Difference between revisions of "Nmap: enumeration smb share"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 24: | Line 24: | ||
==Contoh Hasil Output== | ==Contoh Hasil Output== | ||
| + | |||
| + | Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2016-02-11 06:17 WIB | ||
| + | Nmap scan report for 192.168.0.7 | ||
| + | Host is up (0.0085s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp open microsoft-ds | ||
| + | MAC Address: 4C:E6:76:1F:15:4C (Buffalo) | ||
| + | |||
| + | Host script results: | ||
| + | | smb-enum-shares: | ||
| + | | account_used: guest | ||
| + | | IPC$: | ||
| + | | Type: STYPE_IPC_HIDDEN | ||
| + | | Comment: IPC Service (TeraStation) | ||
| + | | Users: 1 | ||
| + | | Max Users: <unlimited> | ||
| + | | Path: C:\tmp | ||
| + | | Anonymous access: READ/WRITE | ||
| + | | Current user access: READ/WRITE | ||
| + | | share: | ||
| + | | Type: STYPE_DISKTREE | ||
| + | | Comment: | ||
| + | | Users: 0 | ||
| + | | Max Users: <unlimited> | ||
| + | | Path: C:\mnt\disk2\share | ||
| + | | Anonymous access: <none> | ||
| + | | Current user access: <none> | ||
| + | | share1: | ||
| + | | Type: STYPE_DISKTREE | ||
| + | | Comment: | ||
| + | | Users: 0 | ||
| + | | Max Users: <unlimited> | ||
| + | | Path: C:\mnt\disk1\share1 | ||
| + | | Anonymous access: <none> | ||
| + | |_ Current user access: <none> | ||
| + | |||
| + | Nmap scan report for 192.168.0.59 | ||
| + | Host is up (0.0089s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp closed microsoft-ds | ||
| + | MAC Address: 00:27:22:1E:87:F9 (Ubiquiti Networks) | ||
| + | |||
| + | Nmap scan report for 192.168.0.62 | ||
| + | Host is up (0.0089s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp filtered microsoft-ds | ||
| + | MAC Address: C4:E9:84:25:86:5D (Tp-link Technologies Co.) | ||
| + | |||
| + | Nmap scan report for 192.168.0.63 | ||
| + | Host is up (0.0088s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp closed microsoft-ds | ||
| + | MAC Address: 00:0D:FE:73:67:6D (Hauppauge Computer Works) | ||
| + | |||
| + | Nmap scan report for 192.168.0.67 | ||
| + | Host is up (0.014s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp closed microsoft-ds | ||
| + | MAC Address: 00:25:9C:8E:EA:A0 (Cisco-Linksys) | ||
| + | |||
| + | Nmap scan report for 192.168.0.70 | ||
| + | Host is up (0.21s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp closed microsoft-ds | ||
| + | MAC Address: 10:C3:7B:04:58:1B (Asustek Computer) | ||
| + | |||
| + | Nmap scan report for 192.168.0.73 | ||
| + | Host is up (0.24s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp closed microsoft-ds | ||
| + | MAC Address: AC:9E:17:CC:B2:FE (Asustek Computer) | ||
| + | |||
| + | Nmap scan report for 192.168.0.82 | ||
| + | Host is up (-0.035s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp closed microsoft-ds | ||
| + | MAC Address: E0:CB:EE:4B:D7:0A (Samsung Electronics Co.) | ||
| + | |||
| + | Nmap scan report for 192.168.0.87 | ||
| + | Host is up (0.015s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp filtered microsoft-ds | ||
| + | MAC Address: 18:83:31:61:76:C8 (Samsung Electronics Co.) | ||
| + | |||
| + | Nmap scan report for 192.168.0.94 | ||
| + | Host is up (-0.037s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp closed microsoft-ds | ||
| + | MAC Address: 00:0D:FE:73:64:CC (Hauppauge Computer Works) | ||
| + | |||
| + | Nmap scan report for 192.168.0.221 | ||
| + | Host is up (0.021s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp open microsoft-ds | ||
| + | MAC Address: 24:65:11:B4:73:E7 (AVM GmbH) | ||
| + | |||
| + | Host script results: | ||
| + | | smb-enum-shares: | ||
| + | | account_used: <blank> | ||
| + | | FRITZ.NAS: | ||
| + | | Type: STYPE_DISKTREE | ||
| + | | Comment: | ||
| + | | Users: 0 | ||
| + | | Max Users: <unlimited> | ||
| + | | Path: C:\var\media\ftp | ||
| + | | Anonymous access: <none> | ||
| + | | IPC$: | ||
| + | | Type: STYPE_IPC_HIDDEN | ||
| + | | Comment: IPC Service (FRITZ!Box) | ||
| + | | Users: 1 | ||
| + | | Max Users: <unlimited> | ||
| + | | Path: C:\var\media\ftp | ||
| + | |_ Anonymous access: READ/WRITE | ||
| + | |||
| + | Nmap scan report for 192.168.0.223 | ||
| + | Host is up (0.015s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp closed microsoft-ds | ||
| + | MAC Address: D0:04:92:19:CC:38 (Fiberhome Telecommunication Technologies Co.) | ||
| + | |||
| + | Nmap scan report for 192.168.0.101 | ||
| + | Host is up (0.000076s latency). | ||
| + | PORT STATE SERVICE | ||
| + | 445/tcp closed microsoft-ds | ||
==Referensi== | ==Referensi== | ||
* https://nmap.org/nsedoc/scripts/smb-enum-shares.html | * https://nmap.org/nsedoc/scripts/smb-enum-shares.html | ||
Revision as of 06:21, 11 February 2016
Sumber: https://nmap.org/nsedoc/scripts/smb-enum-shares.html
Script types: hostrule Categories: discovery, intrusive Download: http://nmap.org/svn/scripts/smb-enum-shares.nse
Penggunaan
Upaya untuk mencatatkan share menggunakan fungsi srvsvc.NetShareEnum Semua MSRPC dan mengambil informasi lebih banyak tentang mereka menggunakan srvsvc.NetShareGetInfo. Jika akses ke fungsi-fungsi ditolak, daftar nama share yangs sering digunakan akan diperiksa.
Menemukan share yang terbuka berguna untuk test penetrasi karena mungkin ada file pribadi bersama, atau, jika itu bisa ditulis, bisa menjadi tempat yang baik untuk menjatuhkan Trojan atau menginfeksi file yang sudah ada. Mengetahui di mana share yang bisa membuat tes semacam itu yang lebih berguna, kecuali untuk menentukan share membutuhkan hak akses administratif.
Contoh Pemakaian
nmap --script smb-enum-shares.nse -p445 <host> sudo nmap -sU -sS --script smb-enum-shares.nse -p U:137,T:139 <host>
nmap --script smb-enum-shares.nse -p445 192.168.0.0/24
Contoh Hasil Output
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2016-02-11 06:17 WIB Nmap scan report for 192.168.0.7 Host is up (0.0085s latency). PORT STATE SERVICE 445/tcp open microsoft-ds MAC Address: 4C:E6:76:1F:15:4C (Buffalo) Host script results: | smb-enum-shares: | account_used: guest | IPC$: | Type: STYPE_IPC_HIDDEN | Comment: IPC Service (TeraStation) | Users: 1 | Max Users: <unlimited> | Path: C:\tmp | Anonymous access: READ/WRITE | Current user access: READ/WRITE | share: | Type: STYPE_DISKTREE | Comment: | Users: 0 | Max Users: <unlimited> | Path: C:\mnt\disk2\share | Anonymous access: <none> | Current user access: <none> | share1: | Type: STYPE_DISKTREE | Comment: | Users: 0 | Max Users: <unlimited> | Path: C:\mnt\disk1\share1 | Anonymous access: <none> |_ Current user access: <none>
Nmap scan report for 192.168.0.59 Host is up (0.0089s latency). PORT STATE SERVICE 445/tcp closed microsoft-ds MAC Address: 00:27:22:1E:87:F9 (Ubiquiti Networks) Nmap scan report for 192.168.0.62 Host is up (0.0089s latency). PORT STATE SERVICE 445/tcp filtered microsoft-ds MAC Address: C4:E9:84:25:86:5D (Tp-link Technologies Co.) Nmap scan report for 192.168.0.63 Host is up (0.0088s latency). PORT STATE SERVICE 445/tcp closed microsoft-ds MAC Address: 00:0D:FE:73:67:6D (Hauppauge Computer Works) Nmap scan report for 192.168.0.67 Host is up (0.014s latency). PORT STATE SERVICE 445/tcp closed microsoft-ds MAC Address: 00:25:9C:8E:EA:A0 (Cisco-Linksys) Nmap scan report for 192.168.0.70 Host is up (0.21s latency). PORT STATE SERVICE 445/tcp closed microsoft-ds MAC Address: 10:C3:7B:04:58:1B (Asustek Computer) Nmap scan report for 192.168.0.73 Host is up (0.24s latency). PORT STATE SERVICE 445/tcp closed microsoft-ds MAC Address: AC:9E:17:CC:B2:FE (Asustek Computer) Nmap scan report for 192.168.0.82 Host is up (-0.035s latency). PORT STATE SERVICE 445/tcp closed microsoft-ds MAC Address: E0:CB:EE:4B:D7:0A (Samsung Electronics Co.) Nmap scan report for 192.168.0.87 Host is up (0.015s latency). PORT STATE SERVICE 445/tcp filtered microsoft-ds MAC Address: 18:83:31:61:76:C8 (Samsung Electronics Co.) Nmap scan report for 192.168.0.94 Host is up (-0.037s latency). PORT STATE SERVICE 445/tcp closed microsoft-ds MAC Address: 00:0D:FE:73:64:CC (Hauppauge Computer Works) Nmap scan report for 192.168.0.221 Host is up (0.021s latency). PORT STATE SERVICE 445/tcp open microsoft-ds MAC Address: 24:65:11:B4:73:E7 (AVM GmbH) Host script results: | smb-enum-shares: | account_used: <blank> | FRITZ.NAS: | Type: STYPE_DISKTREE | Comment: | Users: 0 | Max Users: <unlimited> | Path: C:\var\media\ftp | Anonymous access: <none> | IPC$: | Type: STYPE_IPC_HIDDEN | Comment: IPC Service (FRITZ!Box) | Users: 1 | Max Users: <unlimited> | Path: C:\var\media\ftp |_ Anonymous access: READ/WRITE Nmap scan report for 192.168.0.223 Host is up (0.015s latency). PORT STATE SERVICE 445/tcp closed microsoft-ds MAC Address: D0:04:92:19:CC:38 (Fiberhome Telecommunication Technologies Co.) Nmap scan report for 192.168.0.101 Host is up (0.000076s latency). PORT STATE SERVICE 445/tcp closed microsoft-ds