args smbuser=username,smbpass=password -p445 target |
nmap -T4 -v -oA shares --script smb-enum-shares --script-args smbuser=username,smbpass=password -p445 target
nbtscan-unixwiz -f targetrange |
nbtscan-unixwiz -f targetrange
