SMB
SMB stands for Server Message Block, it is a network communication protocol used to share files, printers and other resources between network devices. It is a Microsoft proprietary protocol used in Windows operating systems.
Samba, on the other hand, is a free and open source implementation of the SMB protocol, which is mainly used on Unix and Linux based operating systems. Samba provides a way to share files and resources between network devices running different operating systems, such as Windows and Linux.
One of the tools we use for the reconnaissance phase is 'smbmap'. Smbmap is a command line tool used to enumerate shares and permissions on an SMB (Server Message Block) or Samba server. It is a very useful tool for network enumeration and for identifying potential security vulnerabilities.
Also, another tool seen in this class is 'smbclient'. Smbclient is another command line tool used to interact with SMB and Samba servers, but unlike smbmap which is mainly used for enumeration, smbclient provides a command line interface for interacting with SMB and Samba shares, allowing downloading and uploading files, executing remote commands, browsing the remote file system, among other functionalities.
Finally, another tool we use at the end of the class to enumerate the Samba service is 'Crackmapexec'. CrackMapExec (also known as CME) is a command-line penetration testing tool used to perform security audits in Active Directory environments. CME is based on the Python 'impacket' libraries and is compatible with Windows, Linux and macOS operating systems.
-
enumeration
-
list the shared resource at the system level in the work
-
connected at smb
-
uploads files
-
create mount for multiples files or folders in SMB
- dismount the files
tool crackmapexec expert in SMB only for Windows machine