-->

ABOUT US

Our development agency is committed to providing you the best service.

OUR TEAM

The awesome people behind our brand ... and their life motto.

  • Kumar Atul Jaiswal

    Ethical Hacker

    Hacking is a Speed of Innovation And Technology with Romance.

  • Kumar Atul Jaiswal

    CEO Of Hacking Truth

    Loopholes are every major Security,Just need to Understand it well.

  • Kumar Atul Jaiswal

    Web Developer

    Techonology is the best way to Change Everything, like Mindset Goal.

OUR SKILLS

We pride ourselves with strong, flexible and top notch skills.

Marketing

Development 90%
Design 80%
Marketing 70%

Websites

Development 90%
Design 80%
Marketing 70%

PR

Development 90%
Design 80%
Marketing 70%

ACHIEVEMENTS

We help our clients integrate, analyze, and use their data to improve their business.

150

GREAT PROJECTS

300

HAPPY CLIENTS

650

COFFEES DRUNK

1568

FACEBOOK LIKES

STRATEGY & CREATIVITY

Phasellus iaculis dolor nec urna nullam. Vivamus mattis blandit porttitor nullam.

PORTFOLIO

We pride ourselves on bringing a fresh perspective and effective marketing to each project.

Showing posts with label Network services. Show all posts
Showing posts with label Network services. Show all posts
  • All about smb client Network Services



    All about smb client Network Services



    Understanding SMB



    What is SMB?


    SMB - Server Message Block Protocol - is a client-server communication protocol used for sharing access to files, printers, serial ports and other resources on a network. [source] Learn about, then enumerate and exploit a variety of network services and misconfigurations.
     

    Servers make file systems and other resources (printers, named pipes, APIs) available to clients on the network. Client computers may have their own hard disks, but they also want access to the shared file systems and printers on the servers.


    The SMB protocol is known as a response-request protocol, meaning that it transmits multiple messages between the client and server to establish a connection. Clients connect to servers using TCP/IP (actually NetBIOS over TCP/IP as specified in RFC1001 and RFC1002), NetBEUI or IPX/SPX.




    How does SMB work?

    All about smb client Network Services






    Once they have established a connection, clients can then send commands (SMBs) to the server that allow them to access shares, open files, read and write files, and generally do all the sort of things that you want to do with a file system. However, in the case of SMB, these things are done over the network.



    What runs SMB?



    Microsoft Windows operating systems since Windows 95 have included client and server SMB protocol support. Samba, an open source server that supports the SMB protocol, was released for Unix systems.



    #1 What does SMB stand for?   

    Ans :- Server Message Block



    #2 What type of protocol is SMB?   

    Ans :- request-response



    #3 What do clients connect to servers using?   

    Ans :- TCP/IP



    #4 What systems does Samba run on?



    Ans :- Unix

     

    Enumerating SMB


    Lets Get Started


    Before we begin, make sure to deploy the room and give it some time to boot. Please be aware, this can take up to five minutes so be patient!




    All about smb client Network Services



    Enumeration



    Enumeration is the process of gathering information on a target in order to find potential attack vectors and aid in exploitation.


    This process is essential for an attack to be successful, as wasting time with exploits that either don't work or can crash the system can be a waste of energy. Enumeration can be used to gather usernames, passwords, network information, hostnames, application data, services, or any other information that may be valuable to an attacker.




    SMB



    Typically, there are SMB share drives on a server that can be connected to and used to view or transfer files. SMB can often be a great starting point for an attacker looking to discover sensitive information — you'd be surprised what is sometimes included on these shares.




    Port Scanning



    The first step of enumeration is to conduct a port scan, to find out as much information as you can about the services, applications, structure and operating system of the target machine. You can go as in depth as you like on this, however I suggest using nmap with the -A and -p- tags.


    -A : Enables OS Detection, Version Detection, Script Scanning and Traceroute all in one


    -p- : Enables scanning across all ports, not just the top 1000



    Enum4Linux



    Enum4linux is a tool used to enumerate SMB shares on both Windows and Linux systems. It is basically a wrapper around the tools in the Samba package and makes it easy to quickly extract information from the target pertaining to SMB. It's installed by default on Parrot and Kali, however if you need to install it, you can do so from the official github.









    The syntax of Enum4Linux is nice and simple: "enum4linux [options] ip"



    TAG            FUNCTION

    -U             get userlist
    -M             get machine list
    -N             get namelist dump (different from -U and-M)
    -S             get sharelist
    -P             get password policy information
    -G             get group and member list

    -A             all of the above (full basic enumeration)





    Types of SMB Exploit



    While there are vulnerabilities such as CVE-2017-7494 that can allow remote code execution by exploiting SMB, you're more likely to encounter a situation where the best way into a system is due to misconfigurations in the system. In this case, we're going to be exploiting anonymous SMB share access- a common misconfiguration that can allow us to gain information that will lead to a shell.



    Method Breakdown



    So, from our enumeration stage, we know:

    •     - The SMB share location
    •     - The name of an interesting SMB share



    SMBClient




    All about smb client Network Services



    Because we're trying to access an SMB share, we need a client to access resources on servers. We will be using SMBClient because it's part of the default samba suite. While it is available by default on Kali and Parrot, if you do need to install it, you can find the documentation here.


    We can remotely access the SMB share using the syntax:


    "smbclient //[IP]/[SHARE]"

    Followed by the tags:

    -U [name] : to specify the user

    -p [port] : to specify the port

    Got it? Okay, let's do this!



    I hope you liked this post, then you should not forget to share this post at all.
    Thank you so much :-)






  • WHAT WE DO

    We've been developing corporate tailored services for clients for 30 years.

    CONTACT US

    For enquiries you can contact us in several different ways. Contact details are below.

    Hacking Truth.in

    • Street :Road Street 00
    • Person :Person
    • Phone :+045 123 755 755
    • Country :POLAND
    • Email :contact@heaven.com

    Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

    Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation.