Red/Blue Cheatsheet | NORI ZAMURAI
  • Introduction
  • Pentesting Cheatsheets
    • Reconnaissance
      • Other method
      • Nmap
    • Enumeration
      • DNS (53)
      • SSH (22)
      • FTP (21)
      • SMTP (25)
      • WEB (80,443)
      • POP3 (110)
      • SMB (139,445)
      • MySQL (3306)
    • Privilege Escalation
      • Linux
      • Windows
    • Shell
      • Reverse Shell
      • Upgrade Shell
      • Meterpreter
    • Password Crack
      • Hash Analysis
      • Bruteforce
    • Exploit
      • Search Exploit
      • Attacks
    • Paylaod
      • Msfvenom
    • File Transfer
    • Port Forwarding
    • Service Login and Interaction
  • Useful Commands
    • Linux Commands
    • Powershell
    • CMD
    • Python
    • Editor: Vi & Tmux
    • Metasploit
    • Powershell Empire
Powered by GitBook
On this page
  • SMBmap
  • smbclient
  • rpcclient
  • Nmap SMB NSE Scripts

Was this helpful?

  1. Pentesting Cheatsheets
  2. Enumeration

SMB (139,445)

PreviousPOP3 (110)NextMySQL (3306)

Last updated 4 years ago

Was this helpful?

SMBmap

smbmap -H <target ip>
# List shares

smbmap -R Replication -H <target ip>
# List files and direcotories

smbmap -R Replication -H <target ip> -A <filename> -q
# Download files

smbclient

rpcclient

Nmap SMB NSE Scripts

updatedb
locate -r '\.nse$'| xargs grep categories | grep smb
nmap --script "vuln and safe" -Pn -n -p 445 <target ip>
nmap --script smb-vuln* -p 139,445 <target ip>

LogoA Little Guide to SMB Enumeration - Hacking ArticlesHacking Articles
LogoSMB Penetration Testing (Port 445) - Hacking ArticlesHacking Articles
LogoNetBIOS and SMB Penetration Testing on Windows - Hacking ArticlesHacking Articles
LogoPassword Cracking:SMB - Hacking ArticlesHacking Articles