SMBMap

LSE top 100LSE top 100SMBMap (52)SMBMap (52)

Tool and Usage

Project details

License
GPLv3
Programming language
Python
Author
Shawn Evans
Latest release
1.10.5
Latest release date

Project health

85
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

SMBMap allows scanning of file resources that are shared with the SMB protocol. The tool will list share drives, drive permissions, the share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. The tool was created for pentesters to simplify finding sensitive data, or at least test for it.

How it works

SMBMap uses the Impacket toolkit that is known for its network protocol support. In this case, it specifically uses the routines related to SMB (server message block).

Background information

To run this tool, you will need Impacket, PyASN.1, and PyCrypto.

Usage and audience

SMBMap is commonly used for data leak detection, information gathering, or penetration testing. Target users for this tool are pentesters.

Example usage and output

SMBMap - Samba Share Enumerator | Shawn Evans - ShawnDEvans@gmail.com

optional arguments:
-h, --Help show this help message and exit

Main arguments:
-H HOST IP of host
--host-file FILE File containing a list of hosts
-u USERNAME Username, if omitted null session assumed
-p PASSWORD Password or NTLM hash
-s SHARE Specify a share (default C$), ex 'C$'
-d DOMAIN Domain name (default WORKGROUP)
-P PORT SMB port (default 445)

Command Execution:
Options for executing commands on the specified host

-x COMMAND Execute a command ex. 'ipconfig /r'

Filesystem Search:
Options for searching/enumerating the filesystem of the specified host

-L List all drives on the specified host
-R [PATH] Recursively list dirs, and files (no share\path lists
ALL shares), ex. 'C$\Finance'
-r [PATH] List contents of directory, default is to list root of
all shares, ex. -r 'C$\Documents and
Settings\Administrator\Documents'
-A PATTERN Define a file name pattern (regex) that auto downloads
a file on a match (requires -R or -r), not case
sensitive, ex '(web|global).(asax|config)'
-q Disable verbose output (basically only really useful
with -A)

File Content Search:
Options for searching the content of files

-F PATTERN File content search, -F '[Pp]assword' (requies admin
access to execute commands, and powershell on victim
host)
--search-path PATH Specify drive/path to search (used with -F, default
C:\Users), ex 'D:\HR\'
[+] Reading from stdin
[+] Finding open SMB ports....
[+] User SMB session establishd...
[+] IP: 192.168.0.5:445 Name: unkown
Disk Permissions
---- -----------
ADMIN$ READ, WRITE
C$ READ, WRITE
IPC$ NO ACCESS
TMPSHARE READ, WRITE
[+] User SMB session establishd...
[+] IP: 192.168.2.50:445 Name: unkown
Disk Permissions
---- -----------
IPC$ NO ACCESS
print$ READ, WRITE
My Dirs NO ACCESS
WWWROOT_OLD NO ACCESS
ADMIN$ READ, WRITE
C$ READ, WRITE

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code of this software is available

Author and Maintainers

SMBMap is under development by Shawn Evans.

Installation

Supported operating systems

SMBMap is known to work on Linux.

Dependencies

Several dependencies are required to use SMBMap.

  • impacket
  • pyasn1
  • pycrypto

SMBMap alternatives

Similar tools to SMBMap:

63

keimpx

The keimpx security tool can be used to check for valid credentials across a network. It uses the SMB protocol, typically used on Microsoft Windows and others.

60

AIL framework

AIL is a framework to analyze potential information leaks from unstructured data sources. For example, this may include data from Pastebin and similar services.

68

S3Scanner

S3Scanner helps with the discovery of S3 storage buckets on the platform of Amazon's AWS. Learn how the tool works with this review.

All SMBMap alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Definitions

SMB
Server Message Block (SMB) is also known as Common Internet File System (CIFS). It is the network protocol that allows file sharing within Microsoft Windows. The Samba toolkit opened up this protocol to Linux and other systems, allowing them to join the conversation.

Categories

This tool is categorized as a SMB enumeration tool and data leak scanner.