# SMB (139,445)

### SMBmap

```
smbmap -H <target ip>
# List shares

smbmap -R Replication -H <target ip>
# List files and direcotories

smbmap -R Replication -H <target ip> -A <filename> -q
# Download files
```

### smbclient

### rpcclient

### Nmap SMB NSE Scripts

```
updatedb
locate -r '\.nse$'| xargs grep categories | grep smb
nmap --script "vuln and safe" -Pn -n -p 445 <target ip>
nmap --script smb-vuln* -p 139,445 <target ip>
```

{% embed url="<https://www.hackingarticles.in/a-little-guide-to-smb-enumeration/>" %}

{% embed url="<https://www.hackingarticles.in/smb-penetration-testing-port-445/>" %}

{% embed url="<https://www.hackingarticles.in/netbios-and-smb-penetration-testing-on-windows/>" %}

{% embed url="<https://www.hackingarticles.in/5-ways-to-hack-smb-login-password/>" %}